CMMC Requirement AC.L2-3.1.11 – Session Termination: Terminate (automatically) user sessions after a defined condition. Links to Publicly Available Resources Apple – Set your Mac to log out when not in use This article shows the actual configuration that...
CMMC Requirement AC.L2-3.1.7 – Privileged Functions: Prevent non-privileged users from executing privileged functions and capture the execution of such functions in audit logs. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document...
CMMC Requirement AC.L2-3.1.4 – Separation of Duties: Separate the duties of individuals to reduce the risk of malevolent activity without collusion. Links to Publicly Available Resources Brookhaven National Laboratory – Example Separation of Duties Policy...
CMMC Requirement AC.L2-3.1.3 – Control CUI Flow: Control the flow of CUI in accordance with approved authorizations. Links to Publicly Available Resources Boston University – Data Lifecycle Management Policy This Boston University guidance defines the...
CMMC Level 1 CMMC Level 2 CMMC Level 3 CMMC Level 3 Level 3 focuses on the protection of CUI and encompasses the 110 requirements from NIST SP 800-171 R2 required by DFARS clause 252.204-7012. Additionally, 24 requirements selected from NIST SP 800-172 (Feb 2021), as...
CMMC Level 1 CMMC Level 2 CMMC Level 3 CMMC Level 1 Level 1 focuses on the protection of FCI and consists of the 15 requirements of FAR clause 52.204-21 Level 1 Scoping GuidanceLevel 1 Self-Assessment Guide AC.L1-B.1.I Authorized Access ControlAC.L1-B.1.II Transaction...
