| AC-1 |
ACCESS CONTROL POLICY AND PROCEDURES |
Inherited and compliant |
| AC-2 |
ACCOUNT MANAGEMENT |
Deployer Responsibility |
| AC-3 |
ACCESS ENFORCEMENT |
Compliant |
| AC-4 |
INFORMATION FLOW ENFORCEMENT |
Compliant |
| AC-5 |
SEPARATION OF DUTIES |
Deployer Responsibility |
| AC-6 |
LEAST PRIVILEGE |
Deployer Responsibility |
| AC-7 |
UNSUCCESSFUL LOGON ATTEMPTS |
Inherited |
| AC-8 |
SYSTEM USE NOTIFICATION |
Compliant |
| AC-9 |
PREVIOUS LOGON (ACCESS) NOTIFICATION |
Inherited |
| AC-10 |
CONCURRENT SESSION CONTROL |
Not required for FISMA moderate |
| AC-11 |
SESSION LOCK |
Inherited |
| AC-12 |
SESSION TERMINATION |
Compliant |
| AC-14 |
PERMITTED ACTIONS WITHOUT IDENTIFICATION OR AUTHENTICATION |
Compliant |
| AC-16 |
SECURITY ATTRIBUTES |
P0, so not required for FISMA Moderate |
| AC-17 |
REMOTE ACCESS |
Inherited and Compliant |
| AC-18 |
WIRELESS ACCESS |
Compliant |
| AC-19 |
ACCESS CONTROL FOR MOBILE DEVICES |
Not Applicable to Tanzu Application Service |
| AC-20 |
USE OF EXTERNAL INFORMATION SYSTEMS |
Deployer Responsibility |
| AC-21 |
INFORMATION SHARING |
Inherited and Compliant |
| AC-22 |
PUBLICLY ACCESSIBLE CONTENT |
Inherited and Compliant |
| AC-23 |
DATA MINING PROTECTION |
P0, so not required for FISMA Moderate |
| AC-24 |
ACCESS CONTROL DECISIONS |
P0, so not required for FISMA Moderate |
| AC-25 |
REFERENCE MONITOR |
P0, so not required for FISMA Moderate |
