New pages

Jump to navigation Jump to search
New pages
Hide registered users | Hide bots | Hide redirects
(newest | oldest) View ( | ) (20 | 50 | 100 | 250 | 500)

2 April 2025

  • 03:5603:56, 2 April 2025 LLMResponse MA.L2-3.7.2.c (hist | edit) [3,068 bytes] David (talk | contribs) (Created page with "I'll help you determine the most effective approach for collecting evidence and evaluating assessment objective "[c] mechanisms used to conduct system maintenance are controlled" in practice MA.L2-3.7.2. == Ranking Evidence Types for Assessment Objective [c] == Based on the CMMC Assessment Guide and the assessment objects you provided, I would rank the evidence types for this objective as follows: 1. **Artifacts** - Most valuable because they demonstrate actual implem...")
  • 03:5503:55, 2 April 2025 LLMPrompt MA.L2-3.7.2.c (hist | edit) [242 bytes] David (talk | contribs) (Created page with "For the assessment objective "[c] mechanisms used to conduct system maintenance are controlled," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?"")
  • 03:5203:52, 2 April 2025 LLMResponse MA.L2-3.7.2.b (hist | edit) [3,111 bytes] David (talk | contribs) (Created page with "I'll help you determine the most effective approach for collecting evidence and evaluating assessment objective "[b] techniques used to conduct system maintenance are controlled" in practice MA.L2-3.7.2. == Ranking Evidence Types for Assessment Objective [b] == Based on the CMMC Assessment Guide and the assessment objects you provided, I would rank the evidence types for this objective as follows: 1. **Documents** - Most valuable because they establish the framework f...")
  • 03:5103:51, 2 April 2025 LLMPrompt MA.L2-3.7.2.b (hist | edit) [242 bytes] David (talk | contribs) (Created page with "For the assessment objective "[b] techniques used to conduct system maintenance are controlled," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?"")
  • 03:2503:25, 2 April 2025 LLMResponse MA.L2-3.7.2.a (hist | edit) [2,766 bytes] David (talk | contribs) (Created page with "I'll help you determine the most effective approach for collecting evidence and evaluating assessment objective "[a] tools used to conduct system maintenance are controlled" in practice MA.L2-3.7.2. == Ranking Evidence Types for Assessment Objective [a] == Based on the CMMC Assessment Guide and the assessment objects you provided, I would rank the evidence types for this objective as follows: 1. **Artifacts** - Most valuable because they demonstrate actual implementat...")
  • 03:2403:24, 2 April 2025 LLMPrompt MA.L2-3.7.2.a (hist | edit) [237 bytes] David (talk | contribs) (Created page with "For the assessment objective "[a] tools used to conduct system maintenance are controlled," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?"")
  • 03:2403:24, 2 April 2025 LLMPrompt MA.L2-3.7.2 (hist | edit) [6,766 bytes] David (talk | contribs) (Created page with "I am a cybersecurity manager working for an organization that is a DoD contractor. I need to implement various security practices that conform to DoD's CMMC program at level 2. The CMMC program stipulates security practices that are based on NIST Special Publication 800-171 R2. For each security practice of CMMC Level 2, I need to show evidence that my organization is in compliance with CMMC. Each security practice has a security requirement and several assessment object...")
  • 02:5202:52, 2 April 2025 LLMResponse MA.L2-3.7.1.a (hist | edit) [2,374 bytes] David (talk | contribs) (Created page with "I'll help you prioritize your assessment approaches and evidence types for the MA.L2-3.7.1 requirement. Based on the CMMC Level 2 Assessment Guide and the specifics of this security practice, here's my recommendation: == Assessment Approaches Priority == 1. **Examine** - This should be your first approach because system maintenance documentation provides foundational evidence of your maintenance program. Examining maintenance records, policies, and schedules will show...")
  • 02:5102:51, 2 April 2025 LLMPrompt MA.L2-3.7.1.a (hist | edit) [213 bytes] David (talk | contribs) (Created page with "For the assessment objective "[a] system maintenance is performed," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?"")
  • 02:5002:50, 2 April 2025 LLMPrompt MA.L2-3.7.1 (hist | edit) [5,669 bytes] David (talk | contribs) (Created page with "I am a cybersecurity manager working for an organization that is a DoD contractor. I need to implement various security practices that conform to DoD's CMMC program at level 2. The CMMC program stipulates security practices that are based on NIST Special Publication 800-171 R2. For each security practice of CMMC Level 2, I need to show evidence that my organization is in compliance with CMMC. Each security practice has a security requirement and several assessment object...")

