Systems and Communication Protection - Level 4
CMMC SC.4.229 - Enforce URL Filtering of Websites
Requirement text: SC.4.229: Utilize a URL categorization service and implement techniques to enforce URL filtering of websites that are not approved by the organization. DISCUSSION FROM SOURCE: CMMC Typically a high percentage of an organization’s ...
CMMC SC.4.202 - Analyze Executable Code and Scripts
Requirement text: SC.4.202: Employ mechanisms to analyze executable code and scripts (e.g., sandbox) traversing Internet network boundaries or other organizationally defined boundaries. DISCUSSION FROM SOURCE: CMMC Advanced malicious executable code ...
CMMC SC.4.199 - Use Threat Intelligence to Manage DNS Requests
Requirement text: SC.4.199: Utilize threat intelligence to proactively block DNS requests from reaching malicious domains. DISCUSSION FROM SOURCE: CMMC Threat intelligence can provide information on known, bad domain names. Using that information to ...
CMMC SC.4.228 - Isolate Administration of High-Value Systems
Requirement text: SC.4.228: Isolate administration of organizationally defined high-value critical network infrastructure components and servers. DISCUSSION FROM SOURCE: CMMC Organizations apply systems security engineering concepts and principles to ...
CMMC SC.4.197 - Employ Isolation Techniques in System and Security Architecture
Requirement text: SC.4.197: Employ physical and logical isolation techniques in the system and security architecture and/or where deemed appropriate by the organization. DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171B Physical and logical isolation ...