![]() Practice statement: Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions. retention requirements for audit records are defined and audit records, once created, contain the defined content the content of audit records needed to support monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity is defined audit logs (for example, event types to be logged) to enable monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity are specified Practice statement: Create and retain system audit logs and records to enable monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity. The following table provides a list of practice statement and objectives, and Azure AD guidance and recommendations to enable you to meet these requirements with Azure AD. For each domain, there's a table with links to content that provides step-by-step guidance to accomplish the practice. ![]() The remainder of this article provides guidance for all of the domains except Access Control (AC) and Identification and Authentication (IA) which are covered in other articles. System and Communications Protection (SC).In CMMC Level 2, there are 13 domains that have one or more practices related to identity: of Defense (DoD) to complete other configurations or processes. To be compliant with requirements in CMMC V2.0 level 2, it's the responsibility of companies performing work with, and on behalf of, the US Dept. Azure Active Directory helps meet identity-related practice requirements in each Cybersecurity Maturity Model Certification (CMMC) level.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |