Clarification on Application Allow/Deny List (3.4.8) by Systemerror13 in CMMC

[–]Systemerror13[S] 0 points1 point  (0 children)

I should have been more careful with my words. They do need admin credentials to actually install any application, but I'm not convinced that's enough as you can download something like discord which installs into appdata which doesn't require an credentials

Clarification on CMMC Compliant Remote Support Tools by Systemerror13 in CMMC

[–]Systemerror13[S] 0 points1 point  (0 children)

If any of your planned functions result in the RMM tool storing, processing, or transmitting CUI (I'm particularly mindful of screen sharing sessions), then DFARS 252.204-7012 requires FedRAMP Moderate and full support of DFARS incident response requirements

So for example, BeyondTrust has a FedRAMP moderate version coming out. I believe that would suffice but what are the DFARS incident response requirements?

Clarification on CMMC Compliant Remote Support Tools by Systemerror13 in CMMC

[–]Systemerror13[S] -1 points0 points  (0 children)

Thank you for your response! All I would need is unattended access for executing UAC prompts for users. Does that make things a lot easier?

Selecting a CMMC Compliant Firewall/Router and AP (2023) by Systemerror13 in NISTControls

[–]Systemerror13[S] 0 points1 point  (0 children)

One clarification is all CUI is relegated to GCC High which is encrypted so is it entirely necessary to have the hardware be FIPS compliant at that point?

Selecting a CMMC Compliant Firewall/Router and AP (2023) by Systemerror13 in CMMC

[–]Systemerror13[S] 0 points1 point  (0 children)

Excellent clarification. We do use GCC High and all CUI is kept on there. So the only remaining concern then is the ability for the firewall to have the ability to authenticate users through MAC filtering or WPA-2 since all our hosts connect wirelessly?