STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← AC-3 (4) — Discretionary Access Control

CCI-003638

Definition

Enforce organization-defined discretionary access control policies over defined subjects and objects where the policy specifies that a subject that has been granted access to information can pass the information to any other subjects or objects.

Parent Control

AC-3 (4)Discretionary Access ControlAccess Control

Linked STIG Checks (4)

V-272627CAT IIICylanceON-PREM must be configured to use a third-party identity provider.Arctic Wolf CylanceON-PREM Security Technical Implementation GuideV-276005CAT IIAx-OS must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.Axonius Federal Systems Ax-OS Security Technical Implementation GuideV-279970CAT IIThe DNS implementation must enforce a Discretionary Access Control (DAC) policy that limits propagation of access rights.Domain Name System (DNS) Security Requirements GuideV-269581CAT IIXylok Security Suite must not allow local user or groups.Xylok Security Suite 20.x Security Technical Implementation Guide