V4.3 — Other Access Control Considerations
Other Access Control Considerations: 3 L3 requirement(s). V4.3.1: Verify administrative interfaces use appropriate multi-factor authentication to prevent unauthorized use. V4.3.2: Verify that directory browsing is disabled unless deliberately desired. Additionally, applications should not allow disc... V4.3.3: Verify the application has additional authorization (such as step up or adaptive authentication) for lower value systems...
| Property | Value |
|---|---|
| Section | V4.3 |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-HARD-03 | Network Segmentation (Separate Server Ports) |
| SID-ACCESS-01 | Multi-Tenant Isolation |
Source: OWASP Application Security Verification Standard 4.0.3