User contributions for Wikiadmin
Jump to navigation
Jump to search
21 April 2024
- 04:3604:36, 21 April 2024 diff hist −69 Main Page No edit summary current Tag: Visual edit: Switched
10 April 2024
- 12:5912:59, 10 April 2024 diff hist −38 MediaWiki:Sidebar No edit summary current
5 December 2023
- 21:4121:41, 5 December 2023 diff hist +133 External References →C current Tag: Visual edit: Switched
8 May 2023
- 23:2323:23, 8 May 2023 diff hist +17 CCP Blueprint →Task 1. Identify and apply knowledge of the Guiding Principles and Practices of the CMMC-AB Code of Professional Conduct (CoPC)/ISO/IEC/DOD requirements. current
- 23:1423:14, 8 May 2023 diff hist +17 CCA Blueprint →Task 1. Identify evidence verification/validation methods and objects for Practices based on the CMMC Level 2 Assessment Guide and CMMC Assessment Process (CAP) documentation. current
- 23:1323:13, 8 May 2023 diff hist +253 CCA Blueprint →Task 1. Identify evidence verification/validation methods and objects for Practices based on the CMMC Level 2 Assessment Guide and CMMC Assessment Process (CAP) documentation.
- 22:5422:54, 8 May 2023 diff hist +2,003 CCA Blueprint →Task 1. Identify evidence verification/validation methods and objects for Practices based on the CMMC Level 2 Assessment Guide and CMMC Assessment Process (CAP) documentation.
- 22:3622:36, 8 May 2023 diff hist +287 CCA Blueprint →Domain 4: CMMC Levels 2 Practices
- 22:3222:32, 8 May 2023 diff hist +199 CCA Blueprint →Task 1. Identify evidence verification/validation methods and objects for Practices based on the CMMC Level 2 Assessment Guide and CMMC Assessment Process (CAP) documentation.
- 22:2622:26, 8 May 2023 diff hist +305 CCA Blueprint →Task 1. Given a scenario, apply the appropriate phases and steps to plan, prepare, conduct, and report on a CMMC Level 2 Assessment.
- 22:1822:18, 8 May 2023 diff hist +8 CCA Blueprint →Task 3. Evaluate CMMC assessment scope considerations based on the CMMC Level 2 Assessment Scoping Guide.
- 22:1722:17, 8 May 2023 diff hist +298 CCA Blueprint →Task 3. Evaluate CMMC assessment scope considerations based on the CMMC Level 2 Assessment Scoping Guide.
- 22:1222:12, 8 May 2023 diff hist 0 CCA Blueprint →Task 2. Given a scenario, analyze the CMMC Assessment Scope based on the predetermined CUI categories within the CMMC Level 2 Assessment Scoping Guide.
- 18:2618:26, 8 May 2023 diff hist +12 CCA Blueprint →Task 2. Given a scenario, analyze the CMMC Assessment Scope based on the predetermined CUI categories within the CMMC Level 2 Assessment Scoping Guide.
- 18:2518:25, 8 May 2023 diff hist +22 CCA Blueprint →Task 1. Analyze the CMMC Assessment Scope of Controlled Unclassified Information (CUI) Assets as they pertain to a CMMC assessment using the five categories of CUI assets as defined in the CMMC Level 2 Assessment Scoping Guide.
- 18:2418:24, 8 May 2023 diff hist −11 CCA Blueprint →Task 1. Analyze the CMMC Assessment Scope of Controlled Unclassified Information (CUI) Assets as they pertain to a CMMC assessment using the five categories of CUI assets as defined in the CMMC Level 2 Assessment Scoping Guide.
- 18:2218:22, 8 May 2023 diff hist −7 CCA Blueprint →Task 2. Given a scenario, analyze the CMMC Assessment Scope based on the predetermined CUI categories within the CMMC Level 2 Assessment Scoping Guide.
- 18:2018:20, 8 May 2023 diff hist +396 CCA Blueprint →Task 2. Given a scenario, analyze the CMMC Assessment Scope based on the predetermined CUI categories within the CMMC Level 2 Assessment Scoping Guide.
- 18:1418:14, 8 May 2023 diff hist +350 CCA Blueprint →Task 1. Analyze the CMMC Assessment Scope of Controlled Unclassified Information (CUI) Assets as they pertain to a CMMC assessment using the five categories of CUI assets as defined in the CMMC Level 2 Assessment Scoping Guide.
- 18:0618:06, 8 May 2023 diff hist +219 CCA Blueprint No edit summary
5 May 2023
- 18:1818:18, 5 May 2023 diff hist −86 CCA Blueprint No edit summary
- 18:1718:17, 5 May 2023 diff hist −152 CCP Blueprint No edit summary
9 April 2023
- 23:0523:05, 9 April 2023 diff hist −362 MediaWiki:Common.js Blanked the page current Tag: Blanking
- 21:0821:08, 9 April 2023 diff hist 0 m CSF Identifiers Wikiadmin moved page Function and Category Identifiers to CSF Identifiers without leaving a redirect current
- 21:0621:06, 9 April 2023 diff hist −14 MediaWiki:Sidebar No edit summary
- 21:0421:04, 9 April 2023 diff hist +320 CSF Identifiers No edit summary
- 21:0121:01, 9 April 2023 diff hist +22 CSF Identifiers No edit summary
- 20:5820:58, 9 April 2023 diff hist −488 CSF Identifiers No edit summary
- 20:4920:49, 9 April 2023 diff hist +279 CSF Identifiers No edit summary
- 20:4620:46, 9 April 2023 diff hist +54 CSF Identifiers No edit summary
- 20:4320:43, 9 April 2023 diff hist +3 CSF Identifiers No edit summary
- 20:4220:42, 9 April 2023 diff hist −210 CSF Identifiers No edit summary
- 20:3920:39, 9 April 2023 diff hist −46 CSF Identifiers No edit summary
- 20:3620:36, 9 April 2023 diff hist −61 CSF Identifiers No edit summary
- 20:3520:35, 9 April 2023 diff hist +2,460 N CSF Identifiers Created page with "{|class="wikitable" style="width: 85%;" ! style="width: 15%"| Function Unique Identifier ! style="width: 15%"| Function ! style="width: 20%"| Category Unique Identifier ! style="width: 50%"| Category |- |colspan="4"|Assets that are in the CMMC Assessment Scope |- |'''Controlled Unclassified Information (CUI) Assets''' | * Assets that process, store, or transmit CUI |rowspan="2"| * Document in the asset inventory * Document in the System Security Plan (SSP) * Document in..."
- 20:2820:28, 9 April 2023 diff hist −3,108 CSF Acronyms No edit summary current
- 20:2520:25, 9 April 2023 diff hist −5,675 CSF Acronyms No edit summary
- 20:0920:09, 9 April 2023 diff hist +11,446 N CSF Acronyms Created page with "'''Source of Reference: official [https://www.nist.gov/cyberframework/online-learning/components-framework Cybersecurity Framework Components] from National Institute of Standards and Technology (NIST).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == A == {| |ANSI||American National Standards Institute |} == C == {| |CEA||Cybersecurity Enhancement Act of 2014 |- CIS||Center for Internet Security |-..."
- 20:0020:00, 9 April 2023 diff hist −35,862 CSF Glossary No edit summary current
- 19:2719:27, 9 April 2023 diff hist −7,549 CSF Glossary No edit summary
- 19:1819:18, 9 April 2023 diff hist +49,487 N CSF Glossary Created page with "'''Source of Reference: official [https://www.nist.gov/cyberframework/online-learning/components-framework Cybersecurity Framework Components] from National Institute of Standards and Technology (NIST).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == B == {|class="wikitable" style="width: 85%;" ! style="width: 30%"| Term ! style="width: 70%"| Description |- |Buyer |The people or organizations that co..."
