CMMC Requirement AT.L3-3.2.2E – Practical Training Exercises: Include practical exercises in awareness training for all users, tailored by roles, to include general users, users with specialized roles, and privileged users, that are aligned with current threat...
CMMC Requirement AT.L3-3.2.1E – Advanced Threat Awareness: Provide awareness training upon initial hire, following a significant cyber event, and at least annually, focused on recognizing and responding to threats from social engineering, advanced persistent...
CMMC Requirement AC.L3-3.1.3E – Secured Information Transfer: Employ secure information transfer solutions to control information flows between security domains on connected systems. Links to Publicly Available Resources Amazon Web Services – Operational...
CMMC Requirement AC.L3-3.1.2E – Organizationally Controlled Assets: Restrict access to systems and system components to only those information resources that are owned, provisioned, or issued by the organization. Links to Publicly Available Resources Canadian...
CMMC Requirement SI.L1-B.1.XIII – Malicious Code Protection: Provide protection from malicious code at appropriate locations within organizational information systems. Links to Publicly Available Resources Anti-Malware Testing Standards Organization (AMTSO)...
CMMC Requirement SI.L1-B.1.XIV – Update Malicious Code Protection: Update malicious code protection mechanisms when new releases are available. Links to Publicly Available Resources Anti-Malware Testing Standards Organization (AMTSO) AMTSO is the Anti-Malware...
CMMC Requirement SI.L1-B.1.XV – System & File Scanning: Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed. Links to Publicly Available Resources Anti-Malware...
CMMC Requirement PE.L1-B.1.VIII – Limit Physical Access: Limit physical access to organizational information systems, equipment, and the respective operating environments to authorized individuals. Links to Publicly Available Resources CMMC Level 1...
CMMC Requirement SC.L1-B.1.X – Boundary Protection: Monitor, control, and protect organizational communications (i.e., information transmitted or received by organizational information systems) at the external boundaries and key internal boundaries of the...
CMMC Requirement SC.L1-B.1.XI – Public-Access System Separation: Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks. Links to Publicly Available Resources CMMC Level 1 Self-Assessment...
