Control and monitor user-installed software.
Establish and maintain an authoritative source and repository to provide a trusted source and accountability for approved and implemented system components.
Employ automated mechanisms to detect misconfigured or unauthorized system components; after detection, remove the components or place the components in a quarantine or remediation network to facilitate patching, re-configuration, or other mitigations.
Employ automated discovery and management tools to maintain an up-to-date, complete, accurate, and readily available inventory of system components.
Identify information system users, processes acting on behalf of users, or devices.
Authenticate (or verify) the identities of those users, processes, or devices, as a prerequisite to allowing access to organizational information systems.
Identify system users, processes acting on behalf of users, and devices.
Authenticate (or verify) the identities of users, processes, or devices, as a prerequisite to allowing access to organizational systems.
Use multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts.
Employ replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts.
Passcode