Practice:SC.L2-3.13.8
|
CAPABILITY: C038 Define security requirements for systems and communications
|
Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission unless otherwise protected by alternative physical safeguards. |
Assessment NOTES: A CMMC assessor may want to review, observe, or test the following
Cryptographic mechanisms implemented to prevent unauthorized disclose of CUI during transmission where physical safeguards are not available or implemented.
Click here to see details (additional assessment notes available)
Practice:SC.L2-3.13.9
|
CAPABILITY: C038 Define security requirements for systems and communications
|
Terminate network connections associated with communications sessions at the end of the sessions or after a defined period of inactivity. |
Assessment NOTES: A CMMC assessor may want to review, observe, or test the following
System and communication protection policy and procedures for the inspection of automated mechanisms designed to disconnect connectivity organizationally defined time periods of inactivity.
Click here to see details (additional assessment notes available)Copyright © 2022 Celerium. All Rights Reserved.