IAC-04
Identification & Authentication for Devices
Description
Mechanisms exist to uniquely identify and centrally Authenticate, Authorize and Audit (AAA) devices before establishing a connection using bidirectional authentication that is cryptographically- based and replay resistant.
Control Question
Does the organization uniquely identify and centrally Authenticate, Authorize and Audit (AAA) devices before establishing a connection using bidirectional authentication that is cryptographically- based and replay resistant?
Control Metadata
Domain:
Identification & Authentication
Validation Cadence:
Annual
Evidence Request List:
E-IAM-05 E-IAM-06