STIGViewer Trial workspace — loading your subscription…

NIST 800-53 Rev 5

424 controls available

AC-17(4)moderatehigh

Privileged Commands and Access

Access Control

Control Statement

Authorize the execution of privileged commands and access to security-relevant information via remote access only in a format that provides assessable evidence and for the following needs: {{ insert: param, ac-17.4_prm_1 }} ; and Document the rationale for remote access in the security plan for the system.

Discussion

Remote access to systems represents a significant potential vulnerability that can be exploited by adversaries. As such, restricting the execution of privileged commands and access to security-relevant information via remote access reduces the exposure of the organization and the susceptibility to threats by adversaries to the remote access capability.

Framework
NIST SP 800-53 Rev 5
Family
Access Control
Baselines
moderate, high

Related Frameworks

7 paths across 2 frameworks
NIST 800-1711 mapping
3.1.15
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI6 mappings
CCI-000070
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002316
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002317
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002318
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002319
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002320
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent

Related STIGs

156 STIGs reach this control through 25 CCIs. Expand a row to see the responsible NICE and O*NET roles.

Operating System — Desktop

5 STIGs

Operating System — Server

26 STIGs
Oracle Linux 8 Security Technical Implementation Guide
V2R82026-02-1310 of 375 findings match
Oracle Linux 9 Security Technical Implementation Guide
V1R52026-02-178 of 448 findings match
Show 18 more STIGs in this category →
IBM AIX 7.x Security Technical Implementation Guide
V3R22026-02-066 of 283 findings match
Anduril NixOS Security Technical Implementation Guide
V1R22025-08-193 of 103 findings match
Solaris 11 X86 Security Technical Implementation Guide
V3R52026-02-192 of 216 findings match

Operating System — Mainframe

10 STIGs
IBM z/OS ACF2 Security Technical Implementation Guide
V9R82026-03-099 of 225 findings match
IBM z/OS RACF Security Technical Implementation Guide
V9R82026-03-099 of 222 findings match
IBM z/OS TSS Security Technical Implementation Guide
V9R82026-03-099 of 230 findings match
Show 2 more STIGs in this category →

Operating System — Mobile

5 STIGs

Network Device

37 STIGs
Application Layer Gateway Security Requirements Guide
V2R32025-09-157 of 160 findings match
Cisco ASA VPN Security Technical Implementation Guide
V2R22024-08-226 of 41 findings match
Show 29 more STIGs in this category →
SDN Controller Security Requirements Guide
22024-05-283 of 34 findings match
Cisco ISE NAC Security Technical Implementation Guide
V2R32025-12-101 of 30 findings match
Domain Name System (DNS) Security Requirements Guide
V4R22025-12-191 of 119 findings match
F5 NGINX Security Technical Implementation Guide
V1R12026-01-071 of 32 findings match
Firewall Security Requirements Guide
V3R32025-09-221 of 35 findings match

Web / Application Server

21 STIGs
Web Server Security Requirements Guide
V4R42025-09-106 of 126 findings match
Application Server Security Requirements Guide
V4R42025-09-105 of 137 findings match
Show 13 more STIGs in this category →

Virtualization / Container

34 STIGs
Kubernetes Security Technical Implementation Guide
V2R62026-02-125 of 92 findings match
Virtual Machine Manager Security Requirements Guide
V2R32025-09-105 of 198 findings match
Container Platform Security Requirements Guide
V2R42025-09-103 of 188 findings match
Show 26 more STIGs in this category →

Cloud / Identity Service

1 STIG

Endpoint Security Management

12 STIGs

Productivity Application

4 STIGs

Uncategorized

1 STIG