CMMC 1.0 Practice AC.3.018 Requirement:
Prevent non-privileged users from executing privileged functions and capture the execution of such functions in audit logs.
CMMC 1.0 AC.3.018 Requirement Explanation:
By limiting privileged functions such as being able to change system settings, modify logs, and install software you reduce cyber risk. By capturing logs on the execution of privileged functions you can identify policy violations and malicious activity.
Example CMMC 1.0 AC.3.018 Implementation:
Only employees responsible for administering, securing, and auditing your systems should have privileged accounts. All other employees should be given non-privileged accounts. Configure your systems to collect logs on the execution of privileged functions such as changes to system settings and the installation of software.
CMMC 1.0 AC.3.018 Scenario(s):
- Scenario 1:
Most of your employees only need to use email and Microsoft office software to complete their assigned duties. These do not require them to execute privileged functions such as installing software or changing system settings. As a result, you revoke their local admin rights.
Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:
Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.
Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.
Supply Chain Verifier
Trust is everything. Verify, monitor, and support subcontactor compliance.