28 March 2025

  • 04:4804:48, 28 March 2025 LLMResponse AC.L2-3.1.1.f (hist | edit) [3,349 bytes] David (talk | contribs) (Created page with "== Evidence Types and Assessment Approaches for AC.L2-3.1.1 Assessment Objective [f] == === Ranking of Evidence Types for Assessment Objective [f] === For the assessment objective "[f] system access is limited to authorized devices (including other systems)," I recommend prioritizing evidence types in this order: 1. **Artifacts**: These provide the strongest evidence for this device-focused objective, including: - Network access control system logs showing blocked...")
  • 04:4804:48, 28 March 2025 LLMPrompt AC.L2-3.1.1.f (hist | edit) [320 bytes] David (talk | contribs) (Created page with "Using the previous conversations on the practice AC.L2-3.1.1 and for the assessment objective, "[f] system access is limited to authorized devices (including other systems)," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 04:4704:47, 28 March 2025 LLMResponse AC.L2-3.1.1.e (hist | edit) [2,970 bytes] David (talk | contribs) (Created page with "== Evidence Types and Assessment Approaches for AC.L2-3.1.1 Assessment Objective [e] == === Ranking of Evidence Types for Assessment Objective [e] === For the assessment objective "[e] system access is limited to processes acting on behalf of authorized users," I recommend prioritizing evidence types in this order: 1. **Artifacts**: These provide the strongest evidence for this process-focused objective, including: - System logs showing process execution with user...")
  • 04:4704:47, 28 March 2025 LLMPrompt AC.L2-3.1.1.e (hist | edit) [322 bytes] David (talk | contribs) (Created page with "Using the previous conversations on the practice AC.L2-3.1.1 and for the assessment objective, "[e] system access is limited to processes acting on behalf of authorized users," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 04:4704:47, 28 March 2025 LLMResponse AC.L2-3.1.1.d (hist | edit) [3,132 bytes] David (talk | contribs) (Created page with "== Evidence Types and Assessment Approaches for AC.L2-3.1.1 Assessment Objective [d] == === Ranking of Evidence Types for Assessment Objective [d] === For the assessment objective "[d] system access is limited to authorized users," I recommend prioritizing evidence types in this order: 1. **Artifacts**: These provide the strongest evidence for this control-focused objective, including: - System login attempt logs showing rejected unauthorized access attempts - A...")
  • 04:4604:46, 28 March 2025 LLMPrompt AC.L2-3.1.1.d (hist | edit) [292 bytes] David (talk | contribs) (Created page with "Using the previous conversations on the practice AC.L2-3.1.1 and for the assessment objective, "[d] system access is limited to authorized users," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 04:4504:45, 28 March 2025 LLMResponse AC.L2-3.1.1.c (hist | edit) [3,010 bytes] David (talk | contribs) (Created page with "== Evidence Types and Assessment Approaches for AC.L2-3.1.1 Assessment Objective [c] == === Ranking of Evidence Types for Assessment Objective [c] === For the assessment objective "[c] devices (and other systems) authorized to connect to the system are identified," I recommend prioritizing evidence types in this order: 1. **Artifacts**: These provide the strongest evidence for this objective, including: - Network device inventories and asset management databases...")
  • 04:4504:45, 28 March 2025 LLMPrompt AC.L2-3.1.1.c (hist | edit) [326 bytes] David (talk | contribs) (Created page with "Using the previous conversations on the practice AC.L2-3.1.1 and for the assessment objective, "[c] devices (and other systems) authorized to connect to the system are identified," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 04:4404:44, 28 March 2025 LLMResponse AC.L2-3.1.1.b (hist | edit) [2,619 bytes] David (talk | contribs) (Created page with "== Evidence Types and Assessment Approaches for AC.L2-3.1.1 Assessment Objective [b] == === Ranking of Evidence Types for Assessment Objective [b] === For the assessment objective "[b] processes acting on behalf of authorized users are identified," I recommend prioritizing evidence types in this order: 1. **Artifacts**: System-generated lists of automated processes, service accounts, scheduled tasks, and process ownership records provide the strongest direct evidence...")
  • 04:4404:44, 28 March 2025 LLMPrompt AC.L2-3.1.1.b (hist | edit) [309 bytes] David (talk | contribs) (Created page with "Using the previous conversations on the practice AC.L2-3.1.1 and for the assessment objective, "[b] processes acting on behalf of authorized users are identified," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?")
