The Department of Homeland Security states that web content filtering (WCF) provides protection at the application layer for web traffic by blocking access to suspicious websites, preventing malware from running on systems and networks, and detecting and blocking phishing attempts as well as malicious web content. Sites that are new, not categorized, or have not been reviewed by an accredited WCF service pose an increased risk to organizations and their networks. (Source)
This article from Cloudflare gives the reader a high level overview of URL filtering. Web Content Filtering (WCF) provides protection at the application layer for web traffic by blocking access to suspicious websites, preventing malware from running on systems and networks, and detecting and blocking phishing attempts as well as malicious web content. This technical article from paloalto provides some best practices to show you how to reduce your exposure to web-based threats, without limiting user access to web resources that they need. This site provides a listing of Web Content Filtering solutions. WCF solutions comprise appliances and software for censoring or preventing access to restricted web content deemed offensive or inappropriate.
This document provides assessment guidance for Level 1 of the Cybersecurity Maturity Model Certification (CMMC). This document provides assessment guidance for conducting Cybersecurity Maturity Model Certification (CMMC) assessments for Level 2. The purpose of this publication is to provide procedures for assessing the CUI requirements in NIST Special Publication 800-171. The information system: a. Monitors and controls communications at the external boundary of the system and at key internal boundaries within the system; b. Implements subnetworks for publicly accessible system components that are [Selection: physically; logically] separated from internal organizational networks; and c. Connects to external networks or information systems only through managed interfaces consisting of boundary protection devices arranged in accordance with an organizational security architecture.