Risk Management - Level 4
CMMC RM.4.148 - Manage Supply Chain Risk
Requirement text: RM.4.148: Develop and update as required, a plan for managing supply chain risks associated with the IT supply chain. DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171B The growing dependence on products, systems, and services from ...
CMMC RM.4.151 - Perform Network Port Scans
Requirement text: RM.4.151: Perform scans for unauthorized ports available across perimeter network boundaries over the organization’s Internet network boundaries and other organizationally defined boundaries. DISCUSSION FROM SOURCE: CMMC Adversaries ...
CMMC RM.4.150 - Employ Threat Intelligence
Requirement text: RM.4.150: Employ threat intelligence to inform the development of the system and security architectures, selection of security solutions, monitoring, threat hunting, and response and recovery activities. DISCUSSION FROM SOURCE: ...
CMMC RM.4.149 - Employ Threat Profiling
Requirement text: RM.4.149: Catalog and periodically update threat profiles and adversary TTPs. DISCUSSION FROM SOURCE: CMMC One method that more mature enterprises can use to protect its systems is to employ threat profiles and better understand ...