SC-02(01) Interfaces for Non-privileged Users
Prevent the presentation of system management functionality at interfaces to non-privileged users.
Baselines
- L
- M
- H
- P
Guidance
Preventing the presentation of system management functionality at interfaces to non-privileged users ensures that system administration options, including administrator privileges, are not available to the general user population. Restricting user access also prohibits the use of the grey-out option commonly used to eliminate accessibility to such information. One potential solution is to withhold system administration options until users establish sessions with administrator privileges.
Related controls 1
- AC-03 Access Enforcement L M H P