AC-06.10: Prohibit Non-privileged Users from...

AC-06.10 · Prohibit Non-privileged Users from Executing Privileged Functions

Control Description

Prevent non-privileged users from executing privileged functions.

Impact Baselines

Security baselines where this control applies

Not in any baseline

Control Properties

SP800-53-enhancement

system

Enhancement

Control Statement

The control requirements

Prevent non-privileged users from executing privileged functions.

Supplemental Guidance

Privileged functions include disabling, circumventing, or altering implemented security or privacy controls, establishing system accounts, performing system integrity checks, and administering cryptographic key management activities. Non-privileged users are individuals who do not possess appropriate authorizations. Privileged functions that require protection from non-privileged users include circumventing intrusion detection and prevention mechanisms or malicious code protection mechanisms. Preventing non-privileged users from executing privileged functions is enforced by [AC-3](#ac-3).