User contributions for Wikiadmin
Jump to navigation
Jump to search
4 August 2022
- 21:2821:28, 4 August 2022 diff hist +42 CCA Blueprint →Task 1. Identify evidence verification/validation methods and objects for Practices based on the CMMC Level 2 Assessment Guide and CMMC Assessment Process (CAP) documentation.
- 21:2521:25, 4 August 2022 diff hist +17 CCA Blueprint →Task 1. Given a scenario, apply the appropriate phases and steps to plan, prepare, conduct, and report on a CMMC Level 2 Assessment.
- 21:2321:23, 4 August 2022 diff hist +21 CCA Blueprint →Task 3. Evaluate CMMC assessment scope considerations based on the CMMC Level 2 Assessment Scoping Guide.
- 21:2121:21, 4 August 2022 diff hist +35 CCA Blueprint →Task 2. Given a scenario, analyze the CMMC Assessment Scope based on the predetermined CUI categories within the CMMC Level 2 Assessment Scoping Guide.
- 21:2021:20, 4 August 2022 diff hist +19 CCA Blueprint →Task 1. Analyze the CMMC Assessment Scope of Controlled Unclassified Information (CUI) Assets as they pertain to a CMMC assessment using the five categories of CUI assets as defined in the CMMC Level 2 Assessment Scoping Guide.
- 21:1821:18, 4 August 2022 diff hist +39 CCA Blueprint No edit summary
- 21:1421:14, 4 August 2022 diff hist +10 MediaWiki:Sidebar No edit summary
- 21:0821:08, 4 August 2022 diff hist +109 MediaWiki:Sidebar No edit summary
- 21:0521:05, 4 August 2022 diff hist +8,338 CCA Blueprint No edit summary
- 21:0421:04, 4 August 2022 diff hist +1,386 N CCA Blueprint Created page with " '''Source of Reference: The [https://cyberab.org/Portals/0/cmmc-ab-cca-blueprint-04-05-22-Final%20v3%20%28Public%29_1.pdf CCA blueprint] from Cybersecurity Maturity Model Certification Accreditation Body, Inc.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == Domains == Upon successful completion of this exam, the candidate will be able to apply skills and knowledge to the below domains: {|class="wiki..."
- 20:5920:59, 4 August 2022 diff hist 0 Main Page →Certification Guides
- 18:4318:43, 4 August 2022 diff hist +31 MediaWiki:Sidebar No edit summary
- 18:3818:38, 4 August 2022 diff hist +29 CCP Blueprint →Task 1. Demonstrate understanding of Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) in non-federal unclassified networks.
- 18:3418:34, 4 August 2022 diff hist +24 CCP Blueprint →Task 2. Determine the appropriate roles/responsibilities/authority for Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).
- 18:3318:33, 4 August 2022 diff hist +23 CCP Blueprint →Task 3. Demonstrate understanding of the CMMC Source and Supplementary documents.
- 18:2518:25, 4 August 2022 diff hist +48 CCP Blueprint →Task 1. Given a scenario, apply the appropriate CMMC Source Documents as an aid to evaluate the implementation/review of CMMC practices.
- 18:2118:21, 4 August 2022 diff hist +2 CCP Blueprint →Task 2. Apply knowledge of the CMMC Assessment Criteria and Methodology to the appropriate CMMC practices.
- 18:2018:20, 4 August 2022 diff hist +11 CCP Blueprint →Task 2. Apply knowledge of the CMMC Assessment Criteria and Methodology to the appropriate CMMC practices.
- 18:1918:19, 4 August 2022 diff hist +9 CCP Blueprint →Task 3. Analyze the adequacy/sufficiency around the location/collection/quality/usage of Evidence.
- 18:1918:19, 4 August 2022 diff hist +15 CCP Blueprint →Task 1. Choose the appropriate roles of the CCP in the CMMC Assessment Process when developing the assessment plan (Phase 1– Plan and Prepare Assessment).
- 18:1918:19, 4 August 2022 diff hist +11 CCP Blueprint →Task 2. Apply CMMC Assessment Process requirements pertaining to the role of the CCP as an assessment team member while conducting a CMMC assessment (Phase 2 – Conduct Assessment).
- 18:1818:18, 4 August 2022 diff hist +1 CCP Blueprint →Task 3. Demonstrate comprehension of the CCP role in the preparation of assessment report (Phase 3 – Report Assessment Results).
- 18:1818:18, 4 August 2022 diff hist +6 CCP Blueprint →Task 3. Demonstrate comprehension of the CCP role in the preparation of assessment report (Phase 3 – Report Assessment Results).
- 18:1618:16, 4 August 2022 diff hist +19 CCP Blueprint →Task 4. Demonstrate comprehension of the CCP role in the process of evaluating outstanding assessment issues on Plan of Action and Milestones (POA&M) (Phase 4 – Evaluation of Outstanding Assessment POA&M Items).
- 18:1618:16, 4 August 2022 diff hist +8 CCP Blueprint →Task 5. Given a scenario, determine the appropriate phases/steps to assist in the preparation/conducting/ reporting on a CMMC Level 2 Assessment.
- 18:1518:15, 4 August 2022 diff hist +12 CCP Blueprint →Task 2. Given a Scenario, analyze the organization environment to generate an appropriate scope for FCI Assets.
- 18:1418:14, 4 August 2022 diff hist +12 CCP Blueprint →Task 5. Given a scenario, determine the appropriate phases/steps to assist in the preparation/conducting/ reporting on a CMMC Level 2 Assessment.
