IA.L2-3.5.4 Replay-Resistant Authentication

This document provides assessment guidance for conducting Cybersecurity Maturity Model Certification (CMMC) assessments for Level 2.

The Approved Products List (APL) provides federal agencies with products and services that have been approved for FICAM implementation based on rigorous security vulnerability and interoperability testing performed by the FIPS 201 Evaluation Program.

This guide covers how to install and remove Active Directory Domain Services (AD DS) in Windows Server 2012 and important issues to be aware of when you add new domain controllers to an existing Active Directory environment.

This link provides more information about using directory services within RedHat.

This document shows how to improve the security of a network through the use of authentication applications.

This document provides a study of a unique class of attack and several methods attempting to prevent attacks of a kind.

In this edition of the On Call Compliance Solutions Compliance Tip of the Week, we focus on how authentication processes resist replay attacks if it is impractical to successfully authenticate by recording or replaying previous authentication messages. Replay-resistant techniques include protocols that use nonces or challenges such as time-synchronous or challenge-response one-time authenticators. Let’s talk about NIST 800-171 Control 3.5.4 Employ replay-resistant authentication mechanisms for network access to privileged and nonprivileged accounts.