User contributions for David

2 April 2025

• 04:3804:38, 2 April 2025 diff hist +293 N LLMPrompt MA.L2-3.7.5.a Created page with "For the assessment objective "[a] multifactor authentication is used to establish nonlocal maintenance sessions via external network connections," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?""
• 04:3804:38, 2 April 2025 diff hist +7,087 N LLMPrompt MA.L2-3.7.5 Created page with "I am a cybersecurity manager working for an organization that is a DoD contractor. I need to implement various security practices that conform to DoD's CMMC program at level 2. The CMMC program stipulates security practices that are based on NIST Special Publication 800-171 R2. For each security practice of CMMC Level 2, I need to show evidence that my organization is in compliance with CMMC. Each security practice has a security requirement and several assessment object..." current
• 04:3104:31, 2 April 2025 diff hist +3 LLMResponse MA.L2-3.7.3.a No edit summary current
• 04:3104:31, 2 April 2025 diff hist +3,243 N LLMResponse MA.L2-3.7.4.a Created page with "# Analyzing Evidence Collection for CMMC MA.L2-3.7.4 Media Inspection Based on the information provided, I'll help you rank evidence types and prioritize assessment approaches for the assessment objective regarding checking media containing diagnostic and test programs for malicious code. == Evidence Type Ranking == For this specific assessment objective, here's how I would rank the evidence types: 1. **Screen Share (I4)** - This would provide the most direct evidenc..." current
• 04:2904:29, 2 April 2025 diff hist +340 N LLMPrompt MA.L2-3.7.4.a Created page with "For the assessment objective "[a] media containing diagnostic and test programs are checked for malicious code before being used in organizational systems that process, store, or transmit CUI," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?""
• 04:2904:29, 2 April 2025 diff hist +5,909 N LLMPrompt MA.L2-3.7.4 Created page with "I am a cybersecurity manager working for an organization that is a DoD contractor. I need to implement various security practices that conform to DoD's CMMC program at level 2. The CMMC program stipulates security practices that are based on NIST Special Publication 800-171 R2. For each security practice of CMMC Level 2, I need to show evidence that my organization is in compliance with CMMC. Each security practice has a security requirement and several assessment object..." current
• 04:2204:22, 2 April 2025 diff hist +3,990 N LLMResponse MA.L2-3.7.3.a Created page with "I'll help you rank the evidence types and prioritize assessment approaches for assessing compliance with MA.L2-3.7.3 (Equipment Sanitization), specifically the objective of ensuring equipment removed for off-site maintenance is sanitized of any CUI. == Ranking of Evidence Types == 1. **Artifacts** - Highest priority evidence type - Media sanitization records showing what equipment was sanitized - Equipment sanitization logs - Chain of custody documentation..."
• 04:2204:22, 2 April 2025 diff hist +282 N LLMPrompt MA.L2-3.7.3.a Created page with "For the assessment objective "[a] equipment to be removed from organizational spaces for off-site maintenance is sanitized of any CUI," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?""
• 04:2104:21, 2 April 2025 diff hist +6,206 N LLMPrompt MA.L2-3.7.3 Created page with "I am a cybersecurity manager working for an organization that is a DoD contractor. I need to implement various security practices that conform to DoD's CMMC program at level 2. The CMMC program stipulates security practices that are based on NIST Special Publication 800-171 R2. For each security practice of CMMC Level 2, I need to show evidence that my organization is in compliance with CMMC. Each security practice has a security requirement and several assessment object..." current
• 04:0104:01, 2 April 2025 diff hist 0 Commonly Accepted and Practiced CMMC Operation Matrix →MA.L2-3.7.3 – Equipment Sanitization
• 03:5703:57, 2 April 2025 diff hist +3,286 N LLMResponse MA.L2-3.7.2.d Created page with "I'll help you determine the most effective approach for collecting evidence and evaluating assessment objective "[d] personnel used to conduct system maintenance are controlled" in practice MA.L2-3.7.2. == Ranking Evidence Types for Assessment Objective [d] == Based on the CMMC Assessment Guide and the assessment objects you provided, I would rank the evidence types for this objective as follows: 1. **Documents** - Most valuable because they establish the personnel co..." current
• 03:5603:56, 2 April 2025 diff hist +242 N LLMPrompt MA.L2-3.7.2.d Created page with "For the assessment objective "[d] personnel used to conduct system maintenance are controlled," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?""
