RA-05(05)—Vulnerability Monitoring and Scanning | Privileged Access
Moderate
Core Control
>Control Description
Implement privileged access authorization to ⚙organization-defined system components for ⚙organization-defined vulnerability scanning activities.
>Discussion
In certain situations, the nature of the vulnerability scanning may be more intrusive, or the system component that is the subject of the scanning may contain classified or controlled unclassified information, such as personally identifiable information. Privileged access authorization to selected system components facilitates more thorough vulnerability scanning and protects the sensitive nature of such scanning.
>Cross-Framework Mappings
Ask AI
Configure your API key to use AI features.