← Back to catalog
AC-6(10)
Prohibit Non-privileged Users from Executing Privileged Functions
Access Control (AC)
Baselines
Low · Not includedModerate · IncludedHigh · Included
Description
Prevent non-privileged users from executing privileged functions.
Discussion
Privileged functions include disabling, circumventing, or altering implemented security or privacy controls, establishing system accounts, performing system integrity checks, and administering cryptographic key management activities. Non-privileged users are individuals who do not possess appropriate authorizations. Privileged functions that require protection from non-privileged users include circumventing intrusion detection and prevention mechanisms or malicious code protection mechanisms. Preventing non-privileged users from executing privileged functions is enforced by [AC-3](#ac-3).
Implementation guidance
No content available.
CSF 2.0 crosswalk
No CSF mappings exist for this control.