- 18:4818:48, 9 April 2023 diff hist +237 External References No edit summary
- 18:4618:46, 9 April 2023 diff hist +268 External References No edit summary
- 18:4118:41, 9 April 2023 diff hist +272 External References No edit summary
- 18:3518:35, 9 April 2023 diff hist +188 MediaWiki:Sidebar No edit summary
31 January 2023
- 23:0823:08, 31 January 2023 diff hist +376 N MediaWiki:Mobile.js Created page with "→Any JavaScript here will be loaded when viewing the website via a mobile frontend.: <!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-LPDL819PSZ"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-LPDL819PSZ'); </script>" current
28 January 2023
- 15:3715:37, 28 January 2023 diff hist +362 N MediaWiki:Common.js Created page with "→Any JavaScript here will be loaded for all users on every page load.: <!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-LPDL819PSZ"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-LPDL819PSZ'); </script>"
1 December 2022
- 00:3800:38, 1 December 2022 diff hist −5 External References No edit summary
- 00:3400:34, 1 December 2022 diff hist +45 CMMC Toolkit Wiki:About No edit summary current
- 00:3300:33, 1 December 2022 diff hist −35 CMMC Toolkit Wiki:About No edit summary
- 00:3200:32, 1 December 2022 diff hist −10 CMMC Toolkit Wiki:General disclaimer No edit summary current
30 November 2022
- 23:3523:35, 30 November 2022 diff hist −14 Artifact Hashing Tool No edit summary current
- 23:3423:34, 30 November 2022 diff hist −14 Level 2 Assessment Guide No edit summary current
- 23:3423:34, 30 November 2022 diff hist −14 Level 1 Assessment Guide No edit summary current
- 23:3223:32, 30 November 2022 diff hist −14 Level 2 Scoping Guidance No edit summary current
- 23:3223:32, 30 November 2022 diff hist −14 Level 1 Scoping Guidance No edit summary current
- 23:3123:31, 30 November 2022 diff hist −13 Acronyms and Abbreviations No edit summary current
- 23:3123:31, 30 November 2022 diff hist −10 Model Glossary No edit summary current
- 23:3123:31, 30 November 2022 diff hist −14 Model Overview No edit summary current
- 23:3023:30, 30 November 2022 diff hist −13 Main Page No edit summary
- 23:2423:24, 30 November 2022 diff hist −6 Main Page No edit summary
- 23:0323:03, 30 November 2022 diff hist −1 Acronyms and Abbreviations No edit summary
9 November 2022
- 12:1112:11, 9 November 2022 diff hist +6 Artifact Hashing Tool No edit summary
4 October 2022
- 03:3903:39, 4 October 2022 diff hist +1 Main Page No edit summary
- 03:3803:38, 4 October 2022 diff hist +38 Main Page No edit summary
13 September 2022
- 16:1416:14, 13 September 2022 diff hist +151 External References No edit summary
26 August 2022
- 16:0616:06, 26 August 2022 diff hist +2 Main Page →Practice Quizzes hosted by FlexiQuiz
- 16:0516:05, 26 August 2022 diff hist −71 Main Page →Other Resources
- 16:0516:05, 26 August 2022 diff hist −40 MediaWiki:Sidebar No edit summary
25 August 2022
- 23:1123:11, 25 August 2022 diff hist +6,795 Level 2 Assessment Guide No edit summary
- 22:3822:38, 25 August 2022 diff hist 0 Level 1 Assessment Guide →PE.L1-3.10.5 – MANAGE PHYSICAL ACCESS
- 22:0922:09, 25 August 2022 diff hist +1,168 Level 1 Assessment Guide No edit summary
- 22:0322:03, 25 August 2022 diff hist +4 DoD Assessment Methodology No edit summary current
- 22:0122:01, 25 August 2022 diff hist 0 Level 1 Assessment Guide →AC.L1-3.1.1 - AUTHORIZED ACCESS CONTROL
- 22:0122:01, 25 August 2022 diff hist +73 Level 1 Assessment Guide No edit summary
- 18:5618:56, 25 August 2022 diff hist −578 DoD Assessment Methodology →DoD Assessment Scoring Methodology
- 18:5218:52, 25 August 2022 diff hist −96 DoD Assessment Methodology →DoD Assessment Scoring Template
- 18:5118:51, 25 August 2022 diff hist −682 DoD Assessment Methodology →DoD Assessment Scoring Methodology
- 18:3818:38, 25 August 2022 diff hist +14,256 DoD Assessment Methodology →DoD Assessment Scoring Methodology
- 18:3118:31, 25 August 2022 diff hist −403 DoD Assessment Methodology →DoD Assessment Scoring Template
- 18:2818:28, 25 August 2022 diff hist −2,622 DoD Assessment Methodology →DoD Assessment Scoring Template
- 17:3417:34, 25 August 2022 diff hist −423 DoD Assessment Methodology No edit summary
- 17:2317:23, 25 August 2022 diff hist −710 DoD Assessment Methodology →DoD Assessment Scoring Template
- 17:1017:10, 25 August 2022 diff hist −430 DoD Assessment Methodology →DoD Assessment Scoring Template
- 16:5216:52, 25 August 2022 diff hist −75 DoD Assessment Methodology No edit summary
- 16:4616:46, 25 August 2022 diff hist −273 DoD Assessment Methodology →DoD Assessment Scoring Template
- 16:3616:36, 25 August 2022 diff hist +1,102 DoD Assessment Methodology No edit summary
- 16:2716:27, 25 August 2022 diff hist −455 DoD Assessment Methodology No edit summary
- 03:1303:13, 25 August 2022 diff hist −472 DoD Assessment Methodology →CMMC Scoring with DoD Assessment Scoring Methodology
- 01:1601:16, 25 August 2022 diff hist −34 DoD Assessment Methodology →CMMC Scoring with DoD Assessment Scoring Methodology
- 00:5300:53, 25 August 2022 diff hist +8 DoD Assessment Methodology →NIST SP 800-171 DoD Assessment Scoring Template
- 00:5100:51, 25 August 2022 diff hist 0 DoD Assessment Methodology →NIST SP 800-171 DoD Assessment Scoring Template
- 00:5000:50, 25 August 2022 diff hist +3 DoD Assessment Methodology →NIST SP 800-171 DoD Assessment Scoring Template
- 00:4900:49, 25 August 2022 diff hist +1 DoD Assessment Methodology →NIST SP 800-171 DoD Assessment Scoring Template
- 00:4900:49, 25 August 2022 diff hist +43 DoD Assessment Methodology →NIST SP 800-171 DoD Assessment Scoring Template
- 00:2600:26, 25 August 2022 diff hist +5 Level 1 Assessment Guide →SI.L1-3.14.4 – UPDATE MALICIOUS CODE PROTECTION
- 00:2600:26, 25 August 2022 diff hist +5 Level 1 Assessment Guide →SI.L1-3.14.1 – FLAW REMEDIATION
- 00:0900:09, 25 August 2022 diff hist +1 Level 1 Assessment Guide →IA.L1-3.5.1 – IDENTIFICATION
- 00:0900:09, 25 August 2022 diff hist +7 Level 1 Assessment Guide →IA.L1-3.5.1 – IDENTIFICATION
24 August 2022
- 23:5123:51, 24 August 2022 diff hist −1 Level 1 Assessment Guide →SI.L1-3.14.5 – SYSTEM & FILE SCANNING
- 23:4623:46, 24 August 2022 diff hist −1 Level 1 Assessment Guide →SC.L1-3.13.5 – PUBLIC-ACCESS SYSTEM SEPARATION
- 23:4023:40, 24 August 2022 diff hist 0 Level 1 Assessment Guide →PE.L1-3.10.1 – LIMIT PHYSICAL ACCESS
- 23:2523:25, 24 August 2022 diff hist 0 Level 1 Assessment Guide →IA.L1-3.5.2 – AUTHENTICATION
- 01:3301:33, 24 August 2022 diff hist +80 CCA Blueprint No edit summary
- 01:3201:32, 24 August 2022 diff hist +139 CCP Blueprint No edit summary
23 August 2022
- 20:4520:45, 23 August 2022 diff hist −12 Main Page No edit summary
- 20:4420:44, 23 August 2022 diff hist +2 DoD Assessment Methodology →NIST SP 800-171 DoD Assessment Scoring Template
- 20:4320:43, 23 August 2022 diff hist +20,806 DoD Assessment Methodology →NIST SP 800-171 DoD Assessment Scoring Template
- 20:3420:34, 23 August 2022 diff hist +1,302 N DoD Assessment Methodology Created page with "'''Source of Reference: The [https://www.acq.osd.mil/asda/dpc/cp/cyber/docs/safeguarding/NIST-SP-800-171-Assessment-Methodology-Version-1.2.1-6.24.2020.pdf NIST SP 800-171 DoD Assessment Methodology] from [https://www.acq.osd.mil/asda/dpc/cp/cyber/safeguarding.html#nistSP800171 U.S. Department of Defense Website]''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. = NIST SP 800-171 DoD Assessment Scoring Te..."
- 20:2720:27, 23 August 2022 diff hist +70 CMMC Assessment Process No edit summary current
- 20:2220:22, 23 August 2022 diff hist +81 Main Page No edit summary
- 20:2120:21, 23 August 2022 diff hist +2 MediaWiki:Sidebar No edit summary
- 20:2020:20, 23 August 2022 diff hist +90 MediaWiki:Sidebar No edit summary
22 August 2022
- 22:4422:44, 22 August 2022 diff hist −24 Main Page No edit summary
- 22:4222:42, 22 August 2022 diff hist −33 Main Page No edit summary
- 21:2721:27, 22 August 2022 diff hist −14 Main Page No edit summary
- 21:2621:26, 22 August 2022 diff hist 0 Main Page No edit summary
- 21:2321:23, 22 August 2022 diff hist −19 Main Page →CCP Practice Quiz hosted by FlexiQuiz (Under Development)
7 August 2022
- 19:3119:31, 7 August 2022 diff hist −8 External References No edit summary
- 19:3019:30, 7 August 2022 diff hist +45 External References No edit summary
- 19:2919:29, 7 August 2022 diff hist +276 External References No edit summary
- 00:1100:11, 7 August 2022 diff hist +394 CCP Blueprint →Task 2. Given a Scenario, analyze the organization environment to generate an appropriate scope for FCI Assets.
- 00:0900:09, 7 August 2022 diff hist +199 CCP Blueprint →Task 1. Understand CMMC High-Level Scoping as described in the CMMC Assessment Process.
- 00:0800:08, 7 August 2022 diff hist +334 CCP Blueprint →Task 5. Given a scenario, determine the appropriate phases/steps to assist in the preparation/conducting/ reporting on a CMMC Level 2 Assessment.
- 00:0500:05, 7 August 2022 diff hist +226 CCP Blueprint →Task 4. Demonstrate comprehension of the CCP role in the process of evaluating outstanding assessment issues on Plan of Action and Milestones (POA&M) (Phase 4 – Evaluation of Outstanding Assessment POA&M Items).
- 00:0300:03, 7 August 2022 diff hist +236 CCP Blueprint →Task 3. Demonstrate comprehension of the CCP role in the preparation of assessment report (Phase 3 – Report Assessment Results).
6 August 2022
- 23:5923:59, 6 August 2022 diff hist +256 CCP Blueprint →Task 2. Apply CMMC Assessment Process requirements pertaining to the role of the CCP as an assessment team member while conducting a CMMC assessment (Phase 2 – Conduct Assessment).
- 23:5723:57, 6 August 2022 diff hist +196 CCP Blueprint →Domain 5: CMMC Assessment Process
- 23:4923:49, 6 August 2022 diff hist +308 CCP Blueprint →Task 1. Given a scenario, apply the appropriate CMMC Source Documents as an aid to evaluate the implementation/review of CMMC practices.
- 23:3023:30, 6 August 2022 diff hist +295 CCP Blueprint →Task 1. Given a scenario, apply the appropriate CMMC Source Documents as an aid to evaluate the implementation/review of CMMC practices.
- 23:0523:05, 6 August 2022 diff hist +343 CCP Blueprint →Task 1. Given a scenario, apply the appropriate CMMC Source Documents as an aid to evaluate the implementation/review of CMMC practices.
- 22:5422:54, 6 August 2022 diff hist +161 CCP Blueprint →Task 3. Analyze the adequacy/sufficiency around the location/collection/quality/usage of Evidence.
- 22:5322:53, 6 August 2022 diff hist +265 CCP Blueprint →Task 2. Apply knowledge of the CMMC Assessment Criteria and Methodology to the appropriate CMMC practices.
- 22:1822:18, 6 August 2022 diff hist +215 CCP Blueprint →Task 3. Demonstrate understanding of the CMMC Source and Supplementary documents.
- 22:1522:15, 6 August 2022 diff hist +289 CCP Blueprint →Task 3. Demonstrate understanding of the CMMC Source and Supplementary documents.
- 21:3421:34, 6 August 2022 diff hist +386 CCP Blueprint →Task 2. Determine the appropriate roles/responsibilities/authority for Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).
- 21:2321:23, 6 August 2022 diff hist −2 CCP Blueprint →Task 1. Demonstrate understanding of Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) in non-federal unclassified networks.
- 21:2221:22, 6 August 2022 diff hist +213 CCP Blueprint →Task 1. Demonstrate understanding of Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) in non-federal unclassified networks.
- 21:1521:15, 6 August 2022 diff hist +654 CCP Blueprint →Task 1. Demonstrate understanding of Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) in non-federal unclassified networks.
