All public logs

Combined display of all available logs of CMMC Toolkit Wiki. You can narrow down the view by selecting a log type, the username (case-sensitive), or the affected page (also case-sensitive).

12:52, 10 April 2024 Wikiadmin talk contribs deleted page Quiz Instructions (content was: "'''CMMC Certification Practice Quiz Instructions''' The practice quiz will have questions drawn randomly from the questions bank. There is NO pass, fail, or any sort of grading after taking the quiz. At the end of the quiz, you can review your answers. Once you have exited the review process, you will not be able to go back and check on it again. You are welcome to re...", and the only contributor was "Wikiadmin" (talk))
21:08, 9 April 2023 Wikiadmin talk contribs moved page Function and Category Identifiers to CSF Identifiers without leaving a redirect
20:35, 9 April 2023 Wikiadmin talk contribs created page Function and Category Identifiers (Created page with "{|class="wikitable" style="width: 85%;" ! style="width: 15%"| Function Unique Identifier ! style="width: 15%"| Function ! style="width: 20%"| Category Unique Identifier ! style="width: 50%"| Category |- |colspan="4"|Assets that are in the CMMC Assessment Scope |- |'''Controlled Unclassified Information (CUI) Assets''' | * Assets that process, store, or transmit CUI |rowspan="2"| * Document in the asset inventory * Document in the System Security Plan (SSP) * Document in...")
20:09, 9 April 2023 Wikiadmin talk contribs created page CSF Acronyms (Created page with "'''Source of Reference: official [https://www.nist.gov/cyberframework/online-learning/components-framework Cybersecurity Framework Components] from National Institute of Standards and Technology (NIST).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == A == {| |ANSI||American National Standards Institute |} == C == {| |CEA||Cybersecurity Enhancement Act of 2014 |- CIS||Center for Internet Security |-...")
19:18, 9 April 2023 Wikiadmin talk contribs created page CSF Glossary (Created page with "'''Source of Reference: official [https://www.nist.gov/cyberframework/online-learning/components-framework Cybersecurity Framework Components] from National Institute of Standards and Technology (NIST).''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == B == {|class="wikitable" style="width: 85%;" ! style="width: 30%"| Term ! style="width: 70%"| Description |- |Buyer |The people or organizations that co...")
23:08, 31 January 2023 Wikiadmin talk contribs created page MediaWiki:Mobile.js (Created page with "Any JavaScript here will be loaded when viewing the website via a mobile frontend.:  <script async src="https://www.googletagmanager.com/gtag/js?id=G-LPDL819PSZ"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-LPDL819PSZ'); </script>")
15:37, 28 January 2023 Wikiadmin talk contribs created page MediaWiki:Common.js (Created page with "Any JavaScript here will be loaded for all users on every page load.:  <script async src="https://www.googletagmanager.com/gtag/js?id=G-LPDL819PSZ"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-LPDL819PSZ'); </script>")
20:34, 23 August 2022 Wikiadmin talk contribs created page DoD Assessment Methodology (Created page with "'''Source of Reference: The [https://www.acq.osd.mil/asda/dpc/cp/cyber/docs/safeguarding/NIST-SP-800-171-Assessment-Methodology-Version-1.2.1-6.24.2020.pdf NIST SP 800-171 DoD Assessment Methodology] from [https://www.acq.osd.mil/asda/dpc/cp/cyber/safeguarding.html#nistSP800171 U.S. Department of Defense Website]''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. = NIST SP 800-171 DoD Assessment Scoring Te...")
16:35, 5 August 2022 Wikiadmin talk contribs created page CAP Glossary (Created page with "'''Source of Reference: official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Glossary] from Office of Under Secretary of Defense for Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == A == {|class="wikitable" style="width: 85%;" ! style="width: 15%"| Term ! style="width: 65%"| Description ! style="width: 20%"| Source |- |Access |Ability to make use of any information...")
03:34, 5 August 2022 Wikiadmin talk contribs created page CMMC Assessment Process (Created page with "'''Source of Reference: The [https://cyberab.org/Portals/0/Documents/Process-Documents/CMMC-Assessment-Process-CAP-v1.0.pdf CMMC Assessment Process] from Cybersecurity Maturity Model Certification Accreditation Body, Inc.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you.")
21:04, 4 August 2022 Wikiadmin talk contribs created page CCA Blueprint (Created page with " '''Source of Reference: The [https://cyberab.org/Portals/0/cmmc-ab-cca-blueprint-04-05-22-Final%20v3%20%28Public%29_1.pdf CCA blueprint] from Cybersecurity Maturity Model Certification Accreditation Body, Inc.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == Domains == Upon successful completion of this exam, the candidate will be able to apply skills and knowledge to the below domains: {|class="wiki...")
17:14, 4 August 2022 Wikiadmin talk contribs created page CCP Blueprint (Created page with "= Certified CMMC Professional (CCP) Test Blueprint = '''Source of Reference: The [https://cyberab.org/Portals/0/cmmc-ab-ccp-blueprint-03-14-22-final-v7_2%20FINAL%20%28Public%29_1.pdf CCP blueprint] from Cybersecurity Maturity Model Certification Accreditation Body, Inc.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == DOMAINS == Opon successful completion of this exam, the candidate will be able to a...")
