October 2023

RMF Control AC-15: Automated Marking is a cybersecurity control that helps to protect information systems by automatically marking sensitive data. This control is important because it can help to prevent unauthorized access to sensitive data and ensure that sensitive data is handled appropriately. Automated Marking Requirements The RMF Control AC-15: Automated Marking requirements are specified …

RMF Control AC-14: PERMITTED ACTIONS WITHOUT IDENTIFICATION OR AUTHENTICATION is a cybersecurity control that helps to protect information systems by limiting the actions that can be performed without identification or authentication. This control is important because it can help to prevent unauthorized access to information systems and data. Permitted Actions Without Identification or Authentication Requirements …

RMF Control AC-13: SUPERVISION AND REVIEW — ACCESS CONTROL is a cybersecurity control that helps to ensure that access control activities are regularly supervised and reviewed to ensure their effectiveness and compliance with organizational security policies and procedures. This control is important because it can help to identify and address weaknesses in the organization’s access …

RMF Control AC-12: Session Termination is a cybersecurity control that helps to protect information systems by terminating user sessions when they are no longer needed. This control is important because it can help to prevent unauthorized access to information systems and data. Session Termination Requirements The RMF Control AC-12: Session Termination requirements are specified in …

RMF Control AC-10: Concurrent Session Control is a cybersecurity control that helps to protect information systems by limiting the number of concurrent sessions that a user can have. This control is important because it can help to prevent unauthorized access to information systems and data. Concurrent Session Control Requirements The RMF Control AC-10: Concurrent Session …

RMF Control AC-9: Previous Logon Notification is a cybersecurity control that helps to protect information systems by notifying users when their accounts were last used. This control is important because it can help users to identify and respond to unauthorized access to their accounts. Previous Logon Notification Requirements The RMF Control AC-9: Previous Logon Notification …

RMF Control AC-8: System Use Notification is a cybersecurity control that helps to protect information systems by notifying users when their accounts are being used. This control is important because it can help to identify and respond to unauthorized access to information systems and data. System Use Notification Requirements The RMF Control AC-8: System Use …

RMF Control AC-7: Unsuccessful Logon Attempts is a cybersecurity control that helps to protect information systems by limiting the number of unsuccessful logon attempts that a user is allowed to make. This control is important because it can help to prevent unauthorized access to information systems and data. Unsuccessful Logon Attempts Requirements The RMF Control …

RMF Control AC-6: Least Privilege is a cybersecurity control that helps to protect information systems by ensuring that users only have the access they need to perform their job duties. This control is important because it can help to reduce the risk of unauthorized access, accidental or malicious misuse of access privileges, and the impact …