- 17:5617:56, 6 August 2022 diff hist +348 CCP Blueprint →Domain 2: CMMC-AB Code of Professional Conduct (Ethics)
- 17:5117:51, 6 August 2022 diff hist −6 CCP Blueprint →Domain 1: CMMC Ecosystem
- 17:5117:51, 6 August 2022 diff hist +20 CCP Blueprint →Domain 1: CMMC Ecosystem
- 17:5017:50, 6 August 2022 diff hist +55 CCP Blueprint →Task 1. Identify and compare roles/responsibilities/requirements of authorities across the CMMC Ecosystem.
- 17:4717:47, 6 August 2022 diff hist +37 CCP Blueprint →Task 1. Identify and compare roles/responsibilities/requirements of authorities across the CMMC Ecosystem.
- 17:4517:45, 6 August 2022 diff hist +2 CCP Blueprint →Task 1. Identify and compare roles/responsibilities/requirements of authorities across the CMMC Ecosystem.
- 17:4217:42, 6 August 2022 diff hist +904 CCP Blueprint →Task 1. Identify and compare roles/responsibilities/requirements of authorities across the CMMC Ecosystem.
- 17:2417:24, 6 August 2022 diff hist +141 CCP Blueprint →Task 1. Identify and compare roles/responsibilities/requirements of authorities across the CMMC Ecosystem.
- 17:1017:10, 6 August 2022 diff hist +52 CCP Blueprint →Domains
- 01:3701:37, 6 August 2022 diff hist 0 CMMC Assessment Process →3.2 Submit, Package, and Archive Assessment Documentation
- 01:3601:36, 6 August 2022 diff hist +9 CAP Glossary No edit summary current
- 01:3601:36, 6 August 2022 diff hist +9 CMMC Assessment Process No edit summary
- 01:3501:35, 6 August 2022 diff hist −107 CMMC Assessment Process →1.7 Verify Readiness to Conduct the Assessment
- 01:3301:33, 6 August 2022 diff hist +3 CMMC Assessment Process →1.6.4 Identify and Manage Conflicts of Interest (COI)
- 01:3201:32, 6 August 2022 diff hist −164 CMMC Assessment Process →1.6.3 Identify Resources and Schedule
- 01:3001:30, 6 August 2022 diff hist −214 CMMC Assessment Process →1.6.2 Select Assessment Team Members
- 01:2801:28, 6 August 2022 diff hist −182 CMMC Assessment Process →1.6.1 Develop Evidence Collection Approach
- 01:2401:24, 6 August 2022 diff hist −397 CMMC Assessment Process →1.4 Organize and Prepare Assessment Documents and Templates
- 01:2101:21, 6 August 2022 diff hist −438 CMMC Assessment Process →1.4 Organize and Prepare Assessment Documents and Templates
- 01:1701:17, 6 August 2022 diff hist +259 CMMC Assessment Process →1.4 Organize and Prepare Assessment Documents and Templates
- 00:0100:01, 6 August 2022 diff hist +11 CMMC Assessment Process →1.7.1 Access and Verify Evidence
- 00:0000:00, 6 August 2022 diff hist 0 CMMC Assessment Process →1.7.2 Make Assessment Feasibility Determination
5 August 2022
- 23:5923:59, 5 August 2022 diff hist +4 CMMC Assessment Process →1.7.2 Make Assessment Feasibility Determination
- 23:5823:58, 5 August 2022 diff hist −2 CMMC Assessment Process →1.7.3 Conduct Quality Review on Pre-Assessment Form Data
- 23:5823:58, 5 August 2022 diff hist −3 CMMC Assessment Process →1.7.4 Upload Pre-Assessment Form into CMMC eMASS
- 23:5723:57, 5 August 2022 diff hist −1 CMMC Assessment Process →1.7.5 Prepare the Assessment Team
- 23:5623:56, 5 August 2022 diff hist −128 CMMC Assessment Process →1.6 Complete Pre-Assessment Planning
- 23:5423:54, 5 August 2022 diff hist −188 CMMC Assessment Process →1.5.8 Review OSC Self-Assessment and DoD Assessment Findings Criteria
- 23:4923:49, 5 August 2022 diff hist −102 CMMC Assessment Process →1.5.7 Verify and Record Evidence Against Adequacy and Sufficiency Criteria
- 23:4723:47, 5 August 2022 diff hist −45 CMMC Assessment Process →1.5.6 Inventory OSC Cybersecurity Practices Against CMMC Model
- 23:4623:46, 5 August 2022 diff hist −3 CMMC Assessment Process →1.5.5 Evaluate Model Non-Duplication
- 23:4623:46, 5 August 2022 diff hist +1 CMMC Assessment Process →1.5.4.1 Ascertain the Use of External Cloud Service Providers
- 23:4623:46, 5 August 2022 diff hist +394 CMMC Assessment Process →1.5.4.1 Ascertain the Use of External Cloud Service Providers
- 23:4523:45, 5 August 2022 diff hist −392 CMMC Assessment Process →1.5.7 Verify and Record Evidence Against Adequacy and Sufficiency Criteria
- 23:4523:45, 5 August 2022 diff hist −207 CMMC Assessment Process →1.5.4.1 Ascertain the Use of External Cloud Service Providers
- 23:3723:37, 5 August 2022 diff hist −69 CMMC Assessment Process →1.5.4.1 Ascertain the Use of External Cloud Service Providers
- 23:3323:33, 5 August 2022 diff hist +4 CMMC Assessment Process →1.5.4 Validate CMMC Assessment Scope
- 23:2923:29, 5 August 2022 diff hist −529 CMMC Assessment Process →1.5.3 Confirm the Corporate Identity to be Assessed
- 23:1123:11, 5 August 2022 diff hist −3 CMMC Assessment Process →1.5.2 Identify Lead Assessor
- 23:1123:11, 5 August 2022 diff hist −104 CMMC Assessment Process →1.5.1 Frame the Assessment
- 23:0923:09, 5 August 2022 diff hist −148 CMMC Assessment Process →1.5 Ascertain Assessment Conditions and Requirements
- 23:0623:06, 5 August 2022 diff hist +96 CMMC Assessment Process →1.4 Organize and Prepare Assessment Documents and Templates
- 23:0223:02, 5 August 2022 diff hist +4 CMMC Assessment Process →3.2 Submit, Package, and Archive Assessment Documentation
- 23:0223:02, 5 August 2022 diff hist −245 CMMC Assessment Process →1.4 Organize and Prepare Assessment Documents and Templates
- 22:5722:57, 5 August 2022 diff hist −29 CMMC Assessment Process →1.4 Organize and Prepare Assessment Documents and Templates
- 22:5522:55, 5 August 2022 diff hist −1 CMMC Assessment Process →1.3 Discuss Contractual Arrangements
- 22:5322:53, 5 August 2022 diff hist −103 CMMC Assessment Process →2.2.5 Identify and Document Evidence Gaps
- 22:5122:51, 5 August 2022 diff hist −41 CMMC Assessment Process →2.2.4 Determine FedRAMP Moderate Equivalency for Cloud Computing Providers
- 22:4922:49, 5 August 2022 diff hist −63 CMMC Assessment Process →2.2.3 Observe Tests and Analyze Results
- 22:4822:48, 5 August 2022 diff hist −313 CMMC Assessment Process →2.2.2 Conduct Interviews and Assess Responses
- 22:4222:42, 5 August 2022 diff hist −131 CMMC Assessment Process →2.2.1 Examine and Analyze Evidence
- 22:4022:40, 5 August 2022 diff hist +3 CMMC Assessment Process →2.2 Collect and Examine Evidence
- 22:3922:39, 5 August 2022 diff hist +5 CMMC Assessment Process →2.2 Collect and Examine Evidence
- 22:3922:39, 5 August 2022 diff hist −1,007 CMMC Assessment Process →2.2 Collect and Examine Evidence
- 22:2422:24, 5 August 2022 diff hist −219 CMMC Assessment Process →2.3 Score OSC Practices and Validate Preliminary Results
- 21:5121:51, 5 August 2022 diff hist −6 CMMC Assessment Process →2.4 Generate and Validate Preliminary Recommended Findings
- 21:4921:49, 5 August 2022 diff hist −93 CMMC Assessment Process →2.4.1.1 Execute POA&M Review
- 21:4721:47, 5 August 2022 diff hist −65 CMMC Assessment Process →2.4.1.2 Validate OSC POA&M
- 21:4521:45, 5 August 2022 diff hist −1 CMMC Assessment Process →2.4.2 Create and Finalize and Record Recommended Final Findings
- 21:4421:44, 5 August 2022 diff hist −1 CMMC Assessment Process →2.4.3 Support Assessment Appeals Process
- 21:3721:37, 5 August 2022 diff hist +20 CMMC Assessment Process →3.2 Submit, Package, and Archive Assessment Documentation
- 21:3721:37, 5 August 2022 diff hist −2 CMMC Assessment Process →3.2 Submit, Package, and Archive Assessment Documentation
- 21:3721:37, 5 August 2022 diff hist +42 CMMC Assessment Process →3.2 Submit, Package, and Archive Assessment Documentation
- 21:3321:33, 5 August 2022 diff hist +9 CMMC Assessment Process →3.2 Submit, Package, and Archive Assessment Documentation
- 21:3121:31, 5 August 2022 diff hist +1 CMMC Assessment Process →3.2 Submit, Package, and Archive Assessment Documentation
- 21:2221:22, 5 August 2022 diff hist +24 CMMC Assessment Process →3.2 Submit, Package, and Archive Assessment Documentation
- 21:2121:21, 5 August 2022 diff hist −231 CMMC Assessment Process →3.2 Submit, Package, and Archive Assessment Documentation
- 21:1521:15, 5 August 2022 diff hist −33 CMMC Assessment Process →PHASE 3 – REPORT RECOMMENDED ASSESSMENT RESULTS
- 21:1021:10, 5 August 2022 diff hist +1 CMMC Assessment Process →3.1 Deliver Recommended Assessment Results
- 21:1021:10, 5 August 2022 diff hist −3 CMMC Assessment Process →PHASE 3 – REPORT RECOMMENDED ASSESSMENT RESULTS
- 21:0821:08, 5 August 2022 diff hist −1 CMMC Assessment Process →4.1 Perform POA&M Close-Out Assessment
- 21:0721:07, 5 August 2022 diff hist −207 CMMC Assessment Process →PHASE 4 – CLOSE-OUT POA&MS AND ASSESSMENT (IF NECESSARY)
- 21:0421:04, 5 August 2022 diff hist −742 CMMC Assessment Process →PHASE 3 – REPORT RECOMMENDED ASSESSMENT RESULTS
- 21:0121:01, 5 August 2022 diff hist −1,661 CMMC Assessment Process →PHASE 2 – CONDUCT THE ASSESSMENT
- 20:3220:32, 5 August 2022 diff hist +8 CMMC Assessment Process →PHASE 2 – CONDUCT THE ASSESSMENT
- 20:3120:31, 5 August 2022 diff hist −910 CMMC Assessment Process →1.3 Discuss Contractual Arrangements
- 20:2020:20, 5 August 2022 diff hist +42 CMMC Assessment Process →1.2 Establish Roles and Responsibilities
- 20:1920:19, 5 August 2022 diff hist −154 CMMC Assessment Process No edit summary
- 18:1818:18, 5 August 2022 diff hist −10 CMMC Assessment Process No edit summary
- 18:1718:17, 5 August 2022 diff hist −82 CMMC Assessment Process No edit summary
- 17:5717:57, 5 August 2022 diff hist −4 CAP Glossary →W
- 17:5717:57, 5 August 2022 diff hist +717 CAP Glossary →H
- 17:4017:40, 5 August 2022 diff hist +106 CAP Glossary →D
- 17:2717:27, 5 August 2022 diff hist 0 CAP Glossary →C
- 17:2717:27, 5 August 2022 diff hist 0 CAP Glossary →A
- 17:2517:25, 5 August 2022 diff hist +3 CAP Glossary →D
- 17:2517:25, 5 August 2022 diff hist +3 CAP Glossary →C
- 17:2417:24, 5 August 2022 diff hist −319 CAP Glossary →A
- 16:5316:53, 5 August 2022 diff hist +17 CAP Glossary →A
- 16:4616:46, 5 August 2022 diff hist 0 CAP Glossary →A
- 16:4616:46, 5 August 2022 diff hist −2 CAP Glossary →A
- 16:4516:45, 5 August 2022 diff hist 0 CAP Glossary →A
- 16:4516:45, 5 August 2022 diff hist −25 CAP Glossary No edit summary
- 16:4216:42, 5 August 2022 diff hist +4 CAP Glossary No edit summary
- 16:4016:40, 5 August 2022 diff hist +20,247 CAP Glossary No edit summary
- 16:3516:35, 5 August 2022 diff hist +532 N CAP Glossary Created page with "'''Source of Reference: official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Glossary] from Office of Under Secretary of Defense for Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == A == {|class="wikitable" style="width: 85%;" ! style="width: 15%"| Term ! style="width: 65%"| Description ! style="width: 20%"| Source |- |Access |Ability to make use of any information..."