17:23, 17 March 2022 Wikiadmin talk contribs created page Quiz Instructions (Created page with "== '''CMMC Certification Practice Quiz Instructions''' == The practice quiz will have 30 questions drawn randomly from the questions bank. The maximum time allowed to complete the quiz is 60 minutes. === [https://www.flexiquiz.com/SC/N/cmmc-wiki-ccp-practice-quiz Click here to take the CCP quiz] (Hosted by FlexiQuiz) === === The CCA quiz is currently under development. ===")
01:46, 3 March 2022 Wikiadmin talk contribs created page External References (Created page with "Additional References: The [https://www.acq.osd.mil/cmmc/resources.html CMMC Helpful Links] page contains a variety of external links to CMMC resources throughout the DoD. For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == C == {|class="wikitable" style="width: 80%;" ! style="width: 70%"| Standards and Organizations ! style="width: 30%"| Links |- |'''CMMC Accreditation Body Website''' | * [https://cmmcab.o...")
02:18, 28 February 2022 Wikiadmin talk contribs uploaded File:ArtifactHashingToolFigure2.png
02:18, 28 February 2022 Wikiadmin talk contribs created page File:ArtifactHashingToolFigure2.png
02:17, 28 February 2022 Wikiadmin talk contribs uploaded File:ArtifactHashingToolFigure1.png
02:17, 28 February 2022 Wikiadmin talk contribs created page File:ArtifactHashingToolFigure1.png
05:49, 27 February 2022 Wikiadmin talk contribs deleted page CCP Exam Objectives (content was: "<strong>Official CMMC Reference Source: [https://www.acq.osd.mil/cmmc/index.html DoD CMMC Framework]</strong> This web page contains links that might be helpful to studying for the CMMC certification exams. Official information on the Certified CMMC Professional certification can be found on the [https://cmmcab.org/certified-cmmc-professional-ccp/ CMMC AB website]. For...", and the only contributor was "Wikiadmin" (talk))
03:29, 27 February 2022 Wikiadmin talk contribs created page Artifact Hashing Tool (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html Artifact Hashing Tool User Guide] from the Office of the Under Secretary of Defense for Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == Scope and Purpose == == System Requirements == == Process Overview == == Tool Usage Process == === Preparation === === Execution of Tool === == Supp...")
17:44, 26 February 2022 Wikiadmin talk contribs created page Level 2 Scoping Guidance (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Scoping Guidance] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CMMC Asset Categories == The CMMC Assessment Guide – Level 2 maps contractor assets into one of five categories. Table 1 describes each asset category, contrac...")
17:19, 26 February 2022 Wikiadmin talk contribs created page Level 1 Scoping Guidance (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Scoping Guidance] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == FCI Assets == Federal Contract Information (FCI) Assets process, store, or transmit FCI as follows: * Process – FCI can be used by an asset (e.g., accessed, en...")
05:31, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.21 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.21 – PORTABLE STORAGE USE == === SECURITY REQUIREMENT === Limit use of portable storage devices on external systems. === ASSESSMENT OBJECTIVES === De...")
05:30, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.19 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.19 – ENCRYPT CUI ON MOBILE == === SECURITY REQUIREMENT === Encrypt CUI on mobile devices and mobile computing platforms. === ASSESSMENT OBJECTIVES ==...")
05:30, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.18 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.18 – MOBILE DEVICE CONNECTION == === SECURITY REQUIREMENT === Control connection of mobile devices. === ASSESSMENT OBJECTIVES === Determine if: : [a]...")
05:30, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.17 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.17 – WIRELESS ACCESS PROTECTION == === SECURITY REQUIREMENT === Protect wireless access using authentication and encryption. === ASSESSMENT OBJECTIVE...")
05:30, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.16 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.16 – WIRELESS ACCESS AUTHORIZATION == === SECURITY REQUIREMENT === Authorize wireless access prior to allowing such connections. === ASSESSMENT OBJEC...")
05:29, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.15 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.15 – PRIVILEGED REMOTE ACCESS == === SECURITY REQUIREMENT === Authorize remote execution of privileged commands and remote access to security-relevan...")
05:29, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.14 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.14 – REMOTE ACCESS ROUTING == === SECURITY REQUIREMENT === Route remote access via managed access control points. === ASSESSMENT OBJECTIVES === Deter...")
05:29, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.13 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.13 – REMOTE ACCESS CONFIDENTIALITY == === SECURITY REQUIREMENT === Employ cryptographic mechanisms to protect the confidentiality of remote access se...")
05:29, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.12 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.12 – CONTROL REMOTE ACCESS == === SECURITY REQUIREMENT === Monitor and control remote access sessions. === ASSESSMENT OBJECTIVES === Determine if: :...")
05:28, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.11 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.11 – SESSION TERMINATION == === SECURITY REQUIREMENT === Terminate (automatically) a user session after a defined condition. === ASSESSMENT OBJECTIVE...")
05:28, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.10 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.10 – SESSION LOCK == === SECURITY REQUIREMENT === Use session lock with pattern-hiding displays to prevent access and viewing of data after a period...")
05:27, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.9 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.9 – PRIVACY & SECURITY NOTICES == === SECURITY REQUIREMENT === Provide privacy and security notices consistent with applicable CUI rules. === ASSESSM...")
05:27, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.8 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.8 – UNSUCCESSFUL LOGON ATTEMPTS == === SECURITY REQUIREMENT === Limit unsuccessful logon attempts. === ASSESSMENT OBJECTIVES === Determine if: : [a]...")
