All public logs
Combined display of all available logs of Cooey Wiki. You can narrow down the view by selecting a log type, the username (case-sensitive), or the affected page (also case-sensitive).
- 01:59, 27 October 2024 User account Thebert talk contribs was created by Uncouth talk contribs
- 01:29, 27 October 2024 User account Tim talk contribs was created by Uncouth talk contribs
- 14:55, 25 October 2024 Uncouth talk contribs created page Joint Surveillance Voluntary Assessment (JSVA) (Created page with "Joint Surveillance Voluntary Assessment (JSVA) are assessments performed by a CMMC Certified 3rd Party Assessor (C3PAO) and witnessed by DIBCAC, who also performs a DFARS compliance verification. As the name implies, these assessments are voluntary.") Tag: Visual edit
- 14:49, 25 October 2024 Uncouth talk contribs created page FAQ (Created page with "The DoD CIO has published their own FAQ here: https://dodcio.defense.gov/CMMC/FAQs/") Tag: Visual edit
- 22:45, 11 October 2024 Uncouth talk contribs created page 32 CFR Part 170 Key Takeaways (Created page with "== Introduction == On October 15, 2024 32 CFR Part 170 also known as the "CMMC Final Rule" is published to the Federal Register. Effective 60 days later, the CMMC program is in effect. Below are some key considerations, changes, and details to know with this rule's publication. This page's intent is to capture key differences, address changes between the draft rule and final published version. == Timelines == Phased rollout, 48 CFR, blah blah == Security Protection Da...") Tag: Visual edit
- 15:40, 30 September 2024 Uncouth talk contribs created page MediaWiki:Sidebar (Created page with " * navigation ** mainpage|mainpage-description **CMMC Overview **Self-Assessment and Certification **CUI **Resources and Tools for Compliance **Preferred Partners **Training and Education - (for CCA/CCP/LTP) **Frequently Asked Questions ** recentchanges-url|recentchanges ** randompage-url|randompage ** helppage|help-mediawiki * SEARCH * TOOLBOX * LANGUAGES")
- 02:21, 30 September 2024 Marieramsay talk contribs created page CCP (Created page with "A Certified CMMC Professional (CCP) is an entry-level certification within the Cybersecurity Maturity Model Certification (CMMC) ecosystem. Individuals who earn the CCP designation have the foundational knowledge of the CMMC framework and are equipped to assist organizations in understanding, preparing for, and achieving CMMC compliance. CCPs are often involved in helping defense contractors implement the necessary cybersecurity practices required to protect Controlled U...")
- 02:15, 30 September 2024 Marieramsay talk contribs created page CCA (Created page with "A Certified CMMC Assessor (CCA) is an individual who has been trained, certified, and authorized to conduct official Cybersecurity Maturity Model Certification (CMMC) assessments on behalf of a Certified Third-Party Assessment Organization (C3PAO). CCAs play a critical role in the CMMC ecosystem by evaluating defense contractors’ compliance with the CMMC framework to ensure they meet the required cybersecurity standards necessary to handle Controlled Unclassified Infor...")
- 02:08, 30 September 2024 Marieramsay talk contribs created page LTP (Created page with "Licensed Training Providers (LTPs) in the Cybersecurity Maturity Model Certification (CMMC) ecosystem are organizations authorized by the Cyber-AB (CMMC Accreditation Body) to deliver official training programs for individuals seeking CMMC-related certifications. LTPs play a crucial role in ensuring that professionals working within the CMMC ecosystem—such as Certified CMMC Professionals (CCPs) and Certified CMMC Assessors (CCAs)—receive high-quality, standardized tr...")
- 02:02, 30 September 2024 Marieramsay talk contribs created page Resources and Tools for Compliance (Created page with "To support organizations in achieving CMMC (Cybersecurity Maturity Model Certification) compliance, several resources and tools are available from government sources. These resources help organizations understand the requirements of the CMMC framework, assess their cybersecurity posture, and implement the necessary controls to protect Controlled Unclassified Information (CUI) and Federal Contract Information (FCI). ==Here is a list of key government-provided tools and r...")
- 01:42, 30 September 2024 Marieramsay talk contribs created page Training and Education (Created page with "If someone is interested in consulting for CMMC (Cybersecurity Maturity Model Certification), it is important to have a solid understanding of the CMMC framework, the associated requirements, and the NIST 800-171 controls, which are at the core of CMMC. Additionally, training, certifications, and ongoing education are critