Detections
Analytics

800-53|AC-6(3)

Title

NETWORK ACCESS TO PRIVILEGED COMMANDS

Description

The organization authorizes network access to [Assignment: organization-defined privileged commands] only for [Assignment: organization-defined compelling operational needs] and documents the rationale for such access in the security plan for the information system.

Supplemental

Network access is any access across a network connection in lieu of local access (i.e., user being physically present at the device).

Reference Item Details

Related: AC-17

Category: ACCESS CONTROL

Parent Title: LEAST PRIVILEGE

Family: ACCESS CONTROL

Baseline Impact: HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.2.4.16 Set 'Allow Remote Shell Access' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.105 WN10-CC-000037WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.190 WN16-MS-000020WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.192 WN19-MS-000020WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.192 WN22-MS-000020WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.195 WN16-MS-000310WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.196 WN19-MS-000060WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.196 WN22-MS-000060WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.212 WN10-SO-000167WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
2.2 Ensure access to sensitive site features is restricted to authenticated principals onlyWindowsCIS IIS 8.0 v1.5.1 Level 1
2.2 Ensure Access to Sensitive Site Features Is Restricted To Authenticated Principals Only - ApplicationsWindowsCIS IIS 7 L1 v1.8.0
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows 10 Enterprise v4.0.0 L1
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows 11 Enterprise v4.0.0 L1
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows 11 Stand-alone v4.0.0 L1
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Windows 10 Stand-alone v4.0.0 L1
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)WindowsCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS
2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)WindowsCIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS
2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)WindowsCIS Microsoft Windows Server 2019 v4.0.0 L1 MS
2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)WindowsCIS Windows Server 2012 MS L1 v3.0.0
2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)WindowsCIS Microsoft Windows Server 2022 v4.0.0 L1 MS
2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)WindowsCIS Microsoft Windows Server 2016 v4.0.0 L1 MS
2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)WindowsCIS Microsoft Windows Server 2025 v1.0.0 L1 MS
2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)WindowsCIS Windows Server 2012 R2 MS L1 v3.0.0
2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1
5.5 Ensure root login is restricted to system consoleUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
5.5 Ensure root login is restricted to system consoleUnixCIS SUSE Linux Enterprise Server 11 L1 v2.1.1
5.5 Ensure root login is restricted to system consoleUnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1
5.5 Ensure root login is restricted to system consoleUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
10.2 Restrict access to the web administrationUnixCIS Apache Tomcat 7 L2 v1.1.0
10.2 Restrict access to the web administrationUnixCIS Apache Tomcat 7 L2 v1.1.0 Middleware
18.3.1 Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.3.1 Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled'WindowsCIS Windows 7 Workstation Level 1 v3.2.0
18.8.7.2 Ensure 'Allow remote access to the Plug and Play interface' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 1 v3.2.0
18.8.7.2 Ensure 'Allow remote access to the Plug and Play interface' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.9.98.1 Ensure 'Allow Remote Shell Access' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 2 v3.2.0
18.9.98.1 Ensure 'Allow Remote Shell Access' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0
49.20 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Intune for Windows 11 v4.0.0 L1
49.20 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'WindowsCIS Microsoft Intune for Windows 10 v4.0.0 L1