New pages

Jump to navigation Jump to search
New pages
Hide registered users | Hide bots | Show redirects
(newest | oldest) View (newer 50 | ) (20 | 50 | 100 | 250 | 500)

30 April 2025

  • 02:3102:31, 30 April 2025 LLMResponse AC.L2-3.1.4.c (hist | edit) [2,710 bytes] David (talk | contribs) (Created page with "Ranking Evidence Types for Assessment Objective [c] For the assessment objective "[c] access privileges that enable individuals to exercise the duties that require separation are granted to separate individuals," here's the ranking of evidence types supported by assessment objects: == Evidence Type Ranking == 1. **Artifacts (highest value)** - System access authorization records showing privilege distribution - Access control lists demonstrating separation of pr...")
  • 02:3002:30, 30 April 2025 LLMResponse AC.L2-3.1.4.b (hist | edit) [2,553 bytes] David (talk | contribs) (Created page with "Ranking Evidence Types for Assessment Objective [b] For the assessment objective "[b] responsibilities for duties that require separation are assigned to separate individuals," here's the ranking of evidence types supported by assessment objects: == Evidence Type Ranking == 1. **Artifacts (highest value)** - User account listings with role assignments - System access authorizations showing different individuals assigned to separated duties - Access control ma...")
  • 02:2902:29, 30 April 2025 LLMResponse AC.L2-3.1.4.a (hist | edit) [2,368 bytes] David (talk | contribs) (Created page with "Ranking Evidence Types for Assessment Objective [a] For the assessment objective "[a] the duties of individuals requiring separation are defined," I'll rank the evidence types supported by assessment objects from most to least valuable: == Evidence Type Ranking == 1. **Documents (highest value)** - Access control policy documents - Written procedures addressing divisions of responsibility and separation of duties - System security plan with defined separation...")
  • 02:2802:28, 30 April 2025 LLMPrompt AC.L2-3.1.4.c (hist | edit) [305 bytes] David (talk | contribs) (Created page with "For the assessment objective, [c] access privileges that enable individuals to exercise the duties that require separation are granted to separate individuals, rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 02:2802:28, 30 April 2025 LLMPrompt AC.L2-3.1.4.b (hist | edit) [269 bytes] David (talk | contribs) (Created page with "For the assessment objective, [b] responsibilities for duties that require separation are assigned to separate individuals, rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 02:2702:27, 30 April 2025 LLMPrompt AC.L2-3.1.4.a (hist | edit) [239 bytes] David (talk | contribs) (Created page with "For the assessment objective, [a] the duties of individuals requiring separation are defined, rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 02:2502:25, 30 April 2025 LLMPrompt AC.L2-3.1.4 (hist | edit) [6,442 bytes] David (talk | contribs) (Created page with "I am a cybersecurity manager working for an organization that is a DoD contractor. I need to implement various security practices that conform to DoD's CMMC program at level 2. The CMMC program stipulates security practices that are based on NIST Special Publication 800-171 R2. For each security practice of CMMC Level 2, I need to show evidence that my organization is in compliance with CMMC. Each security practice has a security requirement and several assessment object...")
  • 02:1802:18, 30 April 2025 LLMResponse AC.L2-3.1.3.e (hist | edit) [2,315 bytes] David (talk | contribs) (Created page with "Ranking Evidence Types for Enforcement of CUI Flow Authorizations For assessment objective [e] "approved authorizations for controlling the flow of CUI are enforced," here's my ranking of evidence types based on the CMMC assessment objects: == Evidence Type Ranking == 1. **Technical Testing Evidence (Highest Priority)** - Results from testing mechanisms implementing information flow enforcement policy - Configuration screenshots of boundary protection devices...")
  • 02:1702:17, 30 April 2025 LLMResponse AC.L2-3.1.3.d (hist | edit) [2,287 bytes] David (talk | contribs) (Created page with "Ranking Evidence Types for CUI Flow Authorizations For assessment objective [d] "authorizations for controlling the flow of CUI are defined," here's my ranking of evidence types based on the CMMC assessment objects: == Evidence Type Ranking == 1. **Documentation (Highest Priority)** - List of information flow authorizations - Access control policy sections on authorization requirements - System connection or processing agreements - System security plan se...")
  • 02:1602:16, 30 April 2025 LLMResponse AC.L2-3.1.3.c (hist | edit) [2,382 bytes] David (talk | contribs) (Created page with "Ranking Evidence Types for Designated Sources and Destinations For assessment objective [c] "designated sources and destinations (e.g., networks, individuals, and devices) for CUI within the system and between interconnected systems are identified," here's my ranking of evidence types based on the CMMC assessment objects: == Evidence Type Ranking == 1. **Documentation (Highest Priority)** - Network diagrams showing CUI flow paths - System design documentation id...")
