Popular Articles
CMMC AC.1.001 – Limit Information System Access
Requirement text: AC.1.001: Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems). DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171 R2 Access control ...
CMMC AC.1.002 – Assign Information System User Rights
Requirement text: AC.1.002: Limit information system access to the types of transactions and functions that authorized users are permitted to execute. DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171 R2 Organizations may choose to define access ...
CMMC AC.1.003 – Limit External Connections
Requirement text: AC.1.003: Verify and control/limit connections to and use of external information systems. DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171 R2 External systems are systems or components of systems for which organizations typically have ...
CMMC AC.1.004 – Control Information to Public
Requirement text: AC.1.004: Control information posted or processed on publicly accessible information systems. DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171 R2 In accordance with laws, Executive Orders, directives, policies, regulations, or ...
CMMC IA.1.076 – Identify Authorized Users, Processes and Devices
Requirement text: IA.1.076: Identify information system users, processes acting on behalf of users, or devices. DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171 R2 Common device identifiers include media access control (MAC), Internet protocol (IP) ...