CMMC Requirement AC.L2-3.1.5 – Least Privilege: Employ the principle of least privilege, including for specific security functions and privileged accounts. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment...
CMMC Requirement AC.L2-3.1.21 – Portable Storage Use: Limit use of portable storage devices on external systems. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance for conducting Cybersecurity Maturity...
CMMC Requirement AC.L2-3.1.9 – Privacy & Security Notices: Provide privacy and security notices consistent with applicable CUI rules. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance for...
AC AT AU CM IA IR MA MP PS PE RA CA SC SI Physical Protection (PE) Level 1 Level 2 Level 3 PE.L1-B.1.VIII Limit Physical AccessPE.L1-B.1.IX Manage Visitors & Physical Access PE.L2-3.10.1 Limit Physical AccessPE.L2-3.10.2 Monitor FacilityPE.L2-3.10.3 Escort...
AC AT AU CM IA IR MA MP PS PE RA CA SC SI Personnel Security (PS) Level 1 Level 2 Level 3 There are currently no requirements in the Personnel Security domain at Level 1. PS.L2-3.9.1 Screen IndividualsPS.L2-3.9.2 Personnel Actions PS.L3-3.9.2E Adverse...
AC AT AU CM IA IR MA MP PS PE RA CA SC SI Media Protection (MP) Level 1 Level 2 Level 3 MP.L1-B.1.VII Media Disposal MP.L2-3.8.1 Media ProtectionMP.L2-3.8.2 Media AccessMP.L2-3.8.3 Media DisposalMP.L2-3.8.4 Media MarkingsMP.L2-3.8.5 Media AccountabilityMP.L2-3.8.6...
AC AT AU CM IA IR MA MP PS PE RA CA SC SI Maintenance (MA) Level 1 Level 2 Level 3 There are currently no requirements in the Maintenance domain at Level 1. MA.L2-3.7.1 Perform MaintenanceMA.L2-3.7.2 System Maintenance ControlMA.L2-3.7.3 Equipment...
AC AT AU CM IA IR MA MP PS PE RA CA SC SI Identification and Authentication (IA) Level 1 Level 2 Level 3 IA.L1-B.1.V IdentificationIA.L1-B.1.VI Authentication IA.L2-3.5.1 IdentificationIA.L2-3.5.2 AuthenticationIA.L2-3.5.3 Multifactor AuthenticationIA.L2-3.5.4...
CMMC Level 1 CMMC Level 2 CMMC Level 3 CMMC Level 2 Level 2 focuses on the protection of CUI and encompasses the 110 requirements from NIST SP 800-171 R2 required by DFARS clause 252.204-7012 Level 2 Scoping GuidanceLevel 2 Assessment Guide AC.L2-3.1.1 Authorized...
Cloud Security The Microsoft Cloud Services Working Group brought ND-ISAC members together with Microsoft subject matter experts to elaborate common challenges, understand features, and provide updates on Microsoft Cloud Services roadmap. The Microsoft Reference...