  • 02:1402:14, 30 April 2025 LLMResponse AC.L2-3.1.3.b (hist | edit) [2,127 bytes] David (talk | contribs) (Created page with "Ranking Evidence Types for Methods and Enforcement Mechanisms For assessment objective [b] "methods and enforcement mechanisms for controlling the flow of CUI are defined," here's how I rank the evidence types based on the CMMC assessment objects: == Evidence Type Ranking == 1. **Documentation (High Priority)** - System design documentation showing flow control mechanisms - Configuration settings and associated documentation - Information flow control policie...")
  • 02:1302:13, 30 April 2025 LLMResponse AC.L2-3.1.3.a (hist | edit) [1,938 bytes] David (talk | contribs) (Created page with "Ranking Evidence Types for Information Flow Control Policies For assessment objective [a] "information flow control policies are defined," I'll rank the evidence types from most to least important based on the assessment objects in the CMMC documentation: == Evidence Type Ranking == 1. **Documentation (Highest Priority)** - Access control policy documents - Information flow control policy documentation - System security plan sections on information flow -...")
  • 02:1102:11, 30 April 2025 LLMPrompt AC.L2-3.1.3.e (hist | edit) [249 bytes] David (talk | contribs) (Created page with "For the assessment objective, [e] approved authorizations for controlling the flow of CUI are enforced, rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 02:1102:11, 30 April 2025 LLMPrompt AC.L2-3.1.3.d (hist | edit) [239 bytes] David (talk | contribs) (Created page with "For the assessment objective, [d] authorizations for controlling the flow of CUI are defined, rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 02:1102:11, 30 April 2025 LLMPrompt AC.L2-3.1.3.c (hist | edit) [335 bytes] David (talk | contribs) (Created page with "For the assessment objective, [c] designated sources and destinations (e.g., networks, individuals, and devices) for CUI within the system and between interconnected systems are identified, rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 02:1002:10, 30 April 2025 LLMPrompt AC.L2-3.1.3.b (hist | edit) [259 bytes] David (talk | contribs) (Created page with "For the assessment objective, [b] methods and enforcement mechanisms for controlling the flow of CUI are defined, rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 02:1002:10, 30 April 2025 LLMPrompt AC.L2-3.1.3.a (hist | edit) [226 bytes] David (talk | contribs) (Created page with "For the assessment objective, [a] information flow control policies are defined, rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 02:1002:10, 30 April 2025 LLMPrompt AC.L2-3.1.3 (hist | edit) [10,083 bytes] David (talk | contribs) (Created page with "I am a cybersecurity manager working for an organization that is a DoD contractor. I need to implement various security practices that conform to DoD's CMMC program at level 2. The CMMC program stipulates security practices that are based on NIST Special Publication 800-171 R2. For each security practice of CMMC Level 2, I need to show evidence that my organization is in compliance with CMMC. Each security practice has a security requirement and several assessment object...")
  • 01:5601:56, 30 April 2025 LLMResponse AC.L2-3.1.2.b (hist | edit) [2,187 bytes] David (talk | contribs) (Created page with "For assessment objective [b] - determining if "system access is limited to the defined types of transactions and functions for authorized users," I recommend the following prioritization of evidence types and assessment approaches: ### Evidence Types (ranked) 1. **Artifacts** - Highest priority - Access control implementation records - System logs showing access attempts (approved and denied) - Screenshots of permission settings in production systems - Outp...")
  • 01:5601:56, 30 April 2025 LLMResponse AC.L2-3.1.2.a (hist | edit) [2,314 bytes] David (talk | contribs) (Created page with "Based on your document, I'll help you prioritize evidence types for assessing objective [a] under the AC.L2-3.1.2 practice "Transaction & Function Control." This objective aims to determine if "the types of transactions and functions that authorized users are permitted to execute are defined." For this specific assessment objective, I recommend prioritizing the evidence types in the following order: 1. **Artifacts** - Highest priority - Documentation defining user r...")
  • 01:5101:51, 30 April 2025 LLMPrompt AC.L2-3.1.2.b (hist | edit) [277 bytes] David (talk | contribs) (Created page with "For the assessment objective, [b] system access is limited to the defined types of transactions and functions for authorized users, rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 01:5001:50, 30 April 2025 LLMPrompt AC.L2-3.1.2.a (hist | edit) [279 bytes] David (talk | contribs) (Created page with "For the assessment objective, [a] the types of transactions and functions that authorized users are permitted to execute are defined, rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 01:5001:50, 30 April 2025 LLMPrompt AC.L2-3.1.2 (hist | edit) [6,124 bytes] David (talk | contribs) (Created page with "I am a cybersecurity manager working for an organization that is a DoD contractor. I need to implement various security practices that conform to DoD's CMMC program at level 2. The CMMC program stipulates security practices that are based on NIST Special Publication 800-171 R2. For each security practice of CMMC Level 2, I need to show evidence that my organization is in compliance with CMMC. Each security practice has a security requirement and several assessment object...")
(newest | oldest) View (newer 50 | ) (20 | 50 | 100 | 250 | 500)
Retrieved from "https://cmmcwiki.org/index.php/Special:NewPages"