  • 04:4104:41, 28 March 2025 LLMResponse AC.L2-3.1.1.a (hist | edit) [2,222 bytes] David (talk | contribs) (Created page with "# Evidence Types and Assessment Approaches for AC.L2-3.1.1 Assessment Objective [a] ## Ranking of Evidence Types for Assessment Objective [a] For the assessment objective "[a] authorized users are identified," I recommend prioritizing evidence types in this order: 1. **Documents**: User authorization lists, access control policies, and account management procedures provide the most direct evidence that authorized users are formally identified. 2. **Artifacts**: Syste...")
  • 04:4004:40, 28 March 2025 LLMPrompt AC.L2-3.1.1.a (hist | edit) [217 bytes] David (talk | contribs) (Created page with "For the assessment objective, ""[a] authorized users are identified,"" rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?"")
  • 04:4004:40, 28 March 2025 LLMPrompt AC.L2-3.1.1 (hist | edit) [7,250 bytes] David (talk | contribs) (Created page with ""I am a cybersecurity manager working for an organization that is a DoD contractor. I need to implement various security practices that conform to DoD's CMMC program at level 2. The CMMC program stipulates security practices that are based on NIST Special Publication 800-171 R2. For each security practice of CMMC Level 2, I need to show evidence that my organization is in compliance with CMMC. Each security practice has a security requirement and several assessment objec...")
  • 03:0703:07, 28 March 2025 Practice SI.L3-3.14.6e Details (hist | edit) [7,377 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L3-3.14.6E – THREAT-GUIDED INTRUSION DETECTION == === SECURITY REQUIREMENT === Use threat indicator information and effective mitigations obtained from, <u>...")
  • 03:0703:07, 28 March 2025 Practice SI.L3-3.14.3e Details (hist | edit) [7,562 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L3-3.14.3E – SPECIALIZED ASSET SECURITY === === SECURITY REQUIREMENT === Ensure that <u>specialized assets including IoT, IIoT, OT, GFE, Restricted Informat...")
  • 03:0603:06, 28 March 2025 Practice SI.L3-3.14.1e Details (hist | edit) [8,191 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L3-3.14.1E – INTEGRITY VERIFICATION === === SECURITY REQUIREMENT === Verify the integrity of <u>security critical and essential software</u> using root of t...")
  • 02:4802:48, 28 March 2025 Practice SC.L3-3.13.4e Details (hist | edit) [8,251 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L3-3.13.4E – ISOLATION == === SECURITY REQUIREMENT === Employ <u>physical isolation techniques or logical isolation techniques or both</u> in organizational...")
  • 02:3902:39, 28 March 2025 Practice CA.L3-3.12.1e Details (hist | edit) [6,299 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CA.L3-3.12.1E – PENETRATION TESTING === Conduct penetration testing <u>at least annually or when significant security changes are made to the system</u>, lever...")
  • 02:3202:32, 28 March 2025 Practice RA.L3-3.11.7e Details (hist | edit) [5,246 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L3-3.11.7E – SUPPLY CHAIN RISK PLAN == === SECURITY REQUIREMENT === Develop a plan for managing supply chain risks associated with organizational systems an...")
  • 02:3002:30, 28 March 2025 Practice RA.L3-3.11.6e Details (hist | edit) [4,678 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L3-3.11.6E – SUPPLY CHAIN RISK RESPONSE == === SECURITY REQUIREMENT === Assess, respond to, and monitor supply chain risks associated with organizational sy...")
  • 02:2702:27, 28 March 2025 Practice RA.L3-3.11.5e Details (hist | edit) [5,726 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L3-3.11.5E – SECURITY SOLUTION EFFECTIVENESS == === SECURITY REQUIREMENT === Assess the effectiveness of security solutions <u>at least annually or upon rec...")
  • 02:2302:23, 28 March 2025 Practice RA.L3-3.11.4e Details (hist | edit) [6,532 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L3-3.11.4E – SECURITY SOLUTION RATIONALE === === SECURITY REQUIREMENT === Document or reference in the system security plan the security solution selected,...")
  • 02:1702:17, 28 March 2025 Practice RA.L3-3.11.3e Details (hist | edit) [7,934 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L3-3.11.3E – ADVANCED RISK IDENTIFICATION == === SECURITY REQUIREMENT === Employ advanced automation and analytics capabilities in support of analysts to pr...")
  • 02:1602:16, 28 March 2025 Practice RA.L3-3.11.2e Details (hist | edit) [8,773 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L3-3.11.2E – THREAT HUNTING == === SECURITY REQUIREMENT === Conduct cyber threat hunting activities <u>on an on-going aperiodic basis or when indications wa...")
  • 01:4901:49, 28 March 2025 Practice RA.L3-3.11.1e Details (hist | edit) [7,337 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L3-3.11.1E – THREAT-INFORMED RISK ASSESSMENT == === SECURITY REQUIREMENT === Employ <u>threat intelligence, at a minimum from open or commercial sources, an...")

