Overview
  1. 03.01: Access Control
  2. 03.02: Awareness and Training
  3. 03.03: Audit and Accountability
  4. 03.04: Configuration Management
  5. 03.05: Identification and Authentication
  6. 03.06: Incident Response
  7. 03.07: Maintenance
  8. 03.08: Media Protection
  9. 03.09: Personnel Security
  10. 03.10: Physical Protection
  11. 03.11: Risk Assessment
  12. 03.12: Security Assessment
  13. 03.13: System and Communications Protection
  14. 03.14: System and Information Integrity

Requirements for 03.05: Identification and Authentication

Requirements from NIST 800-171 R2
  1. 03.05.01: Identification
  2. 03.05.02: Authentication
  3. 03.05.03: Multifactor Authentication
  4. 03.05.04: Replay-Resistant Authentication
  5. 03.05.05: Identifier Reuse
  6. 03.05.06: Identifier Handling
  7. 03.05.07: Password Complexity
  8. 03.05.08: Password Reuse
  9. 03.05.09: Temporary Passwords
  10. 03.05.10: Cryptographically-Protected Passwords
  11. 03.05.11: Obscure Feedback