- 16:3216:32, 5 August 2022 diff hist −4 MediaWiki:Sidebar No edit summary
- 16:3216:32, 5 August 2022 diff hist 0 MediaWiki:Sidebar No edit summary
- 16:3116:31, 5 August 2022 diff hist +13 MediaWiki:Sidebar No edit summary
- 16:3016:30, 5 August 2022 diff hist +60 MediaWiki:Sidebar No edit summary
- 16:2716:27, 5 August 2022 diff hist +29 MediaWiki:Sidebar No edit summary
- 16:2516:25, 5 August 2022 diff hist +58 Main Page No edit summary
- 16:2316:23, 5 August 2022 diff hist +109,935 CMMC Assessment Process No edit summary
- 16:1416:14, 5 August 2022 diff hist +1 CCP Blueprint →Task 1. Identify and apply knowledge of the Guiding Principles and Practices of the CMMC-AB Code of Professional Conduct (CoPC)/ISO/IEC/DOD requirements.
- 15:5515:55, 5 August 2022 diff hist +1,051 CMMC Assessment Process No edit summary
- 03:4403:44, 5 August 2022 diff hist +57 MediaWiki:Sidebar No edit summary
- 03:3403:34, 5 August 2022 diff hist +337 N CMMC Assessment Process Created page with "'''Source of Reference: The [https://cyberab.org/Portals/0/Documents/Process-Documents/CMMC-Assessment-Process-CAP-v1.0.pdf CMMC Assessment Process] from Cybersecurity Maturity Model Certification Accreditation Body, Inc.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you."
- 03:3103:31, 5 August 2022 diff hist +66 Main Page No edit summary
4 August 2022
- 21:3421:34, 4 August 2022 diff hist +51 CCA Blueprint →Task 1. Identify evidence verification/validation methods and objects for Practices based on the CMMC Level 2 Assessment Guide and CMMC Assessment Process (CAP) documentation.
- 21:3021:30, 4 August 2022 diff hist +19 CCA Blueprint →Task 1. Identify evidence verification/validation methods and objects for Practices based on the CMMC Level 2 Assessment Guide and CMMC Assessment Process (CAP) documentation.
- 21:2821:28, 4 August 2022 diff hist +3 CCA Blueprint →Domain 4: CMMC Levels 2 Practices
- 21:2821:28, 4 August 2022 diff hist +42 CCA Blueprint →Task 1. Identify evidence verification/validation methods and objects for Practices based on the CMMC Level 2 Assessment Guide and CMMC Assessment Process (CAP) documentation.
- 21:2521:25, 4 August 2022 diff hist +17 CCA Blueprint →Task 1. Given a scenario, apply the appropriate phases and steps to plan, prepare, conduct, and report on a CMMC Level 2 Assessment.
- 21:2321:23, 4 August 2022 diff hist +21 CCA Blueprint →Task 3. Evaluate CMMC assessment scope considerations based on the CMMC Level 2 Assessment Scoping Guide.
- 21:2121:21, 4 August 2022 diff hist +35 CCA Blueprint →Task 2. Given a scenario, analyze the CMMC Assessment Scope based on the predetermined CUI categories within the CMMC Level 2 Assessment Scoping Guide.
- 21:2021:20, 4 August 2022 diff hist +19 CCA Blueprint →Task 1. Analyze the CMMC Assessment Scope of Controlled Unclassified Information (CUI) Assets as they pertain to a CMMC assessment using the five categories of CUI assets as defined in the CMMC Level 2 Assessment Scoping Guide.
- 21:1821:18, 4 August 2022 diff hist +39 CCA Blueprint No edit summary
- 21:1421:14, 4 August 2022 diff hist +10 MediaWiki:Sidebar No edit summary
- 21:0821:08, 4 August 2022 diff hist +109 MediaWiki:Sidebar No edit summary
- 21:0521:05, 4 August 2022 diff hist +8,338 CCA Blueprint No edit summary
- 21:0421:04, 4 August 2022 diff hist +1,386 N CCA Blueprint Created page with " '''Source of Reference: The [https://cyberab.org/Portals/0/cmmc-ab-cca-blueprint-04-05-22-Final%20v3%20%28Public%29_1.pdf CCA blueprint] from Cybersecurity Maturity Model Certification Accreditation Body, Inc.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == Domains == Upon successful completion of this exam, the candidate will be able to apply skills and knowledge to the below domains: {|class="wiki..."
- 20:5920:59, 4 August 2022 diff hist 0 Main Page →Certification Guides
- 18:4318:43, 4 August 2022 diff hist +31 MediaWiki:Sidebar No edit summary
- 18:3818:38, 4 August 2022 diff hist +29 CCP Blueprint →Task 1. Demonstrate understanding of Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) in non-federal unclassified networks.
- 18:3418:34, 4 August 2022 diff hist +24 CCP Blueprint →Task 2. Determine the appropriate roles/responsibilities/authority for Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).
- 18:3318:33, 4 August 2022 diff hist +23 CCP Blueprint →Task 3. Demonstrate understanding of the CMMC Source and Supplementary documents.
- 18:2518:25, 4 August 2022 diff hist +48 CCP Blueprint →Task 1. Given a scenario, apply the appropriate CMMC Source Documents as an aid to evaluate the implementation/review of CMMC practices.
- 18:2118:21, 4 August 2022 diff hist +2 CCP Blueprint →Task 2. Apply knowledge of the CMMC Assessment Criteria and Methodology to the appropriate CMMC practices.
- 18:2018:20, 4 August 2022 diff hist +11 CCP Blueprint →Task 2. Apply knowledge of the CMMC Assessment Criteria and Methodology to the appropriate CMMC practices.
- 18:1918:19, 4 August 2022 diff hist +9 CCP Blueprint →Task 3. Analyze the adequacy/sufficiency around the location/collection/quality/usage of Evidence.
- 18:1918:19, 4 August 2022 diff hist +15 CCP Blueprint →Task 1. Choose the appropriate roles of the CCP in the CMMC Assessment Process when developing the assessment plan (Phase 1– Plan and Prepare Assessment).
- 18:1918:19, 4 August 2022 diff hist +11 CCP Blueprint →Task 2. Apply CMMC Assessment Process requirements pertaining to the role of the CCP as an assessment team member while conducting a CMMC assessment (Phase 2 – Conduct Assessment).
- 18:1818:18, 4 August 2022 diff hist +1 CCP Blueprint →Task 3. Demonstrate comprehension of the CCP role in the preparation of assessment report (Phase 3 – Report Assessment Results).
- 18:1818:18, 4 August 2022 diff hist +6 CCP Blueprint →Task 3. Demonstrate comprehension of the CCP role in the preparation of assessment report (Phase 3 – Report Assessment Results).
- 18:1618:16, 4 August 2022 diff hist +19 CCP Blueprint →Task 4. Demonstrate comprehension of the CCP role in the process of evaluating outstanding assessment issues on Plan of Action and Milestones (POA&M) (Phase 4 – Evaluation of Outstanding Assessment POA&M Items).
- 18:1618:16, 4 August 2022 diff hist +8 CCP Blueprint →Task 5. Given a scenario, determine the appropriate phases/steps to assist in the preparation/conducting/ reporting on a CMMC Level 2 Assessment.
- 18:1518:15, 4 August 2022 diff hist +12 CCP Blueprint →Task 2. Given a Scenario, analyze the organization environment to generate an appropriate scope for FCI Assets.
- 18:1418:14, 4 August 2022 diff hist +12 CCP Blueprint →Task 5. Given a scenario, determine the appropriate phases/steps to assist in the preparation/conducting/ reporting on a CMMC Level 2 Assessment.