27 March 2025

  • 03:4703:47, 27 March 2025 Commonly Accepted and Practiced CMMC Operation Matrix (hist | edit) [114,403 bytes] David (talk | contribs) (Created page with "== Commonly Accepted and Practiced CMMC Operating Model == Under Construction!!!") originally created as "Commonly Accepted and Practiced CMMC Operating Model"
  • 01:5201:52, 27 March 2025 Evidence Collection Approach (hist | edit) [111,408 bytes] David (talk | contribs) (Created page with "For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == Evidence Collection Approach for CMMC Practices Levels 1 and 2 == The following table contains the DIBCAC Evidence collection approach for the CMMC Lvels 1 and 2 practices and their Assessment Objectives. The following tables provide a general approach between Assessment Objectives (AOs) and Assessment Methods that may be used. These are not to be construe...")
  • 01:2801:28, 27 March 2025 Practice PS.L3-3.9.2e Details (hist | edit) [4,554 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PS.L3-3.9.2E – ADVERSE INFORMATION == === SECURITY REQUIREMENT === Ensure that organizational systems are protected if adverse information develops or is obtai...")
  • 01:2801:28, 27 March 2025 Practice IR.L3-3.6.2e Details (hist | edit) [5,875 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IR.L3-3.6.2E – CYBER INCIDENT RESPONSE TEAM == === SECURITY REQUIREMENT === Establish and maintain a cyber incident response team that can be deployed by the o...")
  • 01:2801:28, 27 March 2025 Practice IR.L3-3.6.1e Details (hist | edit) [5,817 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IR.L3-3.6.1E – SECURITY OPERATIONS CENTER == === SECURITY REQUIREMENT === Establish and maintain a security operations center capability that operates <u>24/7,...")
  • 01:2701:27, 27 March 2025 Practice IA.L3-3.5.3e Details (hist | edit) [7,786 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L3-3.5.3E – BLOCK UNTRUSTED ASSETS == === SECURITY REQUIREMENT === Employ automated or manual/procedural mechanisms to prohibit system components from conne...")
  • 01:2701:27, 27 March 2025 Practice IA.L3-3.5.1e Details (hist | edit) [7,998 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L3-3.5.1E – BIDIRECTIONAL AUTHENTICATION == === SECURITY REQUIREMENT === Identify and authenticate <u>systems and system components, where possible</u>, bef...")

25 March 2025

  • 03:1203:12, 25 March 2025 Practice CM.L3-3.4.3e Details (hist | edit) [5,520 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L3-3.4.3E – AUTOMATED INVENTORY == === SECURITY REQUIREMENT === Employ automated discovery and management tools to maintain an up-to-date, complete, accurat...")
  • 03:1203:12, 25 March 2025 Practice CM.L3-3.4.2e Details (hist | edit) [7,207 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. === CM.L3-3.4.2E – AUTOMATED DETECTION & REMEDIATION === === SECURITY REQUIREMENT === Employ automated mechanisms to detect misconfigured or unauthorized system c...")
  • 03:1203:12, 25 March 2025 Practice CM.L3-3.4.1e Details (hist | edit) [5,622 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L3-3.4.1E – AUTHORITATIVE REPOSITORY == === SECURITY REQUIREMENT === Establish and maintain an authoritative source and repository to provide a trusted sour...")
  • 02:4402:44, 25 March 2025 Practice AT.L3-3.2.2e Details (hist | edit) [6,283 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AT.L3-3.2.2E – PRACTICAL TRAINING EXERCISES == === SECURITY REQUIREMENT === Include practical exercises in awareness training for all users, tailored by roles,...")
  • 02:3902:39, 25 March 2025 Practice AT.L3-3.2.1e Details (hist | edit) [4,593 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AT.L3-3.2.1E – ADVANCED THREAT AWARENESS == === SECURITY REQUIREMENT === Provide awareness training upon initial hire, following a significant cyber event, and...")

24 March 2025

  • 22:3522:35, 24 March 2025 Practice AC.L3-3.1.3e Details (hist | edit) [6,279 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L3-3.1.3E – SECURED INFORMATION TRANSFER == === SECURITY REQUIREMENT === Employ secure information transfer solutions to control information flows between s...")
  • 14:4814:48, 24 March 2025 Practice AC.L3-3.1.2e Details (hist | edit) [4,710 bytes] David (talk | contribs) (Created page with "'''Source of Reference: The official [https://dodcio.defense.gov/cmmc/Resources-Documentation/ CMMC Level 3 Assessment Guide] from the Department of Defense Chief Information Officer (DoD CIO).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L3-3.1.2E – ORGANIZATIONALLY CONTROLLED ASSETS == === SECURITY REQUIREMENT === Restrict access to systems and system components to only those information re...")

23 February 2025

(newest | oldest) View ( | ) (20 | 50 | 100 | 250 | 500)
Retrieved from "https://cmmcwiki.org/index.php/Special:NewPages"