- 18:1118:11, 4 August 2022 diff hist +45 CCP Blueprint No edit summary
- 18:0718:07, 4 August 2022 diff hist −230 CCP Blueprint No edit summary
- 18:0318:03, 4 August 2022 diff hist +2 CCP Blueprint No edit summary
- 18:0118:01, 4 August 2022 diff hist +66 CCP Blueprint No edit summary
- 17:4717:47, 4 August 2022 diff hist +24 CCP Blueprint No edit summary
- 17:4217:42, 4 August 2022 diff hist −321 CCP Blueprint No edit summary
- 17:4117:41, 4 August 2022 diff hist +176 Main Page No edit summary
- 17:3817:38, 4 August 2022 diff hist −56 CCP Blueprint No edit summary
- 17:3717:37, 4 August 2022 diff hist +61 CCP Blueprint No edit summary
- 17:3017:30, 4 August 2022 diff hist −14 CCP Blueprint No edit summary
- 17:2917:29, 4 August 2022 diff hist +8 CCP Blueprint No edit summary
- 17:2817:28, 4 August 2022 diff hist +2 CCP Blueprint No edit summary
- 17:2317:23, 4 August 2022 diff hist +35 CCP Blueprint No edit summary
- 17:1517:15, 4 August 2022 diff hist +2 CCP Blueprint No edit summary
- 17:1417:14, 4 August 2022 diff hist +14,415 N CCP Blueprint Created page with "= Certified CMMC Professional (CCP) Test Blueprint = '''Source of Reference: The [https://cyberab.org/Portals/0/cmmc-ab-ccp-blueprint-03-14-22-final-v7_2%20FINAL%20%28Public%29_1.pdf CCP blueprint] from Cybersecurity Maturity Model Certification Accreditation Body, Inc.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == DOMAINS == Opon successful completion of this exam, the candidate will be able to a..."
- 17:1417:14, 4 August 2022 diff hist −1 Main Page →Certification Guides
- 17:1317:13, 4 August 2022 diff hist 0 Main Page →External References
- 17:1317:13, 4 August 2022 diff hist +4 Main Page →Certification Guides
- 17:1317:13, 4 August 2022 diff hist +131 Main Page →Certification Guides
- 17:1117:11, 4 August 2022 diff hist −14,338 Main Page →Certified CMMC Professional (CCP) Test Blueprint Tag: Replaced
- 17:0717:07, 4 August 2022 diff hist +14,028 Main Page →Certified CMMC Professional (CCP) Exam Objectives [Under Development]
17 March 2022
- 17:2517:25, 17 March 2022 diff hist −1 Main Page No edit summary
- 17:2417:24, 17 March 2022 diff hist −2 Main Page No edit summary
- 17:1417:14, 17 March 2022 diff hist +18 Main Page →CCA Practice Quiz hosted by FlexiQuiz (Under Development)
- 17:1417:14, 17 March 2022 diff hist +3 Main Page →CCA Practice Quiz (Hosted by FlexiQuiz) [Under Development]
- 17:1317:13, 17 March 2022 diff hist −40 Main Page →CCP Practice Quiz (Hosted by FlexiQuiz) [Undergoing Testing]
- 01:3801:38, 17 March 2022 diff hist −9 Main Page No edit summary
- 01:3101:31, 17 March 2022 diff hist +207 Main Page No edit summary
16 March 2022
- 19:5719:57, 16 March 2022 diff hist −138 MediaWiki:Sidebar No edit summary
3 March 2022
- 19:4219:42, 3 March 2022 diff hist −8 MediaWiki:Sidebar No edit summary
- 01:4701:47, 3 March 2022 diff hist 0 External References No edit summary
- 01:4601:46, 3 March 2022 diff hist +2,624 N External References Created page with "Additional References: The [https://www.acq.osd.mil/cmmc/resources.html CMMC Helpful Links] page contains a variety of external links to CMMC resources throughout the DoD. For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == C == {|class="wikitable" style="width: 80%;" ! style="width: 70%"| Standards and Organizations ! style="width: 30%"| Links |- |'''CMMC Accreditation Body Website''' | * [https://cmmcab.o..."
- 00:1100:11, 3 March 2022 diff hist +51 MediaWiki:Sidebar No edit summary
- 00:0800:08, 3 March 2022 diff hist +4 Main Page No edit summary
- 00:0800:08, 3 March 2022 diff hist +55 Main Page No edit summary
28 February 2022
- 02:1802:18, 28 February 2022 diff hist 0 N File:ArtifactHashingToolFigure2.png No edit summary current
- 02:1702:17, 28 February 2022 diff hist 0 N File:ArtifactHashingToolFigure1.png No edit summary current
- 01:5701:57, 28 February 2022 diff hist −2 Artifact Hashing Tool →Process Overview
- 00:3400:34, 28 February 2022 diff hist +81 Artifact Hashing Tool →Process Overview
- 00:3000:30, 28 February 2022 diff hist +76 Artifact Hashing Tool →Process Overview
- 00:0400:04, 28 February 2022 diff hist −7 Artifact Hashing Tool →Supplemental Information
- 00:0000:00, 28 February 2022 diff hist −5 Artifact Hashing Tool →Execution of Tool
27 February 2022
- 23:5823:58, 27 February 2022 diff hist −4 Artifact Hashing Tool →Execution of Tool
- 23:5723:57, 27 February 2022 diff hist +4 Artifact Hashing Tool →Execution of Tool
- 23:5623:56, 27 February 2022 diff hist +4 Artifact Hashing Tool →Execution of Tool
- 23:5623:56, 27 February 2022 diff hist +4 Artifact Hashing Tool →Preparation
- 23:5623:56, 27 February 2022 diff hist +295 Artifact Hashing Tool →Execution of Tool
- 23:5523:55, 27 February 2022 diff hist +162 Artifact Hashing Tool →Preparation
- 23:4223:42, 27 February 2022 diff hist +384 Artifact Hashing Tool →Supplemental Information
- 05:2405:24, 27 February 2022 diff hist +193 Main Page No edit summary
- 04:5904:59, 27 February 2022 diff hist +4 Level 2 Assessment Guide No edit summary
- 04:5904:59, 27 February 2022 diff hist +4 Level 1 Assessment Guide No edit summary
- 04:5904:59, 27 February 2022 diff hist +4 Level 2 Scoping Guidance No edit summary
- 04:5904:59, 27 February 2022 diff hist +4 Level 1 Scoping Guidance No edit summary
- 04:5804:58, 27 February 2022 diff hist +4 Acronyms and Abbreviations No edit summary
- 04:5804:58, 27 February 2022 diff hist +4 Model Glossary No edit summary
- 04:5804:58, 27 February 2022 diff hist +4 Model Overview No edit summary
- 04:5804:58, 27 February 2022 diff hist +4 Main Page No edit summary
- 04:4904:49, 27 February 2022 diff hist +5 Artifact Hashing Tool →Execution of Tool
- 04:4304:43, 27 February 2022 diff hist +3,171 Artifact Hashing Tool No edit summary
- 04:2604:26, 27 February 2022 diff hist +971 Artifact Hashing Tool →Supplemental Information
- 04:2204:22, 27 February 2022 diff hist +3,871 Artifact Hashing Tool No edit summary
- 03:3203:32, 27 February 2022 diff hist −62 Artifact Hashing Tool →Appendix A: ArtifactHash.txt File Content
- 03:3103:31, 27 February 2022 diff hist +91 Artifact Hashing Tool No edit summary
- 03:2903:29, 27 February 2022 diff hist +4,392 N Artifact Hashing Tool Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html Artifact Hashing Tool User Guide] from the Office of the Under Secretary of Defense for Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == Scope and Purpose == == System Requirements == == Process Overview == == Tool Usage Process == === Preparation === === Execution of Tool === == Supp..."
