NIST SP 800-53 AC -10 - Practical example

old.reddit.com / @/u/Helontir, https://old.reddit.com/user/Helontir

Hello everyone,

I need help with the Control AC - 10 of the NIST Sp 800 -53!

Can someone explain to me with a practical example what the control intends?

As I understand it, the intention of the control is that admins in particular are only allowed to establish a limited number of sessions for example with an application?
In other words, an admin may only have a few simultaneous sessions in an ERP system?

Is this realistic in your experience? I have discussed this control with my admins and I encountered very fierce resistance...

Thank you very much!

submitted by /u/Helontir
[link] [comments]

published about 1 month ago


Previous

Did anything replace Vulnerator for the private sector?
published about 1 month ago

Next

looking for source for FIPS validated hard drives & ssds
published about 1 month ago
See all items from the same source