- 18:1118:11, 4 August 2022 diff hist +45 CCP Blueprint No edit summary
- 18:0718:07, 4 August 2022 diff hist −230 CCP Blueprint No edit summary
- 18:0318:03, 4 August 2022 diff hist +2 CCP Blueprint No edit summary
- 18:0118:01, 4 August 2022 diff hist +66 CCP Blueprint No edit summary
- 17:4717:47, 4 August 2022 diff hist +24 CCP Blueprint No edit summary
- 17:4217:42, 4 August 2022 diff hist −321 CCP Blueprint No edit summary
- 17:4117:41, 4 August 2022 diff hist +176 Main Page No edit summary
- 17:3817:38, 4 August 2022 diff hist −56 CCP Blueprint No edit summary
- 17:3717:37, 4 August 2022 diff hist +61 CCP Blueprint No edit summary
- 17:3017:30, 4 August 2022 diff hist −14 CCP Blueprint No edit summary
- 17:2917:29, 4 August 2022 diff hist +8 CCP Blueprint No edit summary
- 17:2817:28, 4 August 2022 diff hist +2 CCP Blueprint No edit summary
- 17:2317:23, 4 August 2022 diff hist +35 CCP Blueprint No edit summary
- 17:1517:15, 4 August 2022 diff hist +2 CCP Blueprint No edit summary
- 17:1417:14, 4 August 2022 diff hist +14,415 N CCP Blueprint Created page with "= Certified CMMC Professional (CCP) Test Blueprint = '''Source of Reference: The [https://cyberab.org/Portals/0/cmmc-ab-ccp-blueprint-03-14-22-final-v7_2%20FINAL%20%28Public%29_1.pdf CCP blueprint] from Cybersecurity Maturity Model Certification Accreditation Body, Inc.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == DOMAINS == Opon successful completion of this exam, the candidate will be able to a..."
- 17:1417:14, 4 August 2022 diff hist −1 Main Page →Certification Guides
- 17:1317:13, 4 August 2022 diff hist 0 Main Page →External References
- 17:1317:13, 4 August 2022 diff hist +4 Main Page →Certification Guides
- 17:1317:13, 4 August 2022 diff hist +131 Main Page →Certification Guides
- 17:1117:11, 4 August 2022 diff hist −14,338 Main Page →Certified CMMC Professional (CCP) Test Blueprint Tag: Replaced
- 17:0717:07, 4 August 2022 diff hist +14,028 Main Page →Certified CMMC Professional (CCP) Exam Objectives [Under Development]
17 March 2022
- 17:2517:25, 17 March 2022 diff hist −1 Main Page No edit summary
- 17:2417:24, 17 March 2022 diff hist −2 Main Page No edit summary
- 17:1417:14, 17 March 2022 diff hist +18 Main Page →CCA Practice Quiz hosted by FlexiQuiz (Under Development)
- 17:1417:14, 17 March 2022 diff hist +3 Main Page →CCA Practice Quiz (Hosted by FlexiQuiz) [Under Development]
- 17:1317:13, 17 March 2022 diff hist −40 Main Page →CCP Practice Quiz (Hosted by FlexiQuiz) [Undergoing Testing]
- 01:3801:38, 17 March 2022 diff hist −9 Main Page No edit summary
- 01:3101:31, 17 March 2022 diff hist +207 Main Page No edit summary
16 March 2022
- 19:5719:57, 16 March 2022 diff hist −138 MediaWiki:Sidebar No edit summary
3 March 2022
- 19:4219:42, 3 March 2022 diff hist −8 MediaWiki:Sidebar No edit summary
- 01:4701:47, 3 March 2022 diff hist 0 External References No edit summary
- 01:4601:46, 3 March 2022 diff hist +2,624 N External References Created page with "Additional References: The [https://www.acq.osd.mil/cmmc/resources.html CMMC Helpful Links] page contains a variety of external links to CMMC resources throughout the DoD. For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == C == {|class="wikitable" style="width: 80%;" ! style="width: 70%"| Standards and Organizations ! style="width: 30%"| Links |- |'''CMMC Accreditation Body Website''' | * [https://cmmcab.o..."
- 00:1100:11, 3 March 2022 diff hist +51 MediaWiki:Sidebar No edit summary
- 00:0800:08, 3 March 2022 diff hist +4 Main Page No edit summary
- 00:0800:08, 3 March 2022 diff hist +55 Main Page No edit summary
28 February 2022
- 02:1802:18, 28 February 2022 diff hist 0 N File:ArtifactHashingToolFigure2.png No edit summary current
- 02:1702:17, 28 February 2022 diff hist 0 N File:ArtifactHashingToolFigure1.png No edit summary current
- 01:5701:57, 28 February 2022 diff hist −2 Artifact Hashing Tool →Process Overview
- 00:3400:34, 28 February 2022 diff hist +81 Artifact Hashing Tool →Process Overview
- 00:3000:30, 28 February 2022 diff hist +76 Artifact Hashing Tool →Process Overview
- 00:0400:04, 28 February 2022 diff hist −7 Artifact Hashing Tool →Supplemental Information
- 00:0000:00, 28 February 2022 diff hist −5 Artifact Hashing Tool →Execution of Tool
27 February 2022
- 23:5823:58, 27 February 2022 diff hist −4 Artifact Hashing Tool →Execution of Tool
- 23:5723:57, 27 February 2022 diff hist +4 Artifact Hashing Tool →Execution of Tool
- 23:5623:56, 27 February 2022 diff hist +4 Artifact Hashing Tool →Execution of Tool
- 23:5623:56, 27 February 2022 diff hist +4 Artifact Hashing Tool →Preparation
- 23:5623:56, 27 February 2022 diff hist +295 Artifact Hashing Tool →Execution of Tool
- 23:5523:55, 27 February 2022 diff hist +162 Artifact Hashing Tool →Preparation
- 23:4223:42, 27 February 2022 diff hist +384 Artifact Hashing Tool →Supplemental Information
- 05:2405:24, 27 February 2022 diff hist +193 Main Page No edit summary
- 04:5904:59, 27 February 2022 diff hist +4 Level 2 Assessment Guide No edit summary
- 04:5904:59, 27 February 2022 diff hist +4 Level 1 Assessment Guide No edit summary
- 04:5904:59, 27 February 2022 diff hist +4 Level 2 Scoping Guidance No edit summary
- 04:5904:59, 27 February 2022 diff hist +4 Level 1 Scoping Guidance No edit summary
- 04:5804:58, 27 February 2022 diff hist +4 Acronyms and Abbreviations No edit summary
- 04:5804:58, 27 February 2022 diff hist +4 Model Glossary No edit summary
- 04:5804:58, 27 February 2022 diff hist +4 Model Overview No edit summary
- 04:5804:58, 27 February 2022 diff hist +4 Main Page No edit summary
- 04:4904:49, 27 February 2022 diff hist +5 Artifact Hashing Tool →Execution of Tool
- 04:4304:43, 27 February 2022 diff hist +3,171 Artifact Hashing Tool No edit summary
- 04:2604:26, 27 February 2022 diff hist +971 Artifact Hashing Tool →Supplemental Information
- 04:2204:22, 27 February 2022 diff hist +3,871 Artifact Hashing Tool No edit summary
- 03:3203:32, 27 February 2022 diff hist −62 Artifact Hashing Tool →Appendix A: ArtifactHash.txt File Content
- 03:3103:31, 27 February 2022 diff hist +91 Artifact Hashing Tool No edit summary
- 03:2903:29, 27 February 2022 diff hist +4,392 N Artifact Hashing Tool Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html Artifact Hashing Tool User Guide] from the Office of the Under Secretary of Defense for Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == Scope and Purpose == == System Requirements == == Process Overview == == Tool Usage Process == === Preparation === === Execution of Tool === == Supp..."
- 03:0103:01, 27 February 2022 diff hist +47 MediaWiki:Sidebar No edit summary
- 03:0003:00, 27 February 2022 diff hist +2 Main Page No edit summary
- 03:0003:00, 27 February 2022 diff hist +24 Main Page No edit summary
- 00:4500:45, 27 February 2022 diff hist +3,386 Acronyms and Abbreviations No edit summary
- 00:2200:22, 27 February 2022 diff hist 0 Model Glossary →R
- 00:2100:21, 27 February 2022 diff hist +2 Model Glossary →M
26 February 2022
- 23:3923:39, 26 February 2022 diff hist +2,281 Acronyms and Abbreviations No edit summary
- 21:3021:30, 26 February 2022 diff hist +634 Acronyms and Abbreviations No edit summary
- 19:0719:07, 26 February 2022 diff hist +1,307 Acronyms and Abbreviations →C
- 18:5318:53, 26 February 2022 diff hist +52 Model Glossary No edit summary
- 18:4318:43, 26 February 2022 diff hist +54 Acronyms and Abbreviations →B
- 18:4218:42, 26 February 2022 diff hist +490 Acronyms and Abbreviations →A
- 18:1118:11, 26 February 2022 diff hist +2,519 Level 2 Scoping Guidance No edit summary
- 17:4417:44, 26 February 2022 diff hist +13,556 N Level 2 Scoping Guidance Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Scoping Guidance] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CMMC Asset Categories == The CMMC Assessment Guide – Level 2 maps contractor assets into one of five categories. Table 1 describes each asset category, contrac..."
- 17:2017:20, 26 February 2022 diff hist +18 Level 1 Scoping Guidance No edit summary
- 17:1917:19, 26 February 2022 diff hist +5,543 N Level 1 Scoping Guidance Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Scoping Guidance] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == FCI Assets == Federal Contract Information (FCI) Assets process, store, or transmit FCI as follows: * Process – FCI can be used by an asset (e.g., accessed, en..."