05:27, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.7 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.7 – PRIVILEGED FUNCTIONS == === SECURITY REQUIREMENT === Prevent non-privileged users from executing privileged functions and capture the execution o...")
05:27, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.6 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.6 – NON-PRIVILEGED ACCOUNT USE == === SECURITY REQUIREMENT === Use non-privileged accounts or roles when accessing nonsecurity functions. === ASSESSM...")
05:26, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.5 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.5 – LEAST PRIVILEGE == === SECURITY REQUIREMENT === Employ the principle of least privilege, including for specific security functions and privileged...")
05:26, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.4 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.4 – SEPARATION OF DUTIES == === SECURITY REQUIREMENT === Separate the duties of individuals to reduce the risk of malevolent activity without collusi...")
05:26, 26 February 2022 Wikiadmin talk contribs created page Practice AC.L2-3.1.3 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AC.L2-3.1.3 – CONTROL CUI FLOW == === SECURITY REQUIREMENT === Control the flow of CUI in accordance with approved authorizations. === ASSESSMENT OBJECTIVES ==...")
03:42, 26 February 2022 Wikiadmin talk contribs deleted page Level2 Assessment Guide (content before blanking was: "'''Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' == Access Control (AC) == === Level 1 AC Practices === ==== AC.L1-3.1.1 – AUTHORIZED ACCESS CONTROL ==== {|class="wikitable" |- |'''SECURITY REQUIREMENT''' Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (includi...")
03:41, 26 February 2022 Wikiadmin talk contribs created page Practice AU.L2-3.3.9 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.9 – AUDIT MANAGEMENT == ===SECURITY REQUIREMENT === Limit management of audit logging functionality to a subset of privileged users. === ASSESSMENT O...")
03:41, 26 February 2022 Wikiadmin talk contribs created page Practice AU.L2-3.3.8 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.8 – AUDIT PROTECTION == ===SECURITY REQUIREMENT === Protect audit information and audit logging tools from unauthorized access, modification, and del...")
03:41, 26 February 2022 Wikiadmin talk contribs created page Practice AU.L2-3.3.7 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.7 – AUTHORITATIVE TIME SOURCE == ===SECURITY REQUIREMENT === Provide a system capability that compares and synchronizes internal system clocks with a...")
03:40, 26 February 2022 Wikiadmin talk contribs created page Practice AU.L2-3.3.6 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.6 – REDUCTION & REPORTING == ===SECURITY REQUIREMENT === Provide audit record reduction and report generation to support on-demand analysis and repor...")
03:40, 26 February 2022 Wikiadmin talk contribs created page Practice AU.L2-3.3.5 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.5 – AUDIT CORRELATION == ===SECURITY REQUIREMENT === Correlate audit record review, analysis, and reporting processes for investigation and response...")
03:39, 26 February 2022 Wikiadmin talk contribs created page Practice AU.L2-3.3.4 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.4 – AUDIT FAILURE ALERTING == ===SECURITY REQUIREMENT === Alert in the event of an audit logging process failure. === ASSESSMENT OBJECTIVES === Deter...")
03:38, 26 February 2022 Wikiadmin talk contribs created page Practice AU.L2-3.3.3 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.3 – EVENT REVIEW == ===SECURITY REQUIREMENT === Review and update logged events. === ASSESSMENT OBJECTIVES === Determine if: : [a] a process for dete...")
03:38, 26 February 2022 Wikiadmin talk contribs created page Practice AU.L2-3.3.2 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.2 – USER ACCOUNTABILITY == ===SECURITY REQUIREMENT === Ensure that the actions of individual system users can be uniquely traced to those users so th...")
03:38, 26 February 2022 Wikiadmin talk contribs created page Practice AU.L2-3.3.1 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AU.L2-3.3.1 – SYSTEM AUDITING == ===SECURITY REQUIREMENT === Create and retain system audit logs and records to the extent needed to enable the monitoring, ana...")
03:37, 26 February 2022 Wikiadmin talk contribs created page Practice CM.L2-3.4.9 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.9 – USER-INSTALLED SOFTWARE == ===SECURITY REQUIREMENT === Control and monitor user-installed software. === ASSESSMENT OBJECTIVES === Determine if: :...")
03:36, 26 February 2022 Wikiadmin talk contribs created page Practice CM.L2-3.4.8 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.8 – APPLICATION EXECUTION POLICY == ===SECURITY REQUIREMENT === Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized soft...")
03:36, 26 February 2022 Wikiadmin talk contribs created page Practice CM.L2-3.4.7 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.7 – NONESSENTIAL FUNCTIONALITY == ===SECURITY REQUIREMENT === Restrict, disable, or prevent the use of nonessential programs, functions, ports, proto...")
03:36, 26 February 2022 Wikiadmin talk contribs created page Practice CM.L2-3.4.6 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.6 – LEAST FUNCTIONALITY == ===SECURITY REQUIREMENT === Employ the principle of least functionality by configuring organizational systems to provide o...")
03:35, 26 February 2022 Wikiadmin talk contribs created page Practice CM.L2-3.4.5 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.5 – ACCESS RESTRICTIONS FOR CHANGE == ===SECURITY REQUIREMENT === Define, document, approve, and enforce physical and logical access restrictions ass...")
03:35, 26 February 2022 Wikiadmin talk contribs created page Practice CM.L2-3.4.4 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.4 – SECURITY IMPACT ANALYSIS == ===SECURITY REQUIREMENT === Analyze the security impact of changes prior to implementation. === ASSESSMENT OBJECTIVES...")
