Configure knowledge-based authentication tools in accordance with organizational standards. | Simplifying Compliance Management | UCF

Configure knowledge-based authentication tools in accordance with organizational standards.

CONTROL ID
13740

CONTROL TYPE
Configuration

CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS

This Control directly supports the implied Control(s):

Establish, implement, and maintain system hardening procedures., CC ID: 12001

This Control has the following implementation support Control(s):

Configure the session timeout for the knowledge-based authentication tool used for the identity proofing process according to organizational standards., CC ID: 13754
Configure the knowledge-based authentication tool to restart after a session timeout., CC ID: 13753
Configure the number of attempts allowed to complete the knowledge-based authentication in the knowledge-based authentication tool., CC ID: 13751

SELECTED AUTHORITY DOCUMENTS COMPLIED WITH

Verify that the application uses a single vetted authentication mechanism that is known to be secure, can be extended to include strong authentication, and has sufficient logging and monitoring to detect account abuse or breaches. (1.2.3, Application Security Verification Standard 4.0.3, 4.0.3)