The organization identifies the information system components to which privileged access is authorized for selected organization-defined vulnerability scanning activities.
No STIG checks reference this CCI.