STIGViewer Trial workspace — loading your subscription…

NIST 800-171 v2

110 security requirements available

3.5.4Derived Requirement

Identification and Authentication

Security Requirement

Employ replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts.

Discussion

Authentication processes resist replay attacks if it is impractical to successfully authenticate by recording or replaying previous authentication messages. Replay-resistant techniques include protocols that use nonces or challenges such as time synchronous or challenge-response one-time authenticators. [SP 800-63-3] provides guidance on digital identities.

Framework
NIST SP 800-171 Rev 2
Family
Identification and Authentication
Requirement Type
derived

Related Frameworks

4 paths across 2 frameworks
NIST 800-532 mappings
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI2 mappings
CCI-001941
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001942
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent

Related STIGs

242 STIGs reach this control through 33 CCIs via 800-53 control IA-2. Expand a row to see the responsible NICE and O*NET roles.

Operating System — Desktop

6 STIGs

Operating System — Server

26 STIGs
Oracle Linux 9 Security Technical Implementation Guide
V1R52026-02-1715 of 448 findings match
Amazon Linux 2023 Security Technical Implementation Guide
V1R32026-02-2713 of 187 findings match
Show 18 more STIGs in this category →
IBM AIX 7.x Security Technical Implementation Guide
V3R22026-02-067 of 283 findings match
Anduril NixOS Security Technical Implementation Guide
V1R22025-08-195 of 103 findings match
Oracle Linux 8 Security Technical Implementation Guide
V2R82026-02-135 of 375 findings match
Solaris 11 X86 Security Technical Implementation Guide
V3R52026-02-192 of 216 findings match

Operating System — Mainframe

68 STIGs
IBM z/OS TSS Security Technical Implementation Guide
V9R82026-03-0922 of 230 findings match
IBM z/OS RACF Security Technical Implementation Guide
V9R82026-03-0918 of 222 findings match
IBM z/OS ACF2 Security Technical Implementation Guide
V9R82026-03-0917 of 225 findings match
Mainframe Product Security Requirements Guide
V3R42025-09-1011 of 194 findings match
Show 60 more STIGs in this category →
CA IDMS Security Technical Implementation Guide
V2R12024-09-131 of 74 findings match

Operating System — Mobile

30 STIGs
Show 22 more STIGs in this category →

Network Device

42 STIGs
Application Layer Gateway Security Requirements Guide
V2R32025-09-157 of 160 findings match
Network Device Management Security Requirements Guide
V5R42025-09-106 of 105 findings match
Network Device Management Security Requirements Guide
V5R32025-02-116 of 104 findings match
AAA Services Security Requirements Guide
V2R22024-12-044 of 77 findings match
Show 34 more STIGs in this category →
Cisco ASA VPN Security Technical Implementation Guide
V2R22024-08-223 of 41 findings match
Domain Name System (DNS) Security Requirements Guide
V4R22025-12-193 of 119 findings match
Cisco ISE NDM Security Technical Implementation Guide
V2R32025-12-112 of 53 findings match
F5 NGINX Security Technical Implementation Guide
V1R12026-01-072 of 32 findings match
Cisco ACI NDM Security Technical Implementation Guide
V1R22025-12-111 of 26 findings match
Cisco ASA NDM Security Technical Implementation Guide
V2R42025-12-081 of 47 findings match

Database

15 STIGs
Database Security Requirements Guide
V4R52026-02-264 of 142 findings match
Show 7 more STIGs in this category →

Web / Application Server

13 STIGs

Virtualization / Container

16 STIGs
Container Platform Security Requirements Guide
V2R42025-09-1015 of 188 findings match
Virtual Machine Manager Security Requirements Guide
V2R32025-09-1012 of 198 findings match
Show 8 more STIGs in this category →

Cloud / Identity Service

3 STIGs

Endpoint Security Management

18 STIGs
Central Log Server Security Requirements Guide
V3R42026-02-1210 of 127 findings match
Tanium 7.x Security Technical Implementation Guide
V2R32025-05-144 of 98 findings match
HYCU Protege Security Technical Implementation Guide
V1R22026-03-042 of 55 findings match
Show 10 more STIGs in this category →
ISEC7 Sphere Security Technical Implementation Guide
V3R12024-08-202 of 34 findings match
BlackBerry UEM Security Technical Implementation Guide
V2R12020-12-041 of 16 findings match

Productivity Application

3 STIGs

Uncategorized

2 STIGs