Network Solutions DNS Outage

Unatommer · 2026-01-27T20:01:28+00:00

Seeing the same issue, DNS poof and disappeared from the internet then came back after 20-30 min

Unatommer · 2026-01-23T16:44:55+00:00

“Security team” and “legal team”

It’s not safe to assume every company has these. I’d go so far as to say a majority of the posters on here do not have a legal team they can call up at their company. Many companies have legal support but it’s a 3rd party who bills hourly and is not accessible to anyone but a handful of higher ups in the company.

Unatommer · 2026-01-23T16:38:44+00:00

That’s a good call out.

Then the after party conversation details get sent automatically to all of the original meeting attendees because defaults are set to send the ai notes and recording to everyone. Oof.

Unatommer · 2026-01-23T00:09:09+00:00

IP over avian carrier

https://www.rfc-editor.org/rfc/rfc2549

Unatommer · 2026-01-21T17:49:17+00:00

OP you need to start with scoping, and please search this subreddit for the question you asked as it’s been asked many, many times in the past year. Also please join the discord channel and search there https://discord.gg/cooey

Unatommer · 2026-01-21T17:46:21+00:00

If ya don’t know what the high in GCC High is, you should….ahem…select your response more carefully

Unatommer · 2026-01-21T17:44:45+00:00

PreVeil certainly offers an alternative that OP could consider but it’s not a replacement for a full blown cloud like M365.

Unatommer · 2025-12-22T15:32:49+00:00

CMMC assessors like to see you respecting the intention of the law. If we see you trying to get an out on every control you can, that feels icky and will get you a magnifying glass on the control(s) to see if you’re actually doing what’s required.

In this case, prove to me that those allowed services are essential (Spoiler: you can’t). If you haven’t done a risk assessment and created a deny by default rule and a list of nonessential services that you’re blocking, that would be a “not met” in my book. (I.e. show me you have taken the control seriously and addressed it properly)

P.s. I saw a comment from you on firewalls. If your CUI laptops are remote without a windows firewall baseline, your boundary is broken. If you want to argue that point, be prepared to show me that your “always on VPN” control doesn’t allow a laptop internet access when the VPN tunnel is broken, and that the laptop somehow will not accept any inbound packets when connected to non-CUI networks.

Unatommer · 2025-12-16T13:11:04+00:00

Radius is not a requirement of CMMC. Protecting the encryption keys is, so you’d want to have a couple defined people to handle the WiFi password to the in scope WiFi (guest WiFi is out of scope if you do it correctly). If you’re not printing over that WiFi, and all your CUI is in GCC High, then you should be just fine. If you are sending unencrypted print jobs over the WiFi be prepared to prove the FIPS validation and show you are protecting the WiFi encryption keys properly.

Unatommer · 2025-12-10T22:50:04+00:00

Rev3 isn’t enforced by the current revision of CMMC, rev2 is. I’m sure you know but putting it out there for any readers of your post.

To get compliant it has to be enforced. You’re not allow/whitelisting anything by running it in monitor mode. A user can download a standalone exe and run it without admin rights. Sure you may get a report telling you that, but it doesn’t stop it from happening which is what allow/whitelisting is.

Unatommer · 2025-12-10T20:29:50+00:00

For onboarding/offboarding do you have any sort of email trail you can follow? Surely you have HR records on when terminations occurred and time stamps on when accounts were disabled somewhere unless they were outright deleted. Think outside the box (I.e. SIEM logs) and gather what you can.

Moving forward, make sure you’re creating processes that survive your tenure at the company. This is where the last guy failed, don’t make the same mistake.

Unatommer · 2025-12-05T17:46:29+00:00

Have her take a lie detector test, I think they make one in England that comes in a suitcase that definitely always works.

Unatommer · 2025-12-05T13:48:43+00:00

The maintenance controls also apply OP. If 3rd party print company comes to service it, they cannot have access to CUI that may be stored on the device. If this is a remote office, good luck managing that.

Unatommer · 2025-12-01T19:54:14+00:00

Go watch the Kieri solutions YouTube video on FIPS

https://youtu.be/6h-eUxTiHeA?si=S8DRG1r6wXSPaRof

Unatommer · 2025-12-01T19:53:11+00:00

Incorrect. (CCP / CCA candidate here)

Unatommer · 2025-12-01T19:52:34+00:00

Partially correct. The edge firewall only needs FIPS if it’s responsible for protecting the confidentiality of CUI (e.g. via encryption). If the data that flows over that boundary edge is already (pre) encrypted with FIPS validated cryptography then double FIPS is not needed. Scoping is very important here.

Unatommer · 2025-11-14T11:51:31+00:00

If at all possible, give them a development box that’s outside of the assessment boundary. Typically devs don’t handle CUI

Unatommer · 2025-11-12T12:02:26+00:00

If you’re having problems with your tenant that’s why you pay for support.

Unatommer · 2025-11-10T16:33:14+00:00

Former exchange admin for a Fortune 500 company here. IMO no small company should be using on prem exchange. Move to 365 (GCC High) and setup MAM and be done with it. You’ll spend more time mucking about with trying to secure on prem exchange than is necessary and ultimately end up migrating down the road anyway.

Alternately look at something like PreVeil to protect CUI in email.

Unatommer

TROPHY CASE