last sync: 2024-Nov-25 18:54:24 UTC

Microsoft Managed Control 1307 - User Identification And Authentication | Network Access To Non-Privileged Accounts - Replay... | Regulatory Compliance - Identification and Authentication

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1307 - User Identification And Authentication | Network Access To Non-Privileged Accounts - Replay...
Id 84e622c8-4bed-417c-84c6-b2fb0dd73682
Version 1.0.1
Details on versioning
Versioning Versions supported for Versioning: 0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Identification and Authentication control
Additional metadata Name/Id: ACF1307 / Microsoft Managed Control 1307
Category: Identification and Authentication
Title: User Identification And Authentication | Network Access To Non-Privileged Accounts - Replay Resistant
Ownership: Customer, Microsoft
Description: The information system implements replay-resistant authentication mechanisms for network access to non-privileged accounts.
Requirements: Azure implements multifactor authentication using FIPS 140-2-compliant Thales smart cards for all Azure personnel. Access to the Azure production environment using the smart card solution is protected from replay attacks by the built-in Kerberos functionality of Active Directory (AD).
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-04-01 20:29:14 change Patch (1.0.0 > 1.0.1)
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC