2.0

CMMC 2.0 SI.1.213 Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed.
Level 1 Description: System monitoring includes external and internal monitoring. System monitoring can detect unauthorized use of organizational systems....
Mon, 17 Jul, 2023 at 8:41 AM
CMMC 2.0 AU.3.045 Review and update logged events.
Level 2 Description: The intent of this requirement is to periodically re-evaluate which logged events will continue to be included in the list of even...
Mon, 17 Jul, 2023 at 7:35 AM
CMMC 2.0 SI.1.212 Update malicious code protection mechanisms when new releases are available.
Level 1 Description: There are many publicly available sources of system security alerts and advisories. For example, the Department of Homeland Security’...
Mon, 17 Jul, 2023 at 8:41 AM
CMMC 2.0 AU.3.046 Alert in the event of an audit logging process failure.
Level 2 Description: Audit logging process failures include software and hardware errors, failures in the audit record capturing mechanisms, and audit ...
Mon, 17 Jul, 2023 at 7:50 AM
CMMC 2.0 SI.1.211 Provide protection from malicious code at appropriate locations within organizational information systems.
Level 1 Description: Designated locations include system entry and exit points which may include firewalls, remote-access servers, workstations, electroni...
Mon, 17 Jul, 2023 at 7:59 AM
CMMC 2.0 AU.3.051 Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity.
Level 2 Description: Correlating audit record review, analysis, and reporting processes helps to ensure that they do not operate independently, but ra...
Mon, 17 Jul, 2023 at 8:27 AM
CMMC 2.0 SI.1.210 Identify, report, and correct information and information system flaws in a timely manner.
Level 1 Description: Organizations identify systems that are affected by announced software and firmware flaws including potential vulnerabilities result...
Mon, 17 Jul, 2023 at 8:36 AM
CMMC 2.0 AU.3.052 Provide audit record reduction and report generation to support on-demand analysis and reporting.
Level 2 Description: Audit record reduction is a process that manipulates collected audit information and organizes such information in a summary forma...
Mon, 17 Jul, 2023 at 8:40 AM
CMMC 2.0 AU.2.043 Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records.
Level 2 Description: Internal system clocks are used to generate time stamps, which include date and time. Time is expressed in Coordinated Universal T...
Mon, 17 Jul, 2023 at 8:53 AM
CMMC 2.0 SC.3.191 Protect the confidentiality of CUI at rest.
Level 2 Description: Information at rest refers to the state of information when it is not in process or in transit and is located on storage devices as s...
Mon, 17 Jul, 2023 at 9:00 AM