- 03:0103:01, 27 February 2022 diff hist +47 MediaWiki:Sidebar No edit summary
- 03:0003:00, 27 February 2022 diff hist +2 Main Page No edit summary
- 03:0003:00, 27 February 2022 diff hist +24 Main Page No edit summary
- 00:4500:45, 27 February 2022 diff hist +3,386 Acronyms and Abbreviations No edit summary
- 00:2200:22, 27 February 2022 diff hist 0 Model Glossary →R
- 00:2100:21, 27 February 2022 diff hist +2 Model Glossary →M
26 February 2022
- 23:3923:39, 26 February 2022 diff hist +2,281 Acronyms and Abbreviations No edit summary
- 21:3021:30, 26 February 2022 diff hist +634 Acronyms and Abbreviations No edit summary
- 19:0719:07, 26 February 2022 diff hist +1,307 Acronyms and Abbreviations →C
- 18:5318:53, 26 February 2022 diff hist +52 Model Glossary No edit summary
- 18:4318:43, 26 February 2022 diff hist +54 Acronyms and Abbreviations →B
- 18:4218:42, 26 February 2022 diff hist +490 Acronyms and Abbreviations →A
- 18:1118:11, 26 February 2022 diff hist +2,519 Level 2 Scoping Guidance No edit summary
- 17:4417:44, 26 February 2022 diff hist +13,556 N Level 2 Scoping Guidance Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Scoping Guidance] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CMMC Asset Categories == The CMMC Assessment Guide – Level 2 maps contractor assets into one of five categories. Table 1 describes each asset category, contrac..."
- 17:2017:20, 26 February 2022 diff hist +18 Level 1 Scoping Guidance No edit summary
- 17:1917:19, 26 February 2022 diff hist +5,543 N Level 1 Scoping Guidance Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Scoping Guidance] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == FCI Assets == Federal Contract Information (FCI) Assets process, store, or transmit FCI as follows: * Process – FCI can be used by an asset (e.g., accessed, en..."
- 17:1117:11, 26 February 2022 diff hist +58 Main Page No edit summary
- 16:5416:54, 26 February 2022 diff hist +106 MediaWiki:Sidebar No edit summary
- 05:3105:31, 26 February 2022 diff hist +4,137 N Practice AC.L2-3.1.21 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.21 – PORTABLE STORAGE USE == === SECURITY REQUIREMENT === Limit use of portable storage devices on external systems. === ASSESSMENT OBJECTIVES === De..." current
- 05:3005:30, 26 February 2022 diff hist +4,131 N Practice AC.L2-3.1.19 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.19 – ENCRYPT CUI ON MOBILE == === SECURITY REQUIREMENT === Encrypt CUI on mobile devices and mobile computing platforms. === ASSESSMENT OBJECTIVES ==..." current
- 05:3005:30, 26 February 2022 diff hist +4,509 N Practice AC.L2-3.1.18 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.18 – MOBILE DEVICE CONNECTION == === SECURITY REQUIREMENT === Control connection of mobile devices. === ASSESSMENT OBJECTIVES === Determine if: : [a]..." current
- 05:3005:30, 26 February 2022 diff hist +5,333 N Practice AC.L2-3.1.17 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.17 – WIRELESS ACCESS PROTECTION == === SECURITY REQUIREMENT === Protect wireless access using authentication and encryption. === ASSESSMENT OBJECTIVE..." current
- 05:3005:30, 26 February 2022 diff hist +3,294 N Practice AC.L2-3.1.16 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.16 – WIRELESS ACCESS AUTHORIZATION == === SECURITY REQUIREMENT === Authorize wireless access prior to allowing such connections. === ASSESSMENT OBJEC..." current
- 05:2905:29, 26 February 2022 diff hist +4,799 N Practice AC.L2-3.1.15 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.15 – PRIVILEGED REMOTE ACCESS == === SECURITY REQUIREMENT === Authorize remote execution of privileged commands and remote access to security-relevan..." current
- 05:2905:29, 26 February 2022 diff hist +3,126 N Practice AC.L2-3.1.14 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.14 – REMOTE ACCESS ROUTING == === SECURITY REQUIREMENT === Route remote access via managed access control points. === ASSESSMENT OBJECTIVES === Deter..." current
- 05:2905:29, 26 February 2022 diff hist +4,146 N Practice AC.L2-3.1.13 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.13 – REMOTE ACCESS CONFIDENTIALITY == === SECURITY REQUIREMENT === Employ cryptographic mechanisms to protect the confidentiality of remote access se..." current
- 05:2905:29, 26 February 2022 diff hist +5,493 N Practice AC.L2-3.1.12 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.12 – CONTROL REMOTE ACCESS == === SECURITY REQUIREMENT === Monitor and control remote access sessions. === ASSESSMENT OBJECTIVES === Determine if: :..." current
- 05:2805:28, 26 February 2022 diff hist +4,188 N Practice AC.L2-3.1.11 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.11 – SESSION TERMINATION == === SECURITY REQUIREMENT === Terminate (automatically) a user session after a defined condition. === ASSESSMENT OBJECTIVE..." current
- 05:2805:28, 26 February 2022 diff hist +3,502 N Practice AC.L2-3.1.10 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.10 – SESSION LOCK == === SECURITY REQUIREMENT === Use session lock with pattern-hiding displays to prevent access and viewing of data after a period..." current
- 05:2705:27, 26 February 2022 diff hist +4,343 N Practice AC.L2-3.1.9 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.9 – PRIVACY & SECURITY NOTICES == === SECURITY REQUIREMENT === Provide privacy and security notices consistent with applicable CUI rules. === ASSESSM..." current
