IA.L2-3.5.4 Replay-Resistant Authentication

CMMC Practice IA.L2-3.5.4 – Replay-Resistant Authentication: Employ replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts.

Links to Publicly Available Resources

CMMC CLARIFICATION (Ref CMMC – Appendix B)

When insecure protocols are used for access to computing resources there is the potential for an adversary to perform a man-in-the-middle attack and capture the information that permitted a staff member to login. As part of a defense-in-depth strategy it is important to use mechanisms that are resilient to the adversary reusing the captured information and gaining access to the computing resources.