CMMC Requirement SC.L2-3.13.11 – CUI Encryption: Employ FIPS-validated cryptography when used to protect the confidentiality of CUI. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance for conducting...
CMMC Requirement SC.L2-3.13.12 – Collaborative Device Control: Prohibit remote activation of collaborative computing devices and provide indication of devices in use to users present at the device. Links to Publicly Available Resources Cloudwards – How to...
CMMC Requirement SC.L2-3.13.5 – Public-Access System Separation: Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks. Links to Publicly Available Resources CMMC Level 1 Self-Assessment...
CMMC Requirement SC.L2-3.13.1 – Boundary Protection: Monitor, control, and protect organizational communications (i.e., information transmitted or received by organizational information systems) at the external boundaries and key internal boundaries of the...
CMMC Requirement CA.L2-3.12.3 – Security Control Monitoring: Monitor security controls on an ongoing basis to ensure the continued effectiveness of the controls. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides...
CMMC Requirement CA.L2-3.12.2 – Plan of Action: Develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems. Links to Publicly Available Resources Centers for Medicare & Medicaid...
CMMC Requirement CA.L2-3.12.1 – Security Control Assessment: Periodically assess the security controls in organizational systems to determine if the controls are effective in their application. Links to Publicly Available Resources CMMC Level 2 Assessment Guide...
CMMC Requirement CA.L2-3.12.4 – System Security Plan: Develop, document, and periodically update system security plans that describe system boundaries, system environments of operation, how security requirements are implemented, and the relationships with or...
CMMC Requirement RA.L2-3.11.3 – Vulnerability Remediation: Remediate vulnerabilities in accordance with risk assessments. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance for conducting Cybersecurity...
CMMC Requirement RA.L2-3.11.2 – Vulnerability Scan: Scan for vulnerabilities in organizational systems and applications periodically and when new vulnerabilities affecting those systems and applications are identified. Links to Publicly Available Resources...