- 05:2705:27, 26 February 2022 diff hist +3,427 N Practice AC.L2-3.1.8 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.8 – UNSUCCESSFUL LOGON ATTEMPTS == === SECURITY REQUIREMENT === Limit unsuccessful logon attempts. === ASSESSMENT OBJECTIVES === Determine if: : [a]..." current
- 05:2705:27, 26 February 2022 diff hist +4,953 N Practice AC.L2-3.1.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.7 – PRIVILEGED FUNCTIONS == === SECURITY REQUIREMENT === Prevent non-privileged users from executing privileged functions and capture the execution o..." current
- 05:2705:27, 26 February 2022 diff hist +3,101 N Practice AC.L2-3.1.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.6 – NON-PRIVILEGED ACCOUNT USE == === SECURITY REQUIREMENT === Use non-privileged accounts or roles when accessing nonsecurity functions. === ASSESSM..." current
- 05:2605:26, 26 February 2022 diff hist +5,060 N Practice AC.L2-3.1.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.5 – LEAST PRIVILEGE == === SECURITY REQUIREMENT === Employ the principle of least privilege, including for specific security functions and privileged..." current
- 05:2605:26, 26 February 2022 diff hist +3,716 N Practice AC.L2-3.1.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.4 – SEPARATION OF DUTIES == === SECURITY REQUIREMENT === Separate the duties of individuals to reduce the risk of malevolent activity without collusi..." current
- 05:2605:26, 26 February 2022 diff hist +7,260 N Practice AC.L2-3.1.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.3 – CONTROL CUI FLOW == === SECURITY REQUIREMENT === Control the flow of CUI in accordance with approved authorizations. === ASSESSMENT OBJECTIVES ==..." current
- 03:4103:41, 26 February 2022 diff hist +3,396 N Practice AU.L2-3.3.9 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.9 – AUDIT MANAGEMENT == ===SECURITY REQUIREMENT === Limit management of audit logging functionality to a subset of privileged users. === ASSESSMENT O..." current
- 03:4103:41, 26 February 2022 diff hist +3,443 N Practice AU.L2-3.3.8 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.8 – AUDIT PROTECTION == ===SECURITY REQUIREMENT === Protect audit information and audit logging tools from unauthorized access, modification, and del..." current
- 03:4103:41, 26 February 2022 diff hist +3,538 N Practice AU.L2-3.3.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.7 – AUTHORITATIVE TIME SOURCE == ===SECURITY REQUIREMENT === Provide a system capability that compares and synchronizes internal system clocks with a..." current
- 03:4003:40, 26 February 2022 diff hist +3,845 N Practice AU.L2-3.3.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.6 – REDUCTION & REPORTING == ===SECURITY REQUIREMENT === Provide audit record reduction and report generation to support on-demand analysis and repor..." current
- 03:4003:40, 26 February 2022 diff hist +3,596 N Practice AU.L2-3.3.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.5 – AUDIT CORRELATION == ===SECURITY REQUIREMENT === Correlate audit record review, analysis, and reporting processes for investigation and response..." current
- 03:3903:39, 26 February 2022 diff hist +2 Practice AU.L2-3.3.4 Details →FURTHER DISCUSSION current
- 03:3903:39, 26 February 2022 diff hist +3,626 N Practice AU.L2-3.3.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.4 – AUDIT FAILURE ALERTING == ===SECURITY REQUIREMENT === Alert in the event of an audit logging process failure. === ASSESSMENT OBJECTIVES === Deter..."
- 03:3803:38, 26 February 2022 diff hist +3,272 N Practice AU.L2-3.3.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.3 – EVENT REVIEW == ===SECURITY REQUIREMENT === Review and update logged events. === ASSESSMENT OBJECTIVES === Determine if: : [a] a process for dete..." current
- 03:3803:38, 26 February 2022 diff hist +3,348 N Practice AU.L2-3.3.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.2 – USER ACCOUNTABILITY == ===SECURITY REQUIREMENT === Ensure that the actions of individual system users can be uniquely traced to those users so th..." current
- 03:3803:38, 26 February 2022 diff hist +6,122 N Practice AU.L2-3.3.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.1 – SYSTEM AUDITING == ===SECURITY REQUIREMENT === Create and retain system audit logs and records to the extent needed to enable the monitoring, ana..." current
- 03:3703:37, 26 February 2022 diff hist +3,849 N Practice CM.L2-3.4.9 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.9 – USER-INSTALLED SOFTWARE == ===SECURITY REQUIREMENT === Control and monitor user-installed software. === ASSESSMENT OBJECTIVES === Determine if: :..." current
- 03:3603:36, 26 February 2022 diff hist +4,818 N Practice CM.L2-3.4.8 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.8 – APPLICATION EXECUTION POLICY == ===SECURITY REQUIREMENT === Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized soft..." current
- 03:3603:36, 26 February 2022 diff hist +6,159 N Practice CM.L2-3.4.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.7 – NONESSENTIAL FUNCTIONALITY == ===SECURITY REQUIREMENT === Restrict, disable, or prevent the use of nonessential programs, functions, ports, proto..." current
- 03:3603:36, 26 February 2022 diff hist +3,900 N Practice CM.L2-3.4.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.6 – LEAST FUNCTIONALITY == ===SECURITY REQUIREMENT === Employ the principle of least functionality by configuring organizational systems to provide o..." current