03:35, 26 February 2022 Wikiadmin talk contribs created page Practice CM.L2-3.4.3 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.3 – SYSTEM CHANGE MANAGEMENT == ===SECURITY REQUIREMENT === Track, review, approve or disapprove, and log changes to organizational systems. === ASSE...")
03:35, 26 February 2022 Wikiadmin talk contribs created page Practice CM.L2-3.4.2 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.2 – SECURITY CONFIGURATION ENFORCEMENT == ===SECURITY REQUIREMENT === Establish and enforce security configuration settings for information technolog...")
03:34, 26 February 2022 Wikiadmin talk contribs created page Practice CM.L2-3.4.1 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CM.L2-3.4.1 – SYSTEM BASELINING == ===SECURITY REQUIREMENT === Establish and maintain baseline configurations and inventories of organizational systems (includ...")
23:25, 25 February 2022 Wikiadmin talk contribs created page Practice MP.L2-3.8.9 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.9 – PROTECT BACKUPS == === SECURITY REQUIREMENT === Protect the confidentiality of backup CUI at storage locations. === ASSESSMENT OBJECTIVES === Det...")
23:25, 25 February 2022 Wikiadmin talk contribs created page Practice MP.L2-3.8.8 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.8 – SHARED MEDIA == === SECURITY REQUIREMENT === Prohibit the use of portable storage devices when such devices have no identifiable owner. === ASSES...")
23:25, 25 February 2022 Wikiadmin talk contribs created page Practice MP.L2-3.8.7 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.7 – REMOVEABLE MEDIA == === SECURITY REQUIREMENT === Control the use of removable media on system components. === ASSESSMENT OBJECTIVES === Determine...")
23:24, 25 February 2022 Wikiadmin talk contribs created page Practice MP.L2-3.8.6 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.6 – PORTABLE STORAGE ENCRYPTION == === SECURITY REQUIREMENT === Implement cryptographic mechanisms to protect the confidentiality of CUI stored on di...")
23:24, 25 February 2022 Wikiadmin talk contribs created page Practice MP.L2-3.8.5 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.5 – MEDIA ACCOUNTABILITY == === SECURITY REQUIREMENT === Control access to media containing CUI and maintain accountability for media during transpor...")
23:24, 25 February 2022 Wikiadmin talk contribs created page Practice MP.L2-3.8.4 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.9 – PROTECT BACKUPS == === SECURITY REQUIREMENT === Protect the confidentiality of backup CUI at storage locations. === ASSESSMENT OBJECTIVES === Det...")
23:23, 25 February 2022 Wikiadmin talk contribs created page Practice MP.L2-3.8.2 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.2 – MEDIA ACCESS == === SECURITY REQUIREMENT === Limit access to CUI on system media to authorized users. === ASSESSMENT OBJECTIVES === Determine if:...")
23:23, 25 February 2022 Wikiadmin talk contribs created page Practice MP.L2-3.8.1 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L2-3.8.1 – MEDIA PROTECTION == === SECURITY REQUIREMENT === Protect (i.e., physically control and securely store) system media containing CUI, both paper an...")
23:23, 25 February 2022 Wikiadmin talk contribs created page Practice MA.L2-3.7.6 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.6 – MAINTENANCE PERSONNEL == === SECURITY REQUIREMENT === Supervise the maintenance activities of maintenance personnel without required access autho...")
23:22, 25 February 2022 Wikiadmin talk contribs created page Practice MA.L2-3.7.5 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.5 – NONLOCAL MAINTENANCE == === SECURITY REQUIREMENT === Require multifactor authentication to establish nonlocal maintenance sessions via external n...")
23:22, 25 February 2022 Wikiadmin talk contribs created page Practice MA.L2-3.7.4 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.4 – MEDIA INSPECTION == === SECURITY REQUIREMENT === Check media containing diagnostic and test programs for malicious code before the media are used...")
23:21, 25 February 2022 Wikiadmin talk contribs created page Practice MA.L2-3.7.3 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.3 – EQUIPMENT SANITIZATION == === SECURITY REQUIREMENT === Ensure equipment removed for off-site maintenance is sanitized of any CUI. === ASSESSMENT...")
23:20, 25 February 2022 Wikiadmin talk contribs created page Practice MA.L2-3.7.2 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.2 – SYSTEM MAINTENANCE CONTROL == === SECURITY REQUIREMENT === Provide controls on the tools, techniques, mechanisms, and personnel used to conduct s...")
23:19, 25 February 2022 Wikiadmin talk contribs created page Practice MA.L2-3.7.1 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MA.L2-3.7.1 – PERFORM MAINTENANCE == === SECURITY REQUIREMENT === Perform maintenance on organizational systems.=== ASSESSMENT OBJECTIVES === Determine if: : [...")
20:58, 25 February 2022 Wikiadmin talk contribs created page Practice IA.L2-3.5.11 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.11 – OBSCURE FEEDBACK == === SECURITY REQUIREMENT === Obscure feedback of authentication information. === ASSESSMENT OBJECTIVES === Determine if: : [...")
20:58, 25 February 2022 Wikiadmin talk contribs created page Practice IA.L2-3.5.10 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.10 – CRYPTOGRAPHICALLY-PROTECTED PASSWORDS == === SECURITY REQUIREMENT === Store and transmit only cryptographically-protected passwords. === ASSESSM...")