- 17:1117:11, 26 February 2022 diff hist +58 Main Page No edit summary
- 16:5416:54, 26 February 2022 diff hist +106 MediaWiki:Sidebar No edit summary
- 05:3105:31, 26 February 2022 diff hist +4,137 N Practice AC.L2-3.1.21 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.21 – PORTABLE STORAGE USE == === SECURITY REQUIREMENT === Limit use of portable storage devices on external systems. === ASSESSMENT OBJECTIVES === De..." current
- 05:3005:30, 26 February 2022 diff hist +4,131 N Practice AC.L2-3.1.19 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.19 – ENCRYPT CUI ON MOBILE == === SECURITY REQUIREMENT === Encrypt CUI on mobile devices and mobile computing platforms. === ASSESSMENT OBJECTIVES ==..." current
- 05:3005:30, 26 February 2022 diff hist +4,509 N Practice AC.L2-3.1.18 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.18 – MOBILE DEVICE CONNECTION == === SECURITY REQUIREMENT === Control connection of mobile devices. === ASSESSMENT OBJECTIVES === Determine if: : [a]..." current
- 05:3005:30, 26 February 2022 diff hist +5,333 N Practice AC.L2-3.1.17 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.17 – WIRELESS ACCESS PROTECTION == === SECURITY REQUIREMENT === Protect wireless access using authentication and encryption. === ASSESSMENT OBJECTIVE..." current
- 05:3005:30, 26 February 2022 diff hist +3,294 N Practice AC.L2-3.1.16 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.16 – WIRELESS ACCESS AUTHORIZATION == === SECURITY REQUIREMENT === Authorize wireless access prior to allowing such connections. === ASSESSMENT OBJEC..." current
- 05:2905:29, 26 February 2022 diff hist +4,799 N Practice AC.L2-3.1.15 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.15 – PRIVILEGED REMOTE ACCESS == === SECURITY REQUIREMENT === Authorize remote execution of privileged commands and remote access to security-relevan..." current
- 05:2905:29, 26 February 2022 diff hist +3,126 N Practice AC.L2-3.1.14 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.14 – REMOTE ACCESS ROUTING == === SECURITY REQUIREMENT === Route remote access via managed access control points. === ASSESSMENT OBJECTIVES === Deter..." current
- 05:2905:29, 26 February 2022 diff hist +4,146 N Practice AC.L2-3.1.13 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.13 – REMOTE ACCESS CONFIDENTIALITY == === SECURITY REQUIREMENT === Employ cryptographic mechanisms to protect the confidentiality of remote access se..." current
- 05:2905:29, 26 February 2022 diff hist +5,493 N Practice AC.L2-3.1.12 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.12 – CONTROL REMOTE ACCESS == === SECURITY REQUIREMENT === Monitor and control remote access sessions. === ASSESSMENT OBJECTIVES === Determine if: :..." current
- 05:2805:28, 26 February 2022 diff hist +4,188 N Practice AC.L2-3.1.11 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.11 – SESSION TERMINATION == === SECURITY REQUIREMENT === Terminate (automatically) a user session after a defined condition. === ASSESSMENT OBJECTIVE..." current
- 05:2805:28, 26 February 2022 diff hist +3,502 N Practice AC.L2-3.1.10 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.10 – SESSION LOCK == === SECURITY REQUIREMENT === Use session lock with pattern-hiding displays to prevent access and viewing of data after a period..." current
- 05:2705:27, 26 February 2022 diff hist +4,343 N Practice AC.L2-3.1.9 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.9 – PRIVACY & SECURITY NOTICES == === SECURITY REQUIREMENT === Provide privacy and security notices consistent with applicable CUI rules. === ASSESSM..." current
- 05:2705:27, 26 February 2022 diff hist +3,427 N Practice AC.L2-3.1.8 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.8 – UNSUCCESSFUL LOGON ATTEMPTS == === SECURITY REQUIREMENT === Limit unsuccessful logon attempts. === ASSESSMENT OBJECTIVES === Determine if: : [a]..." current
- 05:2705:27, 26 February 2022 diff hist +4,953 N Practice AC.L2-3.1.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.7 – PRIVILEGED FUNCTIONS == === SECURITY REQUIREMENT === Prevent non-privileged users from executing privileged functions and capture the execution o..." current
- 05:2705:27, 26 February 2022 diff hist +3,101 N Practice AC.L2-3.1.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.6 – NON-PRIVILEGED ACCOUNT USE == === SECURITY REQUIREMENT === Use non-privileged accounts or roles when accessing nonsecurity functions. === ASSESSM..." current
- 05:2605:26, 26 February 2022 diff hist +5,060 N Practice AC.L2-3.1.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.5 – LEAST PRIVILEGE == === SECURITY REQUIREMENT === Employ the principle of least privilege, including for specific security functions and privileged..." current
- 05:2605:26, 26 February 2022 diff hist +3,716 N Practice AC.L2-3.1.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.4 – SEPARATION OF DUTIES == === SECURITY REQUIREMENT === Separate the duties of individuals to reduce the risk of malevolent activity without collusi..." current
- 05:2605:26, 26 February 2022 diff hist +7,260 N Practice AC.L2-3.1.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.3 – CONTROL CUI FLOW == === SECURITY REQUIREMENT === Control the flow of CUI in accordance with approved authorizations. === ASSESSMENT OBJECTIVES ==..." current
- 03:4103:41, 26 February 2022 diff hist +3,396 N Practice AU.L2-3.3.9 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.9 – AUDIT MANAGEMENT == ===SECURITY REQUIREMENT === Limit management of audit logging functionality to a subset of privileged users. === ASSESSMENT O..." current
- 03:4103:41, 26 February 2022 diff hist +3,443 N Practice AU.L2-3.3.8 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.8 – AUDIT PROTECTION == ===SECURITY REQUIREMENT === Protect audit information and audit logging tools from unauthorized access, modification, and del..." current
- 03:4103:41, 26 February 2022 diff hist +3,538 N Practice AU.L2-3.3.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.7 – AUTHORITATIVE TIME SOURCE == ===SECURITY REQUIREMENT === Provide a system capability that compares and synchronizes internal system clocks with a..." current
- 03:4003:40, 26 February 2022 diff hist +3,845 N Practice AU.L2-3.3.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.6 – REDUCTION & REPORTING == ===SECURITY REQUIREMENT === Provide audit record reduction and report generation to support on-demand analysis and repor..." current
- 03:4003:40, 26 February 2022 diff hist +3,596 N Practice AU.L2-3.3.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.5 – AUDIT CORRELATION == ===SECURITY REQUIREMENT === Correlate audit record review, analysis, and reporting processes for investigation and response..." current
- 03:3903:39, 26 February 2022 diff hist +2 Practice AU.L2-3.3.4 Details →FURTHER DISCUSSION current
- 03:3903:39, 26 February 2022 diff hist +3,626 N Practice AU.L2-3.3.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.4 – AUDIT FAILURE ALERTING == ===SECURITY REQUIREMENT === Alert in the event of an audit logging process failure. === ASSESSMENT OBJECTIVES === Deter..."
- 03:3803:38, 26 February 2022 diff hist +3,272 N Practice AU.L2-3.3.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.3 – EVENT REVIEW == ===SECURITY REQUIREMENT === Review and update logged events. === ASSESSMENT OBJECTIVES === Determine if: : [a] a process for dete..." current
- 03:3803:38, 26 February 2022 diff hist +3,348 N Practice AU.L2-3.3.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.2 – USER ACCOUNTABILITY == ===SECURITY REQUIREMENT === Ensure that the actions of individual system users can be uniquely traced to those users so th..." current
- 03:3803:38, 26 February 2022 diff hist +6,122 N Practice AU.L2-3.3.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.1 – SYSTEM AUDITING == ===SECURITY REQUIREMENT === Create and retain system audit logs and records to the extent needed to enable the monitoring, ana..." current
- 03:3703:37, 26 February 2022 diff hist +3,849 N Practice CM.L2-3.4.9 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.9 – USER-INSTALLED SOFTWARE == ===SECURITY REQUIREMENT === Control and monitor user-installed software. === ASSESSMENT OBJECTIVES === Determine if: :..." current
- 03:3603:36, 26 February 2022 diff hist +4,818 N Practice CM.L2-3.4.8 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.8 – APPLICATION EXECUTION POLICY == ===SECURITY REQUIREMENT === Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized soft..." current
- 03:3603:36, 26 February 2022 diff hist +6,159 N Practice CM.L2-3.4.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.7 – NONESSENTIAL FUNCTIONALITY == ===SECURITY REQUIREMENT === Restrict, disable, or prevent the use of nonessential programs, functions, ports, proto..." current
- 03:3603:36, 26 February 2022 diff hist +3,900 N Practice CM.L2-3.4.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.6 – LEAST FUNCTIONALITY == ===SECURITY REQUIREMENT === Employ the principle of least functionality by configuring organizational systems to provide o..." current
- 03:3503:35, 26 February 2022 diff hist +5,729 N Practice CM.L2-3.4.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.5 – ACCESS RESTRICTIONS FOR CHANGE == ===SECURITY REQUIREMENT === Define, document, approve, and enforce physical and logical access restrictions ass..." current
- 03:3503:35, 26 February 2022 diff hist +3,256 N Practice CM.L2-3.4.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.4 – SECURITY IMPACT ANALYSIS == ===SECURITY REQUIREMENT === Analyze the security impact of changes prior to implementation. === ASSESSMENT OBJECTIVES..." current
- 03:3503:35, 26 February 2022 diff hist +4,060 N Practice CM.L2-3.4.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.3 – SYSTEM CHANGE MANAGEMENT == ===SECURITY REQUIREMENT === Track, review, approve or disapprove, and log changes to organizational systems. === ASSE..." current
- 03:3503:35, 26 February 2022 diff hist +5,186 N Practice CM.L2-3.4.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.2 – SECURITY CONFIGURATION ENFORCEMENT == ===SECURITY REQUIREMENT === Establish and enforce security configuration settings for information technolog..." current
- 03:3403:34, 26 February 2022 diff hist +6,004 N Practice CM.L2-3.4.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.1 – SYSTEM BASELINING == ===SECURITY REQUIREMENT === Establish and maintain baseline configurations and inventories of organizational systems (includ..." current
25 February 2022
- 23:2523:25, 25 February 2022 diff hist +2,738 N Practice MP.L2-3.8.9 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.9 – PROTECT BACKUPS == === SECURITY REQUIREMENT === Protect the confidentiality of backup CUI at storage locations. === ASSESSMENT OBJECTIVES === Det..." current
- 23:2523:25, 25 February 2022 diff hist +2,890 N Practice MP.L2-3.8.8 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.8 – SHARED MEDIA == === SECURITY REQUIREMENT === Prohibit the use of portable storage devices when such devices have no identifiable owner. === ASSES..." current
- 23:2523:25, 25 February 2022 diff hist +4,578 N Practice MP.L2-3.8.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.7 – REMOVEABLE MEDIA == === SECURITY REQUIREMENT === Control the use of removable media on system components. === ASSESSMENT OBJECTIVES === Determine..." current
- 23:2423:24, 25 February 2022 diff hist +3,360 N Practice MP.L2-3.8.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.6 – PORTABLE STORAGE ENCRYPTION == === SECURITY REQUIREMENT === Implement cryptographic mechanisms to protect the confidentiality of CUI stored on di..." current
- 23:2423:24, 25 February 2022 diff hist +3,915 N Practice MP.L2-3.8.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.5 – MEDIA ACCOUNTABILITY == === SECURITY REQUIREMENT === Control access to media containing CUI and maintain accountability for media during transpor..." current
- 23:2423:24, 25 February 2022 diff hist +126 Practice MP.L2-3.8.4 Details No edit summary current
- 23:2423:24, 25 February 2022 diff hist +2,738 N Practice MP.L2-3.8.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.9 – PROTECT BACKUPS == === SECURITY REQUIREMENT === Protect the confidentiality of backup CUI at storage locations. === ASSESSMENT OBJECTIVES === Det..."
