CMMC 2.0 • LEVEL 2 • ACCESS CONTROL

AC.L2-3.1.7Least Privilege – Privileged Functions

Prevent non-privileged users from executing privileged functions. Log the execution of privileged functions.

NIST 800-171 Mapping

NIST 800-53 Controls

AC-6(9)AC-6(10)

Assessment Objectives

  • the execution of privileged functions is logged.
  • non-privileged users are prevented from executing privileged functions.

Practitioner Notes

Practitioner commentary coming soon.

Related CMMC 2.0 Practices

AC.L1-3.1.1 Account Management AC.L1-3.1.2 Access Enforcement AC.L2-3.1.3 Information Flow Enforcement AC.L2-3.1.4 Separation of Duties