• 03:5603:56, 2 April 2025 diff hist +3,068 N LLMResponse MA.L2-3.7.2.c Created page with "I'll help you determine the most effective approach for collecting evidence and evaluating assessment objective "[c] mechanisms used to conduct system maintenance are controlled" in practice MA.L2-3.7.2. == Ranking Evidence Types for Assessment Objective [c] == Based on the CMMC Assessment Guide and the assessment objects you provided, I would rank the evidence types for this objective as follows: 1. **Artifacts** - Most valuable because they demonstrate actual implem..." current
• 03:5503:55, 2 April 2025 diff hist +243 N LLMPrompt MA.L2-3.7.2.c Created page with "For the assessment objective "[c] mechanisms used to conduct system maintenance are controlled," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?""
• 03:5203:52, 2 April 2025 diff hist +3,111 N LLMResponse MA.L2-3.7.2.b Created page with "I'll help you determine the most effective approach for collecting evidence and evaluating assessment objective "[b] techniques used to conduct system maintenance are controlled" in practice MA.L2-3.7.2. == Ranking Evidence Types for Assessment Objective [b] == Based on the CMMC Assessment Guide and the assessment objects you provided, I would rank the evidence types for this objective as follows: 1. **Documents** - Most valuable because they establish the framework f..." current
• 03:5103:51, 2 April 2025 diff hist +243 N LLMPrompt MA.L2-3.7.2.b Created page with "For the assessment objective "[b] techniques used to conduct system maintenance are controlled," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?""
• 03:2503:25, 2 April 2025 diff hist +2,766 N LLMResponse MA.L2-3.7.2.a Created page with "I'll help you determine the most effective approach for collecting evidence and evaluating assessment objective "[a] tools used to conduct system maintenance are controlled" in practice MA.L2-3.7.2. == Ranking Evidence Types for Assessment Objective [a] == Based on the CMMC Assessment Guide and the assessment objects you provided, I would rank the evidence types for this objective as follows: 1. **Artifacts** - Most valuable because they demonstrate actual implementat..." current
• 03:2403:24, 2 April 2025 diff hist +238 N LLMPrompt MA.L2-3.7.2.a Created page with "For the assessment objective "[a] tools used to conduct system maintenance are controlled," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?""
• 03:2403:24, 2 April 2025 diff hist +6,766 N LLMPrompt MA.L2-3.7.2 Created page with "I am a cybersecurity manager working for an organization that is a DoD contractor. I need to implement various security practices that conform to DoD's CMMC program at level 2. The CMMC program stipulates security practices that are based on NIST Special Publication 800-171 R2. For each security practice of CMMC Level 2, I need to show evidence that my organization is in compliance with CMMC. Each security practice has a security requirement and several assessment object..." current
• 02:5202:52, 2 April 2025 diff hist +2,374 N LLMResponse MA.L2-3.7.1.a Created page with "I'll help you prioritize your assessment approaches and evidence types for the MA.L2-3.7.1 requirement. Based on the CMMC Level 2 Assessment Guide and the specifics of this security practice, here's my recommendation: == Assessment Approaches Priority == 1. **Examine** - This should be your first approach because system maintenance documentation provides foundational evidence of your maintenance program. Examining maintenance records, policies, and schedules will show..." current
• 02:5102:51, 2 April 2025 diff hist +214 N LLMPrompt MA.L2-3.7.1.a Created page with "For the assessment objective "[a] system maintenance is performed," rank the evidence types supported by assessment objects. Also, how should I prioritize the three assessment approaches in obtaining the evidence?""
• 02:5002:50, 2 April 2025 diff hist +5,669 N LLMPrompt MA.L2-3.7.1 Created page with "I am a cybersecurity manager working for an organization that is a DoD contractor. I need to implement various security practices that conform to DoD's CMMC program at level 2. The CMMC program stipulates security practices that are based on NIST Special Publication 800-171 R2. For each security practice of CMMC Level 2, I need to show evidence that my organization is in compliance with CMMC. Each security practice has a security requirement and several assessment object..." current
• 02:5002:50, 2 April 2025 diff hist 0 Commonly Accepted and Practiced CMMC Operation Matrix →MA.L2-3.7.1 – Perform Maintenance
• 02:3102:31, 2 April 2025 diff hist −310 Commonly Accepted and Practiced CMMC Operation Matrix →Maintenance (MA)

