Prevent Flashcards
PR.AC-1
Identities and credentials are managedfor authorized devices and users
PR.AC-2
Physical access to assets is managed and protected
PR.AC-3
Remote access is managed
PR.AC-4
Access permissions are managed, incorporating the principles of least privilege and separation of duties
PR.AC-5
Network integrity is protected, incorporating network segregation where appropriate
PR.AT-1
All users are informed and trained
PR.AT-2
Privileged users understand roles & responsibilities
PR.AT-3
Third-party stakeholders (e.g., suppliers, customers, partners) understand roles & responsibilities
PR.AT-4
Senior executives understand roles & responsibilities
PR.AT-5
Physical and information security personnel understand roles & responsibilities
PR.DS-1
Data-at-rest is protected
PR.DS-2
Data-in-transit is protected
PR.DS-3
Assets are formally managed throughout removal, transfers, and disposition
PR.DS-4
Adequate capacity to ensure availability is maintained
PR.DS-5
Protections against data leaks are implemented