- 03:3503:35, 26 February 2022 diff hist +5,729 N Practice CM.L2-3.4.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.5 – ACCESS RESTRICTIONS FOR CHANGE == ===SECURITY REQUIREMENT === Define, document, approve, and enforce physical and logical access restrictions ass..." current
- 03:3503:35, 26 February 2022 diff hist +3,256 N Practice CM.L2-3.4.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.4 – SECURITY IMPACT ANALYSIS == ===SECURITY REQUIREMENT === Analyze the security impact of changes prior to implementation. === ASSESSMENT OBJECTIVES..." current
- 03:3503:35, 26 February 2022 diff hist +4,060 N Practice CM.L2-3.4.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.3 – SYSTEM CHANGE MANAGEMENT == ===SECURITY REQUIREMENT === Track, review, approve or disapprove, and log changes to organizational systems. === ASSE..." current
- 03:3503:35, 26 February 2022 diff hist +5,186 N Practice CM.L2-3.4.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.2 – SECURITY CONFIGURATION ENFORCEMENT == ===SECURITY REQUIREMENT === Establish and enforce security configuration settings for information technolog..." current
- 03:3403:34, 26 February 2022 diff hist +6,004 N Practice CM.L2-3.4.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.1 – SYSTEM BASELINING == ===SECURITY REQUIREMENT === Establish and maintain baseline configurations and inventories of organizational systems (includ..." current
25 February 2022
- 23:2523:25, 25 February 2022 diff hist +2,738 N Practice MP.L2-3.8.9 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.9 – PROTECT BACKUPS == === SECURITY REQUIREMENT === Protect the confidentiality of backup CUI at storage locations. === ASSESSMENT OBJECTIVES === Det..." current
- 23:2523:25, 25 February 2022 diff hist +2,890 N Practice MP.L2-3.8.8 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.8 – SHARED MEDIA == === SECURITY REQUIREMENT === Prohibit the use of portable storage devices when such devices have no identifiable owner. === ASSES..." current
- 23:2523:25, 25 February 2022 diff hist +4,578 N Practice MP.L2-3.8.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.7 – REMOVEABLE MEDIA == === SECURITY REQUIREMENT === Control the use of removable media on system components. === ASSESSMENT OBJECTIVES === Determine..." current
- 23:2423:24, 25 February 2022 diff hist +3,360 N Practice MP.L2-3.8.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.6 – PORTABLE STORAGE ENCRYPTION == === SECURITY REQUIREMENT === Implement cryptographic mechanisms to protect the confidentiality of CUI stored on di..." current
- 23:2423:24, 25 February 2022 diff hist +3,915 N Practice MP.L2-3.8.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.5 – MEDIA ACCOUNTABILITY == === SECURITY REQUIREMENT === Control access to media containing CUI and maintain accountability for media during transpor..." current
- 23:2423:24, 25 February 2022 diff hist +126 Practice MP.L2-3.8.4 Details No edit summary current
- 23:2423:24, 25 February 2022 diff hist +2,738 N Practice MP.L2-3.8.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.9 – PROTECT BACKUPS == === SECURITY REQUIREMENT === Protect the confidentiality of backup CUI at storage locations. === ASSESSMENT OBJECTIVES === Det..."
- 23:2323:23, 25 February 2022 diff hist +2,727 N Practice MP.L2-3.8.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.2 – MEDIA ACCESS == === SECURITY REQUIREMENT === Limit access to CUI on system media to authorized users. === ASSESSMENT OBJECTIVES === Determine if:..." current
- 23:2323:23, 25 February 2022 diff hist +3,955 N Practice MP.L2-3.8.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.1 – MEDIA PROTECTION == === SECURITY REQUIREMENT === Protect (i.e., physically control and securely store) system media containing CUI, both paper an..." current
- 23:2323:23, 25 February 2022 diff hist +3,324 N Practice MA.L2-3.7.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.6 – MAINTENANCE PERSONNEL == === SECURITY REQUIREMENT === Supervise the maintenance activities of maintenance personnel without required access autho..." current
- 23:2223:22, 25 February 2022 diff hist +4,487 N Practice MA.L2-3.7.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.5 – NONLOCAL MAINTENANCE == === SECURITY REQUIREMENT === Require multifactor authentication to establish nonlocal maintenance sessions via external n..." current
- 23:2223:22, 25 February 2022 diff hist +3,292 N Practice MA.L2-3.7.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.4 – MEDIA INSPECTION == === SECURITY REQUIREMENT === Check media containing diagnostic and test programs for malicious code before the media are used..." current
- 23:2123:21, 25 February 2022 diff hist +3,586 N Practice MA.L2-3.7.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.3 – EQUIPMENT SANITIZATION == === SECURITY REQUIREMENT === Ensure equipment removed for off-site maintenance is sanitized of any CUI. === ASSESSMENT..." current
- 23:2123:21, 25 February 2022 diff hist +1 Practice MA.L2-3.7.1 Details No edit summary current
- 23:2023:20, 25 February 2022 diff hist +4,156 N Practice MA.L2-3.7.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.2 – SYSTEM MAINTENANCE CONTROL == === SECURITY REQUIREMENT === Provide controls on the tools, techniques, mechanisms, and personnel used to conduct s..." current
- 23:1923:19, 25 February 2022 diff hist +3,055 N Practice MA.L2-3.7.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.1 – PERFORM MAINTENANCE == === SECURITY REQUIREMENT === Perform maintenance on organizational systems.=== ASSESSMENT OBJECTIVES === Determine if: : [..."