31 March 2025

• 02:2202:22, 31 March 2025 diff hist −62 Commonly Accepted and Practiced CMMC Operation Matrix →AC.L2-3.1.7 – Privileged Functions
• 02:2002:20, 31 March 2025 diff hist −62 Commonly Accepted and Practiced CMMC Operation Matrix →AC.L2-3.1.6 – Non-Privileged Account Use
• 02:1902:19, 31 March 2025 diff hist −62 Commonly Accepted and Practiced CMMC Operation Matrix →AC.L2-3.1.5 – Least Privilege
• 02:1702:17, 31 March 2025 diff hist −62 Commonly Accepted and Practiced CMMC Operation Matrix →AC.L2-3.1.4 – Separation of Duties
• 02:1502:15, 31 March 2025 diff hist −124 Commonly Accepted and Practiced CMMC Operation Matrix →Access Control (AC)
• 02:0802:08, 31 March 2025 diff hist −1 Commonly Accepted and Practiced CMMC Operation Matrix →SC.L2-3.13.4 – Shared Resource Control
• 02:0802:08, 31 March 2025 diff hist +39 Commonly Accepted and Practiced CMMC Operation Matrix →MP.L2-3.8.8 – Shared Media
• 02:0702:07, 31 March 2025 diff hist +61 Commonly Accepted and Practiced CMMC Operation Matrix →AT.L2-3.2.2 – Role-Based Training
• 02:0602:06, 31 March 2025 diff hist +1,438 Commonly Accepted and Practiced CMMC Operation Matrix No edit summary
• 02:0302:03, 31 March 2025 diff hist +100 Commonly Accepted and Practiced CMMC Operation Matrix →AU.L2-3.3.8 – Audit Protection
• 02:0202:02, 31 March 2025 diff hist +100 Commonly Accepted and Practiced CMMC Operation Matrix →AU.L2-3.3.4 – Audit Failure Alerting
• 02:0102:01, 31 March 2025 diff hist +100 Commonly Accepted and Practiced CMMC Operation Matrix →AU.L2-3.3.2 – User Accountability
• 02:0102:01, 31 March 2025 diff hist +100 Commonly Accepted and Practiced CMMC Operation Matrix →AU.L2-3.3.1 – System Auditing
• 01:5901:59, 31 March 2025 diff hist +100 Commonly Accepted and Practiced CMMC Operation Matrix →AT.L2-3.2.3 – Insider Threat Awareness
• 01:5901:59, 31 March 2025 diff hist +61 Commonly Accepted and Practiced CMMC Operation Matrix →AT.L2-3.2.2 – Role-Based Training
• 01:5801:58, 31 March 2025 diff hist +101 Commonly Accepted and Practiced CMMC Operation Matrix →AC.L2-3.1.14 – Remote Access Routing
• 01:5701:57, 31 March 2025 diff hist +16,872 Commonly Accepted and Practiced CMMC Operation Matrix No edit summary
• 01:2201:22, 31 March 2025 diff hist −13 Commonly Accepted and Practiced CMMC Operation Matrix No edit summary
• 01:2101:21, 31 March 2025 diff hist +94,917 Commonly Accepted and Practiced CMMC Operation Matrix No edit summary

30 March 2025

• 19:3519:35, 30 March 2025 diff hist +1,120 Evidence Collection Approach →System and Information Integrity (SI) current
• 19:3119:31, 30 March 2025 diff hist +2,877 Evidence Collection Approach →System and Communications Protection (SC)
• 19:2119:21, 30 March 2025 diff hist +444 Evidence Collection Approach →Security Assessment (CA)
• 19:1719:17, 30 March 2025 diff hist +646 Evidence Collection Approach →Risk Assessment (RA)
• 19:1419:14, 30 March 2025 diff hist +1,411 Evidence Collection Approach →Physical Protection (PE)
• 19:0819:08, 30 March 2025 diff hist +230 Evidence Collection Approach →Personnel Security (PS)
• 19:0519:05, 30 March 2025 diff hist +2,638 Evidence Collection Approach →Media Protection (MP)