20:58, 25 February 2022 Wikiadmin talk contribs created page Practice IA.L2-3.5.9 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.9 – TEMPORARY PASSWORDS == === SECURITY REQUIREMENT === Allow temporary password use for system logons with an immediate change to a permanent passwo...")
20:57, 25 February 2022 Wikiadmin talk contribs created page Practice IA.L2-3.5.8 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.8 – PASSWORD REUSE == === SECURITY REQUIREMENT === Prohibit password reuse for a specified number of generations. === ASSESSMENT OBJECTIVES === Deter...")
20:57, 25 February 2022 Wikiadmin talk contribs created page Practice IA.L2-3.5.7 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.7 – PASSWORD COMPLEXITY == === SECURITY REQUIREMENT === Enforce a minimum password complexity and change of characters when new passwords are created...")
20:56, 25 February 2022 Wikiadmin talk contribs created page Practice IA.L2-3.5.6 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.6 – IDENTIFIER HANDLING == === SECURITY REQUIREMENT === Disable identifiers after a defined period of inactivity. === ASSESSMENT OBJECTIVES === Deter...")
20:56, 25 February 2022 Wikiadmin talk contribs created page Practice IA.L2-3.5.5 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.5 – IDENTIFIER REUSE == === SECURITY REQUIREMENT === Prevent reuse of identifiers for a defined period. === ASSESSMENT OBJECTIVES === Determine if: :...")
20:56, 25 February 2022 Wikiadmin talk contribs created page Practice IA.L2-3.5.4 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.4 – REPLAY-RESISTANT AUTHENTICATION == === SECURITY REQUIREMENT === Employ replay-resistant authentication mechanisms for network access to privilege...")
20:55, 25 February 2022 Wikiadmin talk contribs created page Practice IA.L2-3.5.3 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L2-3.5.3 – MULTIFACTOR AUTHENTICATION == === SECURITY REQUIREMENT === Use multifactor authentication for local and network access to privileged accounts and...")
03:05, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.16 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.16 – DATA AT REST == === SECURITY REQUIREMENT === Protect the confidentiality of CUI at rest. === ASSESSMENT OBJECTIVES === Determine if: : [a] the...")
03:05, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.15 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.15 – COMMUNICATIONS AUTHENTICITY == === SECURITY REQUIREMENT === Protect the authenticity of communications sessions. === ASSESSMENT OBJECTIVES ===...")
03:05, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.14 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.14 – VOICE OVER INTERNET PROTOCOL == === SECURITY REQUIREMENT === Control and monitor the use of Voice over Internet Protocol (VoIP) technologies. =...")
03:05, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.13 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.13 – MOBILE CODE == === SECURITY REQUIREMENT === Control and monitor the use of mobile code. === ASSESSMENT OBJECTIVES === Determine if: : [a] use o...")
03:05, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.12 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.12 – COLLABORATIVE DEVICE CONTROL == === SECURITY REQUIREMENT === Prohibit remote activation of collaborative computing devices and provide indicati...")
03:04, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.11 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.11 – CUI ENCRYPTION == === SECURITY REQUIREMENT === Employ FIPS-validated cryptography when used to protect the confidentiality of CUI. === ASSESSME...")
03:04, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.10 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.10 – KEY MANAGEMENT == === SECURITY REQUIREMENT === Establish and manage cryptographic keys for cryptography employed in organizational systems. ===...")
03:04, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.9 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.9 – CONNECTIONS TERMINATION == === SECURITY REQUIREMENT === Terminate network connections associated with communications sessions at the end of the...")
03:04, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.8 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.8 – DATA IN TRANSIT == === SECURITY REQUIREMENT === Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission...")
03:03, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.7 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.7 – SPLIT TUNNELING == === SECURITY REQUIREMENT === Prevent remote devices from simultaneously establishing non-remote connections with organization...")
03:03, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.6 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.6 – NETWORK COMMUNICATION BY EXCEPTION == === SECURITY REQUIREMENT === Deny network communications traffic by default and allow network communicatio...")
03:03, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.4 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.4 – SHARED RESOURCE CONTROL == === SECURITY REQUIREMENT === Prevent unauthorized and unintended information transfer via shared system resources.===...")
03:02, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.3 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.3 – ROLE SEPARATION == === SECURITY REQUIREMENT === Separate user functionality from system management functionality. === ASSESSMENT OBJECTIVES ===...")
03:02, 25 February 2022 Wikiadmin talk contribs created page Practice SC.L2-3.13.2 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L2-3.13.2 – SECURITY ENGINEERING == === SECURITY REQUIREMENT === Employ architectural designs, software development techniques, and systems engineering prin...")
20:01, 24 February 2022 Wikiadmin talk contribs created page Practice AT.L2-3.2.3 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AT.L2-3.2.3 – INSIDER THREAT AWARENESS == === SECURITY REQUIREMENT === Provide security awareness training on recognizing and reporting potential indicators of...")
20:01, 24 February 2022 Wikiadmin talk contribs created page Practice AT.L2-3.2.2 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AT.L2-3.2.2 – ROLE-BASED TRAINING == === SECURITY REQUIREMENT === Ensure that personnel are trained to carry out their assigned information security-related du...")
20:00, 24 February 2022 Wikiadmin talk contribs created page Practice AT.L2-3.2.1 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == AT.L2-3.2.1 – ROLE-BASED RISK AWARENESS == === SECURITY REQUIREMENT === Ensure that managers, systems administrators, and users of organizational systems are m...")
