CMMC Practice AU.L2-3.3.7 – Authoritative Time Source: Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records. Links to Publicly Available Resources Carnegie Mellon...
CMMC Practice AU.L2-3.3.1 – System Auditing: Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity. Links to Publicly Available Resources...
CMMC Practice AU.L2-3.3.2 – User Accountability: Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions. Links to Publicly Available Resources BrightTalk – Detecting...
CMMC Practice AC.L2-3.1.19 – Encrypt CUI on Mobile: Encrypt CUI on mobile devices and mobile computing platforms. Links to Publicly Available Resources CIO – 7 Enterprise Mobile Security Best Practices This article from CIO provides seven best practices to...
CMMC Practice AC.L2-3.1.15 – Privileged Remote Access: Authorize remote execution of privileged commands and remote access to security-relevant information. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment...
CMMC Practice AC.L2-3.1.13 – Remote Access Confidentiality: Employ cryptographic mechanisms to protect the confidentiality of remote access sessions. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance...