- 20:5820:58, 25 February 2022 diff hist +2,988 N Practice IA.L2-3.5.11 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.11 – OBSCURE FEEDBACK == === SECURITY REQUIREMENT === Obscure feedback of authentication information. === ASSESSMENT OBJECTIVES === Determine if: : [..." current
- 20:5820:58, 25 February 2022 diff hist +2,524 N Practice IA.L2-3.5.10 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.10 – CRYPTOGRAPHICALLY-PROTECTED PASSWORDS == === SECURITY REQUIREMENT === Store and transmit only cryptographically-protected passwords. === ASSESSM..." current
- 20:5820:58, 25 February 2022 diff hist +2,578 N Practice IA.L2-3.5.9 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.9 – TEMPORARY PASSWORDS == === SECURITY REQUIREMENT === Allow temporary password use for system logons with an immediate change to a permanent passwo..." current
- 20:5720:57, 25 February 2022 diff hist +2,313 N Practice IA.L2-3.5.8 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.8 – PASSWORD REUSE == === SECURITY REQUIREMENT === Prohibit password reuse for a specified number of generations. === ASSESSMENT OBJECTIVES === Deter..." current
- 20:5720:57, 25 February 2022 diff hist +3,608 N Practice IA.L2-3.5.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.7 – PASSWORD COMPLEXITY == === SECURITY REQUIREMENT === Enforce a minimum password complexity and change of characters when new passwords are created..." current
- 20:5620:56, 25 February 2022 diff hist +2,863 N Practice IA.L2-3.5.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.6 – IDENTIFIER HANDLING == === SECURITY REQUIREMENT === Disable identifiers after a defined period of inactivity. === ASSESSMENT OBJECTIVES === Deter..." current
- 20:5620:56, 25 February 2022 diff hist +3,057 N Practice IA.L2-3.5.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.5 – IDENTIFIER REUSE == === SECURITY REQUIREMENT === Prevent reuse of identifiers for a defined period. === ASSESSMENT OBJECTIVES === Determine if: :..." current
- 20:5620:56, 25 February 2022 diff hist +2,760 N Practice IA.L2-3.5.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.4 – REPLAY-RESISTANT AUTHENTICATION == === SECURITY REQUIREMENT === Employ replay-resistant authentication mechanisms for network access to privilege..." current
- 20:5520:55, 25 February 2022 diff hist −3 Practice IA.L2-3.5.3 Details No edit summary current
- 20:5520:55, 25 February 2022 diff hist +5,462 N Practice IA.L2-3.5.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.3 – MULTIFACTOR AUTHENTICATION == === SECURITY REQUIREMENT === Use multifactor authentication for local and network access to privileged accounts and..."
- 20:1420:14, 25 February 2022 diff hist −43 MediaWiki:Sidebar No edit summary
- 20:1320:13, 25 February 2022 diff hist −4 Main Page No edit summary
- 03:0503:05, 25 February 2022 diff hist +4,313 N Practice SC.L2-3.13.16 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.16 – DATA AT REST == === SECURITY REQUIREMENT === Protect the confidentiality of CUI at rest. === ASSESSMENT OBJECTIVES === Determine if: : [a] the..." current
- 03:0503:05, 25 February 2022 diff hist +3,205 N Practice SC.L2-3.13.15 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.15 – COMMUNICATIONS AUTHENTICITY == === SECURITY REQUIREMENT === Protect the authenticity of communications sessions. === ASSESSMENT OBJECTIVES ===..." current
- 03:0503:05, 25 February 2022 diff hist +3,913 N Practice SC.L2-3.13.14 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.14 – VOICE OVER INTERNET PROTOCOL == === SECURITY REQUIREMENT === Control and monitor the use of Voice over Internet Protocol (VoIP) technologies. =..." current
- 03:0503:05, 25 February 2022 diff hist +4,788 N Practice SC.L2-3.13.13 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.13 – MOBILE CODE == === SECURITY REQUIREMENT === Control and monitor the use of mobile code. === ASSESSMENT OBJECTIVES === Determine if: : [a] use o..." current
- 03:0503:05, 25 February 2022 diff hist +3,515 N Practice SC.L2-3.13.12 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.12 – COLLABORATIVE DEVICE CONTROL == === SECURITY REQUIREMENT === Prohibit remote activation of collaborative computing devices and provide indicati..." current
- 03:0403:04, 25 February 2022 diff hist +3,719 N Practice SC.L2-3.13.11 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.11 – CUI ENCRYPTION == === SECURITY REQUIREMENT === Employ FIPS-validated cryptography when used to protect the confidentiality of CUI. === ASSESSME..." current
- 03:0403:04, 25 February 2022 diff hist +4,952 N Practice SC.L2-3.13.10 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.10 – KEY MANAGEMENT == === SECURITY REQUIREMENT === Establish and manage cryptographic keys for cryptography employed in organizational systems. ===..." current
- 03:0403:04, 25 February 2022 diff hist +3,212 N Practice SC.L2-3.13.9 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.9 – CONNECTIONS TERMINATION == === SECURITY REQUIREMENT === Terminate network connections associated with communications sessions at the end of the..." current
- 03:0403:04, 25 February 2022 diff hist +5,548 N Practice SC.L2-3.13.8 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.8 – DATA IN TRANSIT == === SECURITY REQUIREMENT === Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission..." current
- 03:0303:03, 25 February 2022 diff hist +3,943 N Practice SC.L2-3.13.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.7 – SPLIT TUNNELING == === SECURITY REQUIREMENT === Prevent remote devices from simultaneously establishing non-remote connections with organization..." current
- 03:0303:03, 25 February 2022 diff hist +3,462 N Practice SC.L2-3.13.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.6 – NETWORK COMMUNICATION BY EXCEPTION == === SECURITY REQUIREMENT === Deny network communications traffic by default and allow network communicatio..." current
- 03:0303:03, 25 February 2022 diff hist +3,233 N Practice SC.L2-3.13.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.4 – SHARED RESOURCE CONTROL == === SECURITY REQUIREMENT === Prevent unauthorized and unintended information transfer via shared system resources.===..." current
- 03:0203:02, 25 February 2022 diff hist +3,716 N Practice SC.L2-3.13.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.3 – ROLE SEPARATION == === SECURITY REQUIREMENT === Separate user functionality from system management functionality. === ASSESSMENT OBJECTIVES ===..." current
- 03:0203:02, 25 February 2022 diff hist +2 Practice SC.L2-3.13.2 Details →FURTHER DISCUSSION current
- 03:0203:02, 25 February 2022 diff hist +6,679 N Practice SC.L2-3.13.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.2 – SECURITY ENGINEERING == === SECURITY REQUIREMENT === Employ architectural designs, software development techniques, and systems engineering prin..."
24 February 2022
- 20:0120:01, 24 February 2022 diff hist +2 Practice AT.L2-3.2.3 Details →POTENTIAL ASSESSMENT METHODS AND OBJECTS current
- 20:0120:01, 24 February 2022 diff hist +4,637 N Practice AT.L2-3.2.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AT.L2-3.2.3 – INSIDER THREAT AWARENESS == === SECURITY REQUIREMENT === Provide security awareness training on recognizing and reporting potential indicators of..."
