AC$\mathrm{.}1\mathrm{.}002$ Limit information system access to the types of transactions and functions that

authorized users are permitted to execute.

AC$\mathrm{.}2\mathrm{.}007$ Employ the principle of least privilege, including for specific security functions and Level $2$ privileged accounts.

AC$\mathrm{.}2\mathrm{.}008$ Use non$-$privileged accounts or roles when accessing nonsecurity functions.

Level $2$

AC$\mathrm{.}2\mathrm{.}009$ Limit unsuccessful logon attempts.

Level $2$

AC$\mathrm{.}2\mathrm{.}010$ Use session lock with pattern$-$hiding displays to prevent access and viewing of data

Level $2$ after a period of inactivity.

AC$\mathrm{.}2\mathrm{.}011$ Authorize wireless access prior to allowing such connections.

AC$\mathrm{.}1\mathrm{.}002$ Limit information system access to the types of transactions and functions that

authorized users are permitted to execute.

AC$\mathrm{.}2\mathrm{.}007$ Employ the principle of least privilege, including for specific security functions and Level $2$ privileged accounts.

AC$\mathrm{.}2\mathrm{.}008$ Use non$-$privileged accounts or roles when accessing nonsecurity functions.

Level $2$

AC$\mathrm{.}2\mathrm{.}009$ Limit unsuccessful logon attempts.

Level $2$

AC$\mathrm{.}2\mathrm{.}010$ Use session lock with pattern$-$hiding displays to prevent access and viewing of data

Level $2$ after a period of inactivity.

AC$\mathrm{.}2\mathrm{.}011$ Authorize wireless access prior to allowing such connections.

AC$\mathrm{.}1\mathrm{.}002$ Limit information system access to the types of transactions and functions that

authorized users are permitted to execute.

AC$\mathrm{.}2\mathrm{.}007$ Employ the principle of least privilege, including for specific security functions and Level $2$ privileged accounts.

AC$\mathrm{.}2\mathrm{.}008$ Use non$-$privileged accounts or roles when accessing nonsecurity functions.

Level $2$

AC$\mathrm{.}2\mathrm{.}009$ Limit unsuccessful logon attempts.

Level $2$

AC$\mathrm{.}2\mathrm{.}010$ Use session lock with pattern$-$hiding displays to prevent access and viewing of data

Level $2$ after a period of inactivity.

AC$\mathrm{.}2\mathrm{.}011$ Authorize wireless access prior to allowing such connections. AC$\mathrm{.}3\mathrm{.}012$ Protect wireless access using authentication and encryption.

Level $3$

AC$\mathrm{.}3\mathrm{.}017$ Separate the duties of individuals to reduce the risk of malevolent activity without

Level $3$ collusion.

AC$\mathrm{.}3\mathrm{.}018$ Prevent non$-$privileged users from executing privileged functions and capture the

execution of such functions in audit logs$.$

AC$\mathrm{.}3\mathrm{.}019$ Terminate $($automatically$)$ user sessions after a defined condition.

AC$\mathrm{.}3\mathrm{.}020$ Control connection of mobile devices.

Level $3$

AC$\mathrm{.}4\mathrm{.}023$ Control information flows between security domains on connected systems.

Level $4$ AC$\mathrm{.}4\mathrm{.}025$ Periodically review and update CUI program access permissions.

Level $4$

AC$\mathrm{.}5\mathrm{.}024$ Identify and mitigate risk associated with unidentified wireless access points connected to the network.