CMMC Practice IA.L2-3.5.4

Employ replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts.

Bold Coast Security Guidance

Most systems today, such as Active Directory, will utilize protocols and authentication methods which prevent this type of attack. These systems use a multi-step process which involves an element of time to detect and halt the attack.
Security Catapult

Be prepared for CMMC

Our Q&A assessment tool is designed by security advisors for MSPs and DoD contractors of all sizes.

Try now for free

Understand your gaps
Security Catapult

Understand your gaps

See compliance gaps, compliance scores and proactive security tasks in a single interface.

Try now for free

Validate NIST SP 800-171
Security Catapult

Validate NIST SP 800-171

Based on your CMMC answers, we let you know where you stand on NIST.

Try now for free

Build a plan of action
Security Catapult

Build a plan of action

Track your burn down and stay on top of security needs.

Try now for free

Build your policy
Security Catapult

Build your policy

Say goodbye to maintaining a security policy. We do it for you.

Try now for free

Discussion From Source

DRAFT NIST SP 800-171 R2 Authentication processes resist replay attacks if it is impractical to successfully authenticate by recording or replaying previous authentication messages . Replay-resistant techniques include protocols that use nonces or challenges such as time synchronous or challenge-response one-time authenticator.

References