19:10, 24 February 2022 Wikiadmin talk contribs created page Practice IR.L2-3.6.3 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IR.L2-3.6.3 – INCIDENT RESPONSE TESTING == === SECURITY REQUIREMENT === Test the organizational incident response capability. === ASSESSMENT OBJECTIVES === Det...")
19:10, 24 February 2022 Wikiadmin talk contribs created page Practice IR.L2-3.6.2 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IR.L2-3.6.2 – INCIDENT REPORTING == === SECURITY REQUIREMENT === Track, document, and report incidents to designated officials and/or authorities both internal...")
19:10, 24 February 2022 Wikiadmin talk contribs created page Practice IR.L2-3.6.1 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IR.L2-3.6.1 – INCIDENT HANDLING == === SECURITY REQUIREMENT === Establish an operational incident-handling capability for organizational systems that includes...")
19:09, 24 February 2022 Wikiadmin talk contribs created page Practice PS.L2-3.9.2 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PS.L2-3.9.2 – PERSONNEL ACTIONS == === SECURITY REQUIREMENT === Ensure that organizational systems containing CUI are protected during and after personnel acti...")
19:09, 24 February 2022 Wikiadmin talk contribs created page Practice PS.L2-3.9.1 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PS.L2-3.9.1 – SCREEN INDIVIDUALS == === SECURITY REQUIREMENT === Screen individuals prior to authorizing access to organizational systems containing CUI. === A...")
18:34, 24 February 2022 Wikiadmin talk contribs created page Practice RA.L2-3.11.3 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L2-3.11.3 – VULNERABILITY REMEDIATION == === SECURITY REQUIREMENT === Remediate vulnerabilities in accordance with risk assessments. === ASSESSMENT OBJECTIV...")
18:33, 24 February 2022 Wikiadmin talk contribs created page Practice RA.L2-3.11.2 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L2-3.11.2 – VULNERABILITY SCAN == === SECURITY REQUIREMENT === Scan for vulnerabilities in organizational systems and applications periodically and when new...")
18:32, 24 February 2022 Wikiadmin talk contribs created page Practice RA.L2-3.11.1 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == RA.L2-3.11.1 – RISK ASSESSMENTS == === SECURITY REQUIREMENT === Periodically assess the risk to organizational operations (including mission, functions, image,...")
18:32, 24 February 2022 Wikiadmin talk contribs created page Practice PE.L2-3.10.6 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L2-3.10.6 – ALTERNATIVE WORK SITES == === SECURITY REQUIREMENT === Enforce safeguarding measures for CUI at alternate work sites. === ASSESSMENT OBJECTIVES...")
18:31, 24 February 2022 Wikiadmin talk contribs created page Practice PE.L2-3.10.2 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L2-3.10.2 – MONITOR FACILITY == === SECURITY REQUIREMENT === Protect and monitor the physical facility and support infrastructure for organizational systems...")
17:29, 24 February 2022 Wikiadmin talk contribs created page Practice CA.L2-3.12.4 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CA.L2-3.12.4 – SYSTEM SECURITY PLAN == === SECURITY REQUIREMENT === Develop, document, and periodically update system security plans that describe system...")
17:29, 24 February 2022 Wikiadmin talk contribs created page Practice CA.L2-3.12.3 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CA.L2-3.12.3 – SECURITY CONTROL MONITORING == === SECURITY REQUIREMENT === Monitor security controls on an ongoing basis to ensure the continued effective...")
17:29, 24 February 2022 Wikiadmin talk contribs created page Practice CA.L2-3.12.2 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CA.L2-3.12.2 – PLAN OF ACTION == === SECURITY REQUIREMENT === Develop and implement plans of action designed to correct deficiencies and reduce or elimina...")
17:28, 24 February 2022 Wikiadmin talk contribs created page Practice CA.L2-3.12.1 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == CA.L2-3.12.1 – SECURITY CONTROL ASSESSMENT == === SECURITY REQUIREMENT === Periodically assess the security controls in organizational systems to determin...")
02:45, 24 February 2022 Wikiadmin talk contribs created page Practice SI.L2-3.14.7 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L2-3.14.7 – IDENTIFY UNAUTHORIZED USE == === SECURITY REQUIREMENT === Identify unauthorized use of organizational systems. === ASSESSMENT OBJECTIVES === Det...")
02:45, 24 February 2022 Wikiadmin talk contribs created page Practice SI.L2-3.14.6 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L2-3.14.6 – MONITOR COMMUNICATIONS FOR ATTACKS == === SECURITY REQUIREMENT === Monitor organizational systems, including inbound and outbound communications...")
02:44, 24 February 2022 Wikiadmin talk contribs created page Practice SI.L2-3.14.3 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L2-3.14.3 – SECURITY ALERTS & ADVISORIES == ===SECURITY REQUIREMENT === Monitor system security alerts and advisories and take action in response. === ASSES...")
00:11, 24 February 2022 Wikiadmin talk contribs created page Practice SI.L1-3.14.5 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L1-3.14.5 – SYSTEM & FILE SCANNING == === SECURITY REQUIREMENT === Perform periodic scans of the information system and real-time scans of files from e...")
