CMMC Practice AC.3.021: Authorize remote execution of privileged commands and remote access to security-relevant information.
CMMC CLARIFICATION (Ref CMMC – Appendix B)
Privileged users need to execute commands with elevated privileges. But not all privilegedusers are allowed to perform these functions from a remote location, and not all privileged commands can be executed remotely. You must document which user roles have permissions to remotely execute privileged commands to make changes and to access security relevant information. In addition, you must document which administrative functions can be executed remotely. This documentation must be used to establish security mechanisms that enforce the policy.