03.07.04: Nonlocal Maintenance
Control Familly: Maintenance
SPRS: N/A
Top Ten Failed Requirement: N/A
Supporting Publications:
SP 800-63-3 [27]
SP 800-88 [50]
Referenced in: N/A
Control Type: N/A
CPCSC Level 2: 03.07.05
CMMC Level(s): N/A
Derived From: NIST SP 800-53r5
MA-04
a. Approve and monitor nonlocal maintenance and diagnostic activities.
b. Implement multi-factor authentication and replay resistance in the establishment of nonlocal maintenance and diagnostic sessions.
c. Terminate session and network connections when nonlocal maintenance is completed.
Discussion:
Nonlocal maintenance and diagnostic activities are conducted by individuals who communicate through an external or internal network. Local maintenance and diagnostic activities are carried out by individuals who are physically present at the location of the system and not communicating across a network connection. Authentication techniques used to establish nonlocal maintenance and diagnostic sessions reflect the requirements in 03.05.01.
Assessment Methods and Objectives
Examine [SELECT FROM: maintenance policy and procedures; remote access policy and procedures; procedures for nonlocal system maintenance; records of remote access; maintenance records; diagnostic records; system design documentation; system configuration settings; system security plan; other relevant documents or records]
Interview [SELECT FROM: personnel with system maintenance responsibilities; personnel with information security responsibilities; system administrators]
Test [SELECT FROM: processes for managing nonlocal maintenance; mechanisms for implementing, supporting, or managing nonlocal maintenance; mechanisms for implementing multi-factor authentication and replay resistance; mechanisms for terminating nonlocal maintenance sessions and network connections]
NIST SP 800-171A r3 Determining Statements Determine if:
A.03.07.05.a[01]: nonlocal maintenance and diagnostic activities are approved.
A.03.07.05.a[02]: nonlocal maintenance and diagnostic activities are monitored.
A.03.07.05.b[01]: multi-factor authentication is implemented in the establishment of nonlocal maintenance and diagnostic sessions.
A.03.07.05.b[02]: replay resistance is implemented in the establishment of nonlocal maintenance and diagnostic sessions.
A.03.07.05.c[01]: session connections are terminated when nonlocal maintenance is completed.
A.03.07.05.c[02]: network connections are terminated when nonlocal maintenance is completed.
The Security Requirements
NIST SP 800-171r3 (USA) & ITSP.10.171 (Canada)
3.5. Identification and Authentication
3.12. Security Assessment and Monitoring
3.13. System and Communications Protection
3.14. System and Information Integrity
3.16. System and Services Acquisition
3.17. Supply Chain Risk Management
CMMC 3.0 - N/A
CPCSC - N/A