CMMC Practice IR.L2-3.6.3 – Incident Response Testing: Test the organizational incident response capability. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance for conducting Cybersecurity Maturity...
CMMC Practice IR.L2-3.6.2 – Incident Reporting: Track, document, and report incidents to designated officials and/or authorities both internal and external to the organization. Links to Publicly Available Resources Carnegie Mellon University – Incident...
CMMC Practice IR.L2-3.6.1 – Incident Handling: Establish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery, and user response activities. Links to Publicly Available...
CMMC Practice IA.L2-3.5.6 – Identifier Handling: Disable identifiers after a defined period of inactivity. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance for conducting Cybersecurity Maturity Model...
CMMC Practice IA.L2-3.5.5 – Identifier Reuse: Prevent the reuse of identifiers for a defined period. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance for conducting Cybersecurity Maturity Model...
CMMC Practice IA.L2-3.5.4 – Replay-Resistant Authentication: Employ replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document...