- 20:0120:01, 24 February 2022 diff hist +4,925 N Practice AT.L2-3.2.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AT.L2-3.2.2 – ROLE-BASED TRAINING == === SECURITY REQUIREMENT === Ensure that personnel are trained to carry out their assigned information security-related du..." current
- 20:0020:00, 24 February 2022 diff hist +4,732 N Practice AT.L2-3.2.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AT.L2-3.2.1 – ROLE-BASED RISK AWARENESS == === SECURITY REQUIREMENT === Ensure that managers, systems administrators, and users of organizational systems are m..." current
- 19:2619:26, 24 February 2022 diff hist −18 Level 2 Assessment Guide No edit summary
- 19:1019:10, 24 February 2022 diff hist +3,469 N Practice IR.L2-3.6.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IR.L2-3.6.3 – INCIDENT RESPONSE TESTING == === SECURITY REQUIREMENT === Test the organizational incident response capability. === ASSESSMENT OBJECTIVES === Det..." current
- 19:1019:10, 24 February 2022 diff hist +5,169 N Practice IR.L2-3.6.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IR.L2-3.6.2 – INCIDENT REPORTING == === SECURITY REQUIREMENT === Track, document, and report incidents to designated officials and/or authorities both internal..." current
- 19:1019:10, 24 February 2022 diff hist +6,524 N Practice IR.L2-3.6.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IR.L2-3.6.1 – INCIDENT HANDLING == === SECURITY REQUIREMENT === Establish an operational incident-handling capability for organizational systems that includes..." current
- 19:0919:09, 24 February 2022 diff hist +6,441 N Practice PS.L2-3.9.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PS.L2-3.9.2 – PERSONNEL ACTIONS == === SECURITY REQUIREMENT === Ensure that organizational systems containing CUI are protected during and after personnel acti..." current
- 19:0919:09, 24 February 2022 diff hist +2,486 N Practice PS.L2-3.9.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PS.L2-3.9.1 – SCREEN INDIVIDUALS == === SECURITY REQUIREMENT === Screen individuals prior to authorizing access to organizational systems containing CUI. === A..." current
- 18:3418:34, 24 February 2022 diff hist +3,388 N Practice RA.L2-3.11.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L2-3.11.3 – VULNERABILITY REMEDIATION == === SECURITY REQUIREMENT === Remediate vulnerabilities in accordance with risk assessments. === ASSESSMENT OBJECTIV..." current
- 18:3318:33, 24 February 2022 diff hist +7,198 N Practice RA.L2-3.11.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L2-3.11.2 – VULNERABILITY SCAN == === SECURITY REQUIREMENT === Scan for vulnerabilities in organizational systems and applications periodically and when new..." current
- 18:3318:33, 24 February 2022 diff hist +3 Practice RA.L2-3.11.1 Details →POTENTIAL ASSESSMENT METHODS AND OBJECTS current
- 18:3218:32, 24 February 2022 diff hist +5,377 N Practice RA.L2-3.11.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L2-3.11.1 – RISK ASSESSMENTS == === SECURITY REQUIREMENT === Periodically assess the risk to organizational operations (including mission, functions, image,..."
- 18:3218:32, 24 February 2022 diff hist +3,381 N Practice PE.L2-3.10.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L2-3.10.6 – ALTERNATIVE WORK SITES == === SECURITY REQUIREMENT === Enforce safeguarding measures for CUI at alternate work sites. === ASSESSMENT OBJECTIVES..." current
- 18:3118:31, 24 February 2022 diff hist +2 Practice PE.L2-3.10.2 Details →FURTHER DISCUSSION current
- 18:3118:31, 24 February 2022 diff hist +3,148 N Practice PE.L2-3.10.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L2-3.10.2 – MONITOR FACILITY == === SECURITY REQUIREMENT === Protect and monitor the physical facility and support infrastructure for organizational systems..."
- 17:4217:42, 24 February 2022 diff hist −5 Practice CA.L2-3.12.4 Details No edit summary current
- 17:4217:42, 24 February 2022 diff hist −5 Practice CA.L2-3.12.3 Details No edit summary current
- 17:4217:42, 24 February 2022 diff hist −5 Practice CA.L2-3.12.2 Details No edit summary current
- 17:4117:41, 24 February 2022 diff hist −5 Practice CA.L2-3.12.1 Details No edit summary current
- 17:2917:29, 24 February 2022 diff hist +6,472 N Practice CA.L2-3.12.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CA.L2-3.12.4 – SYSTEM SECURITY PLAN == === SECURITY REQUIREMENT === Develop, document, and periodically update system security plans that describe system..."
- 17:2917:29, 24 February 2022 diff hist +4,279 N Practice CA.L2-3.12.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CA.L2-3.12.3 – SECURITY CONTROL MONITORING == === SECURITY REQUIREMENT === Monitor security controls on an ongoing basis to ensure the continued effective..."
- 17:2917:29, 24 February 2022 diff hist +4,079 N Practice CA.L2-3.12.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CA.L2-3.12.2 – PLAN OF ACTION == === SECURITY REQUIREMENT === Develop and implement plans of action designed to correct deficiencies and reduce or elimina..."
- 17:2817:28, 24 February 2022 diff hist +4,801 N Practice CA.L2-3.12.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CA.L2-3.12.1 – SECURITY CONTROL ASSESSMENT == === SECURITY REQUIREMENT === Periodically assess the security controls in organizational systems to determin..."