00:11, 24 February 2022 Wikiadmin talk contribs created page Practice SI.L1-3.14.4 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L1-3.14.4 – UPDATE MALICIOUS CODE PROTECTION == === SECURITY REQUIREMENT === Update malicious code protection mechanisms when new releases are availabl...")
00:10, 24 February 2022 Wikiadmin talk contribs created page Practice SI.L1-3.14.2 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L1-3.14.2 – MALICIOUS CODE PROTECTION == === SECURITY REQUIREMENT === Provide protection from malicious code at appropriate locations within organizati...")
00:09, 24 February 2022 Wikiadmin talk contribs created page Practice SI.L1-3.14.1 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SI.L1-3.14.1 – FLAW REMEDIATION == === SECURITY REQUIREMENT === Identify, report, and correct information and information system flaws in a timely manner....")
23:49, 23 February 2022 Wikiadmin talk contribs created page Practice SC.L1-3.13.5 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L1-3.13.5 – PUBLIC-ACCESS SYSTEM SEPARATION == === SECURITY REQUIREMENT === Implement subnetworks for publicly accessible system components that are ph...")
23:49, 23 February 2022 Wikiadmin talk contribs created page Practice SC.L1-3.13.1 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == SC.L1-3.13.1 – BOUNDARY PROTECTION == === SECURITY REQUIREMENT === Monitor, control, and protect organizational communications (i.e., information transmit...")
23:28, 23 February 2022 Wikiadmin talk contribs created page Practice PE.L1-3.10.5 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L1-3.10.5 – MANAGE PHYSICAL ACCESS == === SECURITY REQUIREMENT === Control and manage physical access devices. === ASSESSMENT OBJECTIVES === Determine...")
23:23, 23 February 2022 Wikiadmin talk contribs created page Practice PE.L1-3.10.4 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L1-3.10.4 – PHYSICAL ACCESS LOGS == === SECURITY REQUIREMENT === Maintain audit logs of physical access. === ASSESSMENT OBJECTIVES === Determine if: [...")
23:11, 23 February 2022 Wikiadmin talk contribs created page Practice PE.L1-3.10.3 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L1-3.10.3 – ESCORT VISITORS == === SECURITY REQUIREMENT === Escort visitors and monitor visitor activity. === ASSESSMENT OBJECTIVES === Determine if:...")
23:05, 23 February 2022 Wikiadmin talk contribs created page Practice PE.L1-3.10.1 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == PE.L1-3.10.1 – LIMIT PHYSICAL ACCESS == === SECURITY REQUIREMENT === Limit physical access to organizational information systems, equipment, and the respe...")
22:07, 23 February 2022 Wikiadmin talk contribs created page Practice MP.L1-3.8.3 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == MP.L1-3.8.3 – MEDIA DISPOSAL == === SECURITY REQUIREMENT === Sanitize or destroy information system media containing Federal Contract Information before d...")
18:56, 23 February 2022 Wikiadmin talk contribs created page Practice IA.L1-3.5.2 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L1-3.5.2 – AUTHENTICATION == === SECURITY REQUIREMENT === Authenticate (or verify) the identities of those users, processes, or devices, as a prerequis...")
18:56, 23 February 2022 Wikiadmin talk contribs created page Practice IA.L1-3.5.1 Details (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == IA.L1-3.5.1 – IDENTIFICATION == === SECURITY REQUIREMENT === Identify information system users, processes acting on behalf of users, or devices. === ASSES...")
17:56, 23 February 2022 Wikiadmin talk contribs created page Practice AC.L1-3.1.22 Details (Created page with "== AC.L1-3.1.22 – CONTROL PUBLIC INFORMATION == === SECURITY REQUIREMENT === Control information posted or processed on publicly accessible information systems. === ASSESSMENT OBJECTIVES === Determine if: [a] individuals authorized to post or process information on publicly accessible systems are identified; [b] procedures to ensure FCI is not posted or processed on publicly accessible systems are identified; [c] a review process is in place prior to posting of any co...")
17:56, 23 February 2022 Wikiadmin talk contribs created page Practice AC.L1-3.1.20 Details (Created page with "== AC.L1-3.1.20 – EXTERNAL CONNECTIONS == === SECURITY REQUIREMENT === Verify and control/limit connections to and use of external information systems. === ASSESSMENT OBJECTIVES === Determine if: : [a] connections to external systems are identified; : [b] the use of external systems is identified; : [c] connections to external systems are verified; : [d] the use of external systems is verified; : [e] connections to external systems are controlled/limited; and : [f] t...")
17:54, 23 February 2022 Wikiadmin talk contribs created page Practice AC.L1-3.1.2 Details (Created page with "== AC.L1-3.1.2 – TRANSACTION & FUNCTION CONTROL == === SECURITY REQUIREMENT === Limit information system access to the types of transactions and functions that authorized users are permitted to execute. === ASSESSMENT OBJECTIVES === Determine if: : [a] the types of transactions and functions that authorized users are permitted to execute are defined; and : [b] system access is limited to the defined types of transactions and functions for authorized users. === POTENTI...")
05:40, 23 February 2022 Wikiadmin talk contribs created page Level 1 Assessment Guide (Created page with "'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 1 Self-Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == Access Control (AC) == === Level 1 AC Practices === ==== AC.L1-3.1.1 - AUTHORIZED ACCESS CONTROL ==== {|class="wikitable" |'''SECURITY REQUIREMENT''' Limit...")
