Celerium

Background Questions

What level of CMMC is your company trying to achieve?

1
2
3
4
5

Where is your company's headquarters?

What is your business role in your company?

What is your role regarding CMMC compliance?

I have management responsibility for CMMC compliance in my company overall.
I have management responsibility for CMMC compliance in selected departments or business units in my company.
I have responsibility for CMMC compliance implementation in my company overall.
I have responsibility for CMMC compliance implementation in selected departments or business units in my company.

WHY CMMC? - INDUSTRY BACKGROUND

Q1) The focus of CMMC is to make sure that large defense contractors protect their classified information.

a) True
b) False

Q2) In understanding the motivations to create CMMC by the U.S. Department of Defense, which is a low priority item?

a) Malicious cyber actors have targeted the Defense Industrial Base (DIB) and the Defense Supply Chain (DSC) of the Department of Defense (DoD).
b) The emergence of Silent Starling as a threat actor that attempts to steal national security information.
c) The loss of "Controlled Unclassified Information" (CUI) and "Federal Contract Information" (FCI) increase risk to national security.
d) Cyber espionage and theft of intellectual property cost U.S. companies an estimated $600B annually.
e) CMMC unifies cybersecurity standards/guidelines across the Defense Supply Chain (DSC).

Q3) CMMC is focused on improving the cybersecurity of defense suppliers primarily against:

a) Hacktivists who want to deface the websites of defense suppliers.
b) Criminal and nation-state actors that want to steal sensitive government information or intellectual property.
c) Criminal threat actors that focus on earning money via Ransomware.

what are the key business issues regarding cmmc?

Q4) Why does your business need to comply with CMMC?

a) Revenue exposure: With expected changes in DoD acquisition regulations (DFARS) and without CMMC compliance, your company may be prevented from winning future DoD contracts as a prime or subcontractor.
b) You may have upstream buyers, defense contractors or primes that want your company to be included in a response to a DoD RFP that requires suppliers to be CMMC certified.
c) Both of the above.

Q5) What should you know about getting your business CMMC approved?

a) You can complete a DoD CMMC compliance survey which you can email it to a regional CMMC assessment center in DoD.
b) Your company will need to schedule a Certified CMMC Assessor to evaluate your CMMC compliance with 100% conformity.
c) You must register on a secure DoD web portal to indicate how your company complies with the CMMC program.
d) You must send a secure PDF to DoD indicating how you your company complies with CMMC.
e) You can self-certify that you meet all CMMC requirements.

CMMC Overview

Q6) What are the essential components of CMMC?

a) All five levels of the CMMC model require companies to implement CMMC practices.
b) The number of practices varies based on the level.
c) Only CMMC levels 2-5 will need to implement CMMC processes.
d) Each level has 17 capability domains and 54 practices.
e) A+B+C.

Q7) All CMMC levels need to develop a System Security Plan (SSP).

a) True.
b) False.

Q8) Which of the following is NOT TRUE regarding CMMC processes?

a) No maturity processes are assessed at CMMC Level 1.
b) Starting at CMMC Level 3, processes must be documented.
c) Processes can involve the creation of documentation, plans, and budgeting.
d) There are 5 levels of process maturity.
e) Good cyber hygiene means processes are managed.

CMMC Assessment Process

Q9) What is the MOST accurate path to CMMC certification?

a) After your company is ready with 100% conformity, you will then schedule the CMMC Certified Assessor to conduct the assessment for the purposes of certification.
b) After your CMMC Assessor reviews your company for CMMC compliance, you will have up to 60 days to appeal the assessment results.

Q10) What should defense suppliers know about assessor judgment and grey areas?

a) CMMC has well-defined levels, domains, and practices, which means that a Certified Assessor can readily assess conformity.
b) CMMC Certified Assessors will strive to be consistent in the application of the standard to all practices and requirements.
c) CUI/FCI data and document flow; trained and knowledgeable employees; network architecture and configuration; and many other factors make 100% conformity a challenging requirement for certification.
d) CMMC assessments will involve judgment on the part of the assessor which means suppliers can discuss how they meet practice requirements during the interview process.
e) All the above.
f) B+C+D only.

Feedback on our Knowledge Readiness Quiz

Please rate the Academy's quiz.

1 Excellent Quiz.
2 Very Good Quiz.
3 OK Quiz.
4 Not very good Quiz.
5 Poor Quiz.

Please leave your suggestions on how to improve the quiz overall, or specific questions (cite the question number).

CMMC
Knowledge Readiness

Background Questions

WHY CMMC? - INDUSTRY BACKGROUND

what are the key business issues regarding cmmc?

CMMC Overview

CMMC Assessment Process

Feedback on our Knowledge Readiness Quiz

CMMC Overview Webinars and Videos: Click here.

NOW AVAILABLE:

CERTIFIED CMMC PROFESSIONAL COURSE (CCP)

Who is This Course For?

Licensed Training Providers (LTPs)

Certified Third-Party Assessor Organizations (C3PAOs)

Presented by

CMMC Academy Sponsors

international alliance members

CMMC Knowledge Readiness

CMMC Knowledge Readiness Quiz

Background Questions

WHY CMMC? - INDUSTRY BACKGROUND

what are the key business issues regarding cmmc?

CMMC Overview

CMMC Assessment Process

Feedback on our Knowledge Readiness Quiz

My CMMC Knowledge Readiness Results

Learn more about CMMC Academy Solutions

CMMC Overview Webinars and Videos: Click here.

NOW AVAILABLE:

CERTIFIED CMMC PROFESSIONAL COURSE (CCP)

Who is This Course For?

Licensed Training Providers (LTPs)

Certified Third-Party Assessor Organizations (C3PAOs)

CMMC Insights: Training on Implementation by Implementers

Presented by

CMMC Academy Sponsors

international alliance members

CMMC
Knowledge Readiness

CMMC Insights:
Training on Implementation by Implementers