MNT-05.7: Separation of Maintenance Sessions
Mechanisms exist to protect maintenance sessions through replay-resistant sessions that are physically or logically separated communications paths from other network sessions.
Control Question: Does the organization protect maintenance sessions through replay-resistant sessions that are physically or logically separated communications paths from other network sessions?
General (3)
| Framework | Mapping Values |
|---|---|
| NIST 800-53 R4 | MA-4(4) |
| NIST 800-53 R5 (source) | MA-4(4) |
| NIST 800-53 R5 (NOC) (source) | MA-4(4) |
US (1)
| Framework | Mapping Values |
|---|---|
| US IRS 1075 | MA-4(4) |
Capability Maturity Model
Level 0 — Not Performed
There is no evidence of a capability to protect maintenance sessions through replay-resistant sessions that are physically or logically separated communications paths from other network sessions.
Level 1 — Performed Informally
C|P-CMM1 is N/A, since a structured process is required to protect maintenance sessions through replay-resistant sessions that are physically or logically separated communications paths from other network sessions.
Level 2 — Planned & Tracked
C|P-CMM2 is N/A, since a well-defined process is required to protect maintenance sessions through replay-resistant sessions that are physically or logically separated communications paths from other network sessions.
Level 3 — Well Defined
Maintenance (MNT) efforts are standardized across the organization and centrally managed, where technically feasible, to ensure consistency. CMM Level 3 control maturity would reasonably expect all, or at least most, the following criteria to exist:
- IT/cybersecurity personnel develop and disseminate formal practices to implement enterprise-wide capability to conduct secure and timely technology asset-specific maintenance operations, including preventative and reactionary maintenance operations.
- Technology asset-related maintenance operations are centralized in terms of change management and governance. Local/regional practices fall under the broader enterprise-wide technology asset maintenance program.
- Facilities management uses an enterprise-wide process to facilitate the secure and timely implementation of non-IT maintenance operations, including preventative and reactionary maintenance operations. Local/regional practices fall under the broader enterprise-wide facilities management program.
- A Change Control Board (CCB), or similar function, centrally manages the process of IT and non-IT maintenance operations to reduce the chance of business interruptions from maintenance operations.
Level 4 — Quantitatively Controlled
See C|P-CMM3. There are no defined C|P-CMM4 criteria, since it is reasonable to assume a quantitatively-controlled process is not necessary to protect maintenance sessions through replay-resistant sessions that are physically or logically separated communications paths from other network sessions.
Level 5 — Continuously Improving
See C|P-CMM4. There are no defined C|P-CMM5 criteria, since it is reasonable to assume a continuously-improving process is not necessary to protect maintenance sessions through replay-resistant sessions that are physically or logically separated communications paths from other network sessions.
Assessment Objectives
- MNT-05.7_A01 authenticators that are replay resistant are defined.
- MNT-05.7_A02 nonlocal maintenance sessions are protected by employing organization-defined authenticators that are replay resistant.
- MNT-05.7_A03 nonlocal maintenance sessions are protected by separating maintenance sessions from other network sessions with the system by physically separated communication paths.
- MNT-05.7_A04 nonlocal maintenance sessions are protected by logically separated communication paths.