markcarr, Author at DIB SCC CyberAssist

MA.L2-3.7.6 Maintenance Personnel

CMMC Requirement MA.L2-3.7.6 – Maintenance Personnel: Supervise the maintenance activities of personnel without required access authorization. Links to Publicly Available Resources Beyond Trust – 8 Steps to Reduce Remote Access Security Risks & Tighten...

MA.L2-3.7.5 Nonlocal Maintenance

CMMC Requirement MA.L2-3.7.5 – Nonlocal Maintenance: Require multifactor authentication to establish nonlocal maintenance sessions via external network connections and terminate such connections when nonlocal maintenance is complete. Links to Publicly Available...

MA.L2-3.7.2 System Maintenance Control

CMMC Requirement MA.L2-3.7.2 – System Maintenance Control: Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides...

MA.L2-3.7.1 Perform Maintenance

CMMC Requirement MA.L2-3.7.1 – Perform Maintenance: Perform maintenance on organizational systems. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance for conducting Cybersecurity Maturity Model...

IR.L2-3.6.3 Incident Response Testing

CMMC Requirement IR.L2-3.6.3 – Incident Response Testing: Test the organizational incident response capability. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance for conducting Cybersecurity Maturity...

IR.L2-3.6.2 Incident Reporting

CMMC Requirement IR.L2-3.6.2 – Incident Reporting: Track, document, and report incidents to designated officials and/or authorities both internal and external to the organization. Links to Publicly Available Resources Carnegie Mellon University – Incident...

IR.L2-3.6.1 Incident Handling

CMMC Requirement IR.L2-3.6.1 – Incident Handling: Establish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery, and user response activities. Links to Publicly Available...

IA.L2-3.5.6 Identifier Handling

CMMC Requirement IA.L2-3.5.6 – Identifier Handling: Disable identifiers after a defined period of inactivity. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance for conducting Cybersecurity Maturity...

IA.L2-3.5.5 Identifier Reuse

CMMC Requirement IA.L2-3.5.5 – Identifier Reuse: Prevent the reuse of identifiers for a defined period. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance for conducting Cybersecurity Maturity Model...

IA.L2-3.5.4 Replay-Resistant Authentication

CMMC Requirement IA.L2-3.5.4 – Replay-Resistant Authentication: Employ replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document...