- 23:2323:23, 25 February 2022 diff hist +2,727 N Practice MP.L2-3.8.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.2 – MEDIA ACCESS == === SECURITY REQUIREMENT === Limit access to CUI on system media to authorized users. === ASSESSMENT OBJECTIVES === Determine if:..." current
- 23:2323:23, 25 February 2022 diff hist +3,955 N Practice MP.L2-3.8.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.1 – MEDIA PROTECTION == === SECURITY REQUIREMENT === Protect (i.e., physically control and securely store) system media containing CUI, both paper an..." current
- 23:2323:23, 25 February 2022 diff hist +3,324 N Practice MA.L2-3.7.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.6 – MAINTENANCE PERSONNEL == === SECURITY REQUIREMENT === Supervise the maintenance activities of maintenance personnel without required access autho..." current
- 23:2223:22, 25 February 2022 diff hist +4,487 N Practice MA.L2-3.7.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.5 – NONLOCAL MAINTENANCE == === SECURITY REQUIREMENT === Require multifactor authentication to establish nonlocal maintenance sessions via external n..." current
- 23:2223:22, 25 February 2022 diff hist +3,292 N Practice MA.L2-3.7.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.4 – MEDIA INSPECTION == === SECURITY REQUIREMENT === Check media containing diagnostic and test programs for malicious code before the media are used..." current
- 23:2123:21, 25 February 2022 diff hist +3,586 N Practice MA.L2-3.7.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.3 – EQUIPMENT SANITIZATION == === SECURITY REQUIREMENT === Ensure equipment removed for off-site maintenance is sanitized of any CUI. === ASSESSMENT..." current
- 23:2123:21, 25 February 2022 diff hist +1 Practice MA.L2-3.7.1 Details No edit summary current
- 23:2023:20, 25 February 2022 diff hist +4,156 N Practice MA.L2-3.7.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.2 – SYSTEM MAINTENANCE CONTROL == === SECURITY REQUIREMENT === Provide controls on the tools, techniques, mechanisms, and personnel used to conduct s..." current
- 23:1923:19, 25 February 2022 diff hist +3,055 N Practice MA.L2-3.7.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.1 – PERFORM MAINTENANCE == === SECURITY REQUIREMENT === Perform maintenance on organizational systems.=== ASSESSMENT OBJECTIVES === Determine if: : [..."
- 20:5820:58, 25 February 2022 diff hist +2,988 N Practice IA.L2-3.5.11 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.11 – OBSCURE FEEDBACK == === SECURITY REQUIREMENT === Obscure feedback of authentication information. === ASSESSMENT OBJECTIVES === Determine if: : [..." current
- 20:5820:58, 25 February 2022 diff hist +2,524 N Practice IA.L2-3.5.10 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.10 – CRYPTOGRAPHICALLY-PROTECTED PASSWORDS == === SECURITY REQUIREMENT === Store and transmit only cryptographically-protected passwords. === ASSESSM..." current
- 20:5820:58, 25 February 2022 diff hist +2,578 N Practice IA.L2-3.5.9 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.9 – TEMPORARY PASSWORDS == === SECURITY REQUIREMENT === Allow temporary password use for system logons with an immediate change to a permanent passwo..." current
- 20:5720:57, 25 February 2022 diff hist +2,313 N Practice IA.L2-3.5.8 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.8 – PASSWORD REUSE == === SECURITY REQUIREMENT === Prohibit password reuse for a specified number of generations. === ASSESSMENT OBJECTIVES === Deter..." current
- 20:5720:57, 25 February 2022 diff hist +3,608 N Practice IA.L2-3.5.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.7 – PASSWORD COMPLEXITY == === SECURITY REQUIREMENT === Enforce a minimum password complexity and change of characters when new passwords are created..." current
- 20:5620:56, 25 February 2022 diff hist +2,863 N Practice IA.L2-3.5.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.6 – IDENTIFIER HANDLING == === SECURITY REQUIREMENT === Disable identifiers after a defined period of inactivity. === ASSESSMENT OBJECTIVES === Deter..." current
- 20:5620:56, 25 February 2022 diff hist +3,057 N Practice IA.L2-3.5.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.5 – IDENTIFIER REUSE == === SECURITY REQUIREMENT === Prevent reuse of identifiers for a defined period. === ASSESSMENT OBJECTIVES === Determine if: :..." current
- 20:5620:56, 25 February 2022 diff hist +2,760 N Practice IA.L2-3.5.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.4 – REPLAY-RESISTANT AUTHENTICATION == === SECURITY REQUIREMENT === Employ replay-resistant authentication mechanisms for network access to privilege..." current
- 20:5520:55, 25 February 2022 diff hist −3 Practice IA.L2-3.5.3 Details No edit summary current
- 20:5520:55, 25 February 2022 diff hist +5,462 N Practice IA.L2-3.5.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.3 – MULTIFACTOR AUTHENTICATION == === SECURITY REQUIREMENT === Use multifactor authentication for local and network access to privileged accounts and..."
- 20:1420:14, 25 February 2022 diff hist −43 MediaWiki:Sidebar No edit summary
- 20:1320:13, 25 February 2022 diff hist −4 Main Page No edit summary
- 03:0503:05, 25 February 2022 diff hist +4,313 N Practice SC.L2-3.13.16 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.16 – DATA AT REST == === SECURITY REQUIREMENT === Protect the confidentiality of CUI at rest. === ASSESSMENT OBJECTIVES === Determine if: : [a] the..." current
- 03:0503:05, 25 February 2022 diff hist +3,205 N Practice SC.L2-3.13.15 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.15 – COMMUNICATIONS AUTHENTICITY == === SECURITY REQUIREMENT === Protect the authenticity of communications sessions. === ASSESSMENT OBJECTIVES ===..." current
- 03:0503:05, 25 February 2022 diff hist +3,913 N Practice SC.L2-3.13.14 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.14 – VOICE OVER INTERNET PROTOCOL == === SECURITY REQUIREMENT === Control and monitor the use of Voice over Internet Protocol (VoIP) technologies. =..." current
- 03:0503:05, 25 February 2022 diff hist +4,788 N Practice SC.L2-3.13.13 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.13 – MOBILE CODE == === SECURITY REQUIREMENT === Control and monitor the use of mobile code. === ASSESSMENT OBJECTIVES === Determine if: : [a] use o..." current
- 03:0503:05, 25 February 2022 diff hist +3,515 N Practice SC.L2-3.13.12 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.12 – COLLABORATIVE DEVICE CONTROL == === SECURITY REQUIREMENT === Prohibit remote activation of collaborative computing devices and provide indicati..." current
- 03:0403:04, 25 February 2022 diff hist +3,719 N Practice SC.L2-3.13.11 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.11 – CUI ENCRYPTION == === SECURITY REQUIREMENT === Employ FIPS-validated cryptography when used to protect the confidentiality of CUI. === ASSESSME..." current
- 03:0403:04, 25 February 2022 diff hist +4,952 N Practice SC.L2-3.13.10 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.10 – KEY MANAGEMENT == === SECURITY REQUIREMENT === Establish and manage cryptographic keys for cryptography employed in organizational systems. ===..." current
- 03:0403:04, 25 February 2022 diff hist +3,212 N Practice SC.L2-3.13.9 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.9 – CONNECTIONS TERMINATION == === SECURITY REQUIREMENT === Terminate network connections associated with communications sessions at the end of the..." current
- 03:0403:04, 25 February 2022 diff hist +5,548 N Practice SC.L2-3.13.8 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.8 – DATA IN TRANSIT == === SECURITY REQUIREMENT === Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission..." current
- 03:0303:03, 25 February 2022 diff hist +3,943 N Practice SC.L2-3.13.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.7 – SPLIT TUNNELING == === SECURITY REQUIREMENT === Prevent remote devices from simultaneously establishing non-remote connections with organization..." current
- 03:0303:03, 25 February 2022 diff hist +3,462 N Practice SC.L2-3.13.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.6 – NETWORK COMMUNICATION BY EXCEPTION == === SECURITY REQUIREMENT === Deny network communications traffic by default and allow network communicatio..." current
- 03:0303:03, 25 February 2022 diff hist +3,233 N Practice SC.L2-3.13.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.4 – SHARED RESOURCE CONTROL == === SECURITY REQUIREMENT === Prevent unauthorized and unintended information transfer via shared system resources.===..." current
- 03:0203:02, 25 February 2022 diff hist +3,716 N Practice SC.L2-3.13.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.3 – ROLE SEPARATION == === SECURITY REQUIREMENT === Separate user functionality from system management functionality. === ASSESSMENT OBJECTIVES ===..." current
- 03:0203:02, 25 February 2022 diff hist +2 Practice SC.L2-3.13.2 Details →FURTHER DISCUSSION current
- 03:0203:02, 25 February 2022 diff hist +6,679 N Practice SC.L2-3.13.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.2 – SECURITY ENGINEERING == === SECURITY REQUIREMENT === Employ architectural designs, software development techniques, and systems engineering prin..."
24 February 2022
- 20:0120:01, 24 February 2022 diff hist +2 Practice AT.L2-3.2.3 Details →POTENTIAL ASSESSMENT METHODS AND OBJECTS current
- 20:0120:01, 24 February 2022 diff hist +4,637 N Practice AT.L2-3.2.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AT.L2-3.2.3 – INSIDER THREAT AWARENESS == === SECURITY REQUIREMENT === Provide security awareness training on recognizing and reporting potential indicators of..."
- 20:0120:01, 24 February 2022 diff hist +4,925 N Practice AT.L2-3.2.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AT.L2-3.2.2 – ROLE-BASED TRAINING == === SECURITY REQUIREMENT === Ensure that personnel are trained to carry out their assigned information security-related du..." current
- 20:0020:00, 24 February 2022 diff hist +4,732 N Practice AT.L2-3.2.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AT.L2-3.2.1 – ROLE-BASED RISK AWARENESS == === SECURITY REQUIREMENT === Ensure that managers, systems administrators, and users of organizational systems are m..." current
- 19:2619:26, 24 February 2022 diff hist −18 Level 2 Assessment Guide No edit summary
- 19:1019:10, 24 February 2022 diff hist +3,469 N Practice IR.L2-3.6.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IR.L2-3.6.3 – INCIDENT RESPONSE TESTING == === SECURITY REQUIREMENT === Test the organizational incident response capability. === ASSESSMENT OBJECTIVES === Det..." current
- 19:1019:10, 24 February 2022 diff hist +5,169 N Practice IR.L2-3.6.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IR.L2-3.6.2 – INCIDENT REPORTING == === SECURITY REQUIREMENT === Track, document, and report incidents to designated officials and/or authorities both internal..." current
- 19:1019:10, 24 February 2022 diff hist +6,524 N Practice IR.L2-3.6.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IR.L2-3.6.1 – INCIDENT HANDLING == === SECURITY REQUIREMENT === Establish an operational incident-handling capability for organizational systems that includes..." current
- 19:0919:09, 24 February 2022 diff hist +6,441 N Practice PS.L2-3.9.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PS.L2-3.9.2 – PERSONNEL ACTIONS == === SECURITY REQUIREMENT === Ensure that organizational systems containing CUI are protected during and after personnel acti..." current
- 19:0919:09, 24 February 2022 diff hist +2,486 N Practice PS.L2-3.9.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PS.L2-3.9.1 – SCREEN INDIVIDUALS == === SECURITY REQUIREMENT === Screen individuals prior to authorizing access to organizational systems containing CUI. === A..." current
- 18:3418:34, 24 February 2022 diff hist +3,388 N Practice RA.L2-3.11.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L2-3.11.3 – VULNERABILITY REMEDIATION == === SECURITY REQUIREMENT === Remediate vulnerabilities in accordance with risk assessments. === ASSESSMENT OBJECTIV..." current
- 18:3318:33, 24 February 2022 diff hist +7,198 N Practice RA.L2-3.11.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L2-3.11.2 – VULNERABILITY SCAN == === SECURITY REQUIREMENT === Scan for vulnerabilities in organizational systems and applications periodically and when new..." current
- 18:3318:33, 24 February 2022 diff hist +3 Practice RA.L2-3.11.1 Details →POTENTIAL ASSESSMENT METHODS AND OBJECTS current
- 18:3218:32, 24 February 2022 diff hist +5,377 N Practice RA.L2-3.11.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L2-3.11.1 – RISK ASSESSMENTS == === SECURITY REQUIREMENT === Periodically assess the risk to organizational operations (including mission, functions, image,..."
