CMMC Practice IA.L2-3.5.4

Replay-Resistant Authentication: Employ replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts.

Monarch ISC Guidance

Most systems today, such as Active Directory, will utilize protocols and authentication methods which prevent this type of attack. These systems use a multi-step process which involves an element of time to detect and halt the attack.

Discussion From Source

NIST SP 800-171 R2 Authentication processes resist replay attacks if it is impractical to successfully authenticate by recording or replaying previous authentication messages. Replay-resistant techniques include protocols that use nonces or challenges such as time synchronous or challenge-response one-time authenticators. NIST SP 800-63-3 provides guidance on digital identities.

References