03:57, 20 February 2022 Wikiadmin talk contribs created page Acronyms and Abbreviations (Created page with "== A == {| |AA||Audit and Accountability |- |ABAC||Attribute-Based Access Control |- |AC||Access Control |- |ACSC||Australian Cyber Security Centre |- |AES||Advanced Encryption Standard |- |AIA||Aerospace Industries Association |- |AM||Asset Management |- |API||Application Programming Interface |- |APT||Advanced Persistent Threat |- |AT||Awareness and Training |- |AU||Audit and Accountability |} == B == {| |BYOD||Bring Your Own Device |} == C == {| |C2M2||Cybersecurity...")
03:09, 20 February 2022 Wikiadmin talk contribs created page Level 2 Assessment Guide (Created page with "'''Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Level 2 Assessment Guide] from the Office of the Under Secretary of Defense Acquisition & Sustainment.''' == Access Control (AC) == === Level 1 AC Practices === ==== AC.L1-3.1.1 – AUTHORIZED ACCESS CONTROL ==== {|class="wikitable" |- |'''SECURITY REQUIREMENT''' Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other...")
02:23, 20 February 2022 Wikiadmin talk contribs created page Practice AC.L1-3.1.1 Details (Created page with "== AC.L1-3.1.1 – AUTHORIZED ACCESS CONTROL == === SECURITY REQUIREMENT === Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems). === ASSESSMENT OBJECTIVES [NIST SP 800-171A] === Determine if: : [a] authorized users are identified; : [b] processes acting on behalf of authorized users are identified; : [c] devices (and other systems) authorized to connect to the system are id...")
01:07, 20 February 2022 Wikiadmin talk contribs created page Level2 Assessment Guide (Created page with "Access Control (AC) Level 1 AC Practices AC.L1-3.1.1 – AUTHORIZED ACCESS CONTROL Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems). ASSESSMENT OBJECTIVES [NIST SP 800-171A] Determine if: [a] authorized users are identified; [b] processes acting on behalf of authorized users are identified; [c] devices (and other systems) authorized to connect to...")
15:24, 18 February 2022 Wikiadmin talk contribs created page Model Glossary (Created page with "{|class="wikitable" style="width: 85%;" ! style="width: 15%"| Term ! style="width: 65%"| Description ! style="width: 20%"| Source |- |Access |Ability to make use of any information system (IS) resource. | * CNSSI 4009 * NIST SP 800-32 |- |Access Authority |An entity responsible for monitoring and granting access privileges for other authorized entities. | * CNSSI 4009 |Access Control (AC) The process of granting or denying specific requests to:  obtain and use...")
03:36, 18 February 2022 Wikiadmin talk contribs created page CMMC Toolkit Wiki:Privacy policy (Created page with "This website currently does not accept user registrations. The administrator of this website also does not require, request, or store any personally identified information to access the website. For comments and inquiries on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you.")
03:25, 18 February 2022 Wikiadmin talk contribs created page CMMC Toolkit Wiki:General disclaimer (Created page with "<strong>Official CMMC Reference Source: [https://www.acq.osd.mil/cmmc/index.html Department of Defense CMMC Framework]</strong> This website contains educational information that might be helpful to individuals who are interested in working with DoD's CMMC framework. This website and its creator are not associated with DoD or the office that maintains the CMMC framework. For comments and inquiries on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank...")
03:19, 18 February 2022 Wikiadmin talk contribs created page Model Overview (Created page with "== Access Control (AC) == {|class="wikitable" style="width: 85%;" ! style="width: 33%"| Level 1 ! style="width: 33%"| Level 2 ! style="width: 33%"| Level 3 (TBD) |- |'''AC.L1-3.1.1''' ''Authorized Access Control'' Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems). * FAR Clause 52.204-21 b.1.i * NIST SP 800-171 Rev 2 3.1.1 |'''AC.L2-3.1.3''' ''Control CUI Flow'' Cont...")
21:28, 17 February 2022 Wikiadmin talk contribs created page MediaWiki:Sidebar (Created page with " * navigation ** mainpage|mainpage-description ** CCP_Exam_Objectives|CCP Exam Objectives * Wiki Actions ** recentchanges-url|recentchanges ** randompage-url|randompage ** helppage|help-mediawiki * SEARCH * TOOLBOX * LANGUAGES")
21:23, 17 February 2022 Wikiadmin talk contribs created page CMMC Toolkit Wiki:About (Created page with "<strong>Official CMMC Reference Source: [https://www.acq.osd.mil/cmmc/index.html Department of Defense CMMC Framework]</strong> This website contains information that might be helpful when working with DoD's CMMC framework. This wiki aims to provide educational content for those who are interested in the CMMC framework. This website and its creator are not associated with DoD or the office that maintains the CMMC framework. For comments and inquiries on this wiki, plea...")
20:48, 17 February 2022 Wikiadmin talk contribs created page CCP Exam Objectives (Created page with "<strong>Official CMMC Reference Source: [https://www.acq.osd.mil/cmmc/index.html DoD CMMC Framework]</strong> This web page contains links that might be helpful to studying for the CMMC certification exams. Official information on the Certified CMMC Professional certification can be found on the [https://cmmcab.org/certified-cmmc-professional-ccp/ CMMC AB website]. For comments and inquiries, please [mailto:support@cmmctoolkit.org contact us]. Thank you. == Domain: Da...")
18:10, 17 February 2022 MediaWiki default talk contribs created page Main Page

All public logs

Navigation menu

Search