- 18:3218:32, 24 February 2022 diff hist +3,381 N Practice PE.L2-3.10.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L2-3.10.6 – ALTERNATIVE WORK SITES == === SECURITY REQUIREMENT === Enforce safeguarding measures for CUI at alternate work sites. === ASSESSMENT OBJECTIVES..." current
- 18:3118:31, 24 February 2022 diff hist +2 Practice PE.L2-3.10.2 Details →FURTHER DISCUSSION current
- 18:3118:31, 24 February 2022 diff hist +3,148 N Practice PE.L2-3.10.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L2-3.10.2 – MONITOR FACILITY == === SECURITY REQUIREMENT === Protect and monitor the physical facility and support infrastructure for organizational systems..."
- 17:4217:42, 24 February 2022 diff hist −5 Practice CA.L2-3.12.4 Details No edit summary current
- 17:4217:42, 24 February 2022 diff hist −5 Practice CA.L2-3.12.3 Details No edit summary current
- 17:4217:42, 24 February 2022 diff hist −5 Practice CA.L2-3.12.2 Details No edit summary current
- 17:4117:41, 24 February 2022 diff hist −5 Practice CA.L2-3.12.1 Details No edit summary current
- 17:2917:29, 24 February 2022 diff hist +6,472 N Practice CA.L2-3.12.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CA.L2-3.12.4 – SYSTEM SECURITY PLAN == === SECURITY REQUIREMENT === Develop, document, and periodically update system security plans that describe system..."
- 17:2917:29, 24 February 2022 diff hist +4,279 N Practice CA.L2-3.12.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CA.L2-3.12.3 – SECURITY CONTROL MONITORING == === SECURITY REQUIREMENT === Monitor security controls on an ongoing basis to ensure the continued effective..."
- 17:2917:29, 24 February 2022 diff hist +4,079 N Practice CA.L2-3.12.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CA.L2-3.12.2 – PLAN OF ACTION == === SECURITY REQUIREMENT === Develop and implement plans of action designed to correct deficiencies and reduce or elimina..."
- 17:2817:28, 24 February 2022 diff hist +4,801 N Practice CA.L2-3.12.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CA.L2-3.12.1 – SECURITY CONTROL ASSESSMENT == === SECURITY REQUIREMENT === Periodically assess the security controls in organizational systems to determin..."
- 17:2717:27, 24 February 2022 diff hist −3 Level 2 Assessment Guide →RA.L2-3.11.1 – RISK ASSESSMENTS
- 17:2717:27, 24 February 2022 diff hist −5 Level 2 Assessment Guide →RA.L2-3.11.2 – VULNERABILITY SCAN
- 17:2617:26, 24 February 2022 diff hist −1 Level 2 Assessment Guide →CA.L2-3.12.1 – SECURITY CONTROL ASSESSMENT
- 17:2617:26, 24 February 2022 diff hist −1 Level 2 Assessment Guide →CA.L2-3.12.3 – SECURITY CONTROL MONITORING
- 17:2517:25, 24 February 2022 diff hist −2 Level 2 Assessment Guide →CA.L2-3.12.2 – PLAN OF ACTION
- 17:2517:25, 24 February 2022 diff hist −5 Level 2 Assessment Guide →SC.L2-3.13.2 – SECURITY ENGINEERING
- 17:2317:23, 24 February 2022 diff hist −4 Level 2 Assessment Guide →CA.L2-3.12.4 – SYSTEM SECURITY PLAN
- 02:4502:45, 24 February 2022 diff hist +5,044 N Practice SI.L2-3.14.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L2-3.14.7 – IDENTIFY UNAUTHORIZED USE == === SECURITY REQUIREMENT === Identify unauthorized use of organizational systems. === ASSESSMENT OBJECTIVES === Det..." current
- 02:4502:45, 24 February 2022 diff hist +6,630 N Practice SI.L2-3.14.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L2-3.14.6 – MONITOR COMMUNICATIONS FOR ATTACKS == === SECURITY REQUIREMENT === Monitor organizational systems, including inbound and outbound communications..." current
- 02:4502:45, 24 February 2022 diff hist +1 Practice SI.L2-3.14.3 Details No edit summary current
- 02:4402:44, 24 February 2022 diff hist +4,490 N Practice SI.L2-3.14.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L2-3.14.3 – SECURITY ALERTS & ADVISORIES == ===SECURITY REQUIREMENT === Monitor system security alerts and advisories and take action in response. === ASSES..."
- 01:5001:50, 24 February 2022 diff hist 0 Model Overview No edit summary
- 01:5001:50, 24 February 2022 diff hist +1 Model Overview No edit summary
- 01:4901:49, 24 February 2022 diff hist +3,114 Model Overview No edit summary
- 00:2900:29, 24 February 2022 diff hist +2 Model Overview No edit summary
- 00:2700:27, 24 February 2022 diff hist +571 Model Overview No edit summary
- 00:1100:11, 24 February 2022 diff hist +3,838 N Practice SI.L1-3.14.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L1-3.14.5 – SYSTEM & FILE SCANNING == === SECURITY REQUIREMENT === Perform periodic scans of the information system and real-time scans of files from e..." current
- 00:1100:11, 24 February 2022 diff hist +3,680 N Practice SI.L1-3.14.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L1-3.14.4 – UPDATE MALICIOUS CODE PROTECTION == === SECURITY REQUIREMENT === Update malicious code protection mechanisms when new releases are availabl..." current
- 00:1000:10, 24 February 2022 diff hist +1 Practice SI.L1-3.14.2 Details No edit summary current Tag: Visual edit: Switched
- 00:1000:10, 24 February 2022 diff hist +5,229 N Practice SI.L1-3.14.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L1-3.14.2 – MALICIOUS CODE PROTECTION == === SECURITY REQUIREMENT === Provide protection from malicious code at appropriate locations within organizati..."
- 00:0900:09, 24 February 2022 diff hist +5,574 N Practice SI.L1-3.14.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L1-3.14.1 – FLAW REMEDIATION == === SECURITY REQUIREMENT === Identify, report, and correct information and information system flaws in a timely manner...." current
23 February 2022
- 23:4923:49, 23 February 2022 diff hist +3,518 N Practice SC.L1-3.13.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L1-3.13.5 – PUBLIC-ACCESS SYSTEM SEPARATION == === SECURITY REQUIREMENT === Implement subnetworks for publicly accessible system components that are ph..." current
- 23:4923:49, 23 February 2022 diff hist +6,819 N Practice SC.L1-3.13.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L1-3.13.1 – BOUNDARY PROTECTION == === SECURITY REQUIREMENT === Monitor, control, and protect organizational communications (i.e., information transmit..." current
- 23:2823:28, 23 February 2022 diff hist +3,013 N Practice PE.L1-3.10.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L1-3.10.5 – MANAGE PHYSICAL ACCESS == === SECURITY REQUIREMENT === Control and manage physical access devices. === ASSESSMENT OBJECTIVES === Determine..." current
- 23:2323:23, 23 February 2022 diff hist +3,276 N Practice PE.L1-3.10.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L1-3.10.4 – PHYSICAL ACCESS LOGS == === SECURITY REQUIREMENT === Maintain audit logs of physical access. === ASSESSMENT OBJECTIVES === Determine if: [..." current
- 23:1123:11, 23 February 2022 diff hist +2,969 N Practice PE.L1-3.10.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L1-3.10.3 – ESCORT VISITORS == === SECURITY REQUIREMENT === Escort visitors and monitor visitor activity. === ASSESSMENT OBJECTIVES === Determine if:..." current
- 23:0523:05, 23 February 2022 diff hist +1 Practice PE.L1-3.10.1 Details No edit summary current
- 23:0523:05, 23 February 2022 diff hist +4,269 N Practice PE.L1-3.10.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L1-3.10.1 – LIMIT PHYSICAL ACCESS == === SECURITY REQUIREMENT === Limit physical access to organizational information systems, equipment, and the respe..."
- 22:1422:14, 23 February 2022 diff hist +1 Practice MP.L1-3.8.3 Details No edit summary current
- 22:0722:07, 23 February 2022 diff hist +4,089 N Practice MP.L1-3.8.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L1-3.8.3 – MEDIA DISPOSAL == === SECURITY REQUIREMENT === Sanitize or destroy information system media containing Federal Contract Information before d..."
- 18:5618:56, 23 February 2022 diff hist −4 Practice IA.L1-3.5.2 Details No edit summary current
- 18:5618:56, 23 February 2022 diff hist +5,198 N Practice IA.L1-3.5.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L1-3.5.2 – AUTHENTICATION == === SECURITY REQUIREMENT === Authenticate (or verify) the identities of those users, processes, or devices, as a prerequis..."
- 18:5618:56, 23 February 2022 diff hist +3,626 N Practice IA.L1-3.5.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L1-3.5.1 – IDENTIFICATION == === SECURITY REQUIREMENT === Identify information system users, processes acting on behalf of users, or devices. === ASSES..." current
- 18:5318:53, 23 February 2022 diff hist +14 Practice AC.L1-3.1.22 Details No edit summary current
- 18:5118:51, 23 February 2022 diff hist +4 Practice AC.L1-3.1.20 Details No edit summary current