- 17:2717:27, 24 February 2022 diff hist −3 Level 2 Assessment Guide →RA.L2-3.11.1 – RISK ASSESSMENTS
- 17:2717:27, 24 February 2022 diff hist −5 Level 2 Assessment Guide →RA.L2-3.11.2 – VULNERABILITY SCAN
- 17:2617:26, 24 February 2022 diff hist −1 Level 2 Assessment Guide →CA.L2-3.12.1 – SECURITY CONTROL ASSESSMENT
- 17:2617:26, 24 February 2022 diff hist −1 Level 2 Assessment Guide →CA.L2-3.12.3 – SECURITY CONTROL MONITORING
- 17:2517:25, 24 February 2022 diff hist −2 Level 2 Assessment Guide →CA.L2-3.12.2 – PLAN OF ACTION
- 17:2517:25, 24 February 2022 diff hist −5 Level 2 Assessment Guide →SC.L2-3.13.2 – SECURITY ENGINEERING
- 17:2317:23, 24 February 2022 diff hist −4 Level 2 Assessment Guide →CA.L2-3.12.4 – SYSTEM SECURITY PLAN
- 02:4502:45, 24 February 2022 diff hist +5,044 N Practice SI.L2-3.14.7 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L2-3.14.7 – IDENTIFY UNAUTHORIZED USE == === SECURITY REQUIREMENT === Identify unauthorized use of organizational systems. === ASSESSMENT OBJECTIVES === Det..." current
- 02:4502:45, 24 February 2022 diff hist +6,630 N Practice SI.L2-3.14.6 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L2-3.14.6 – MONITOR COMMUNICATIONS FOR ATTACKS == === SECURITY REQUIREMENT === Monitor organizational systems, including inbound and outbound communications..." current
- 02:4502:45, 24 February 2022 diff hist +1 Practice SI.L2-3.14.3 Details No edit summary current
- 02:4402:44, 24 February 2022 diff hist +4,490 N Practice SI.L2-3.14.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L2-3.14.3 – SECURITY ALERTS & ADVISORIES == ===SECURITY REQUIREMENT === Monitor system security alerts and advisories and take action in response. === ASSES..."
- 01:5001:50, 24 February 2022 diff hist 0 Model Overview No edit summary
- 01:5001:50, 24 February 2022 diff hist +1 Model Overview No edit summary
- 01:4901:49, 24 February 2022 diff hist +3,114 Model Overview No edit summary
- 00:2900:29, 24 February 2022 diff hist +2 Model Overview No edit summary
- 00:2700:27, 24 February 2022 diff hist +571 Model Overview No edit summary
- 00:1100:11, 24 February 2022 diff hist +3,838 N Practice SI.L1-3.14.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L1-3.14.5 – SYSTEM & FILE SCANNING == === SECURITY REQUIREMENT === Perform periodic scans of the information system and real-time scans of files from e..." current
- 00:1100:11, 24 February 2022 diff hist +3,680 N Practice SI.L1-3.14.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L1-3.14.4 – UPDATE MALICIOUS CODE PROTECTION == === SECURITY REQUIREMENT === Update malicious code protection mechanisms when new releases are availabl..." current
- 00:1000:10, 24 February 2022 diff hist +1 Practice SI.L1-3.14.2 Details No edit summary current Tag: Visual edit: Switched
- 00:1000:10, 24 February 2022 diff hist +5,229 N Practice SI.L1-3.14.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L1-3.14.2 – MALICIOUS CODE PROTECTION == === SECURITY REQUIREMENT === Provide protection from malicious code at appropriate locations within organizati..."
- 00:0900:09, 24 February 2022 diff hist +5,574 N Practice SI.L1-3.14.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L1-3.14.1 – FLAW REMEDIATION == === SECURITY REQUIREMENT === Identify, report, and correct information and information system flaws in a timely manner...." current
23 February 2022
- 23:4923:49, 23 February 2022 diff hist +3,518 N Practice SC.L1-3.13.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L1-3.13.5 – PUBLIC-ACCESS SYSTEM SEPARATION == === SECURITY REQUIREMENT === Implement subnetworks for publicly accessible system components that are ph..." current
- 23:4923:49, 23 February 2022 diff hist +6,819 N Practice SC.L1-3.13.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L1-3.13.1 – BOUNDARY PROTECTION == === SECURITY REQUIREMENT === Monitor, control, and protect organizational communications (i.e., information transmit..." current
- 23:2823:28, 23 February 2022 diff hist +3,013 N Practice PE.L1-3.10.5 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L1-3.10.5 – MANAGE PHYSICAL ACCESS == === SECURITY REQUIREMENT === Control and manage physical access devices. === ASSESSMENT OBJECTIVES === Determine..." current
- 23:2323:23, 23 February 2022 diff hist +3,276 N Practice PE.L1-3.10.4 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L1-3.10.4 – PHYSICAL ACCESS LOGS == === SECURITY REQUIREMENT === Maintain audit logs of physical access. === ASSESSMENT OBJECTIVES === Determine if: [..." current
- 23:1123:11, 23 February 2022 diff hist +2,969 N Practice PE.L1-3.10.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L1-3.10.3 – ESCORT VISITORS == === SECURITY REQUIREMENT === Escort visitors and monitor visitor activity. === ASSESSMENT OBJECTIVES === Determine if:..." current
- 23:0523:05, 23 February 2022 diff hist +1 Practice PE.L1-3.10.1 Details No edit summary current
- 23:0523:05, 23 February 2022 diff hist +4,269 N Practice PE.L1-3.10.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L1-3.10.1 – LIMIT PHYSICAL ACCESS == === SECURITY REQUIREMENT === Limit physical access to organizational information systems, equipment, and the respe..."
- 22:1422:14, 23 February 2022 diff hist +1 Practice MP.L1-3.8.3 Details No edit summary current
- 22:0722:07, 23 February 2022 diff hist +4,089 N Practice MP.L1-3.8.3 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L1-3.8.3 – MEDIA DISPOSAL == === SECURITY REQUIREMENT === Sanitize or destroy information system media containing Federal Contract Information before d..."
- 18:5618:56, 23 February 2022 diff hist −4 Practice IA.L1-3.5.2 Details No edit summary current
- 18:5618:56, 23 February 2022 diff hist +5,198 N Practice IA.L1-3.5.2 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L1-3.5.2 – AUTHENTICATION == === SECURITY REQUIREMENT === Authenticate (or verify) the identities of those users, processes, or devices, as a prerequis..."
- 18:5618:56, 23 February 2022 diff hist +3,626 N Practice IA.L1-3.5.1 Details Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L1-3.5.1 – IDENTIFICATION == === SECURITY REQUIREMENT === Identify information system users, processes acting on behalf of users, or devices. === ASSES..." current
- 18:5318:53, 23 February 2022 diff hist +14 Practice AC.L1-3.1.22 Details No edit summary current
- 18:5118:51, 23 February 2022 diff hist +4 Practice AC.L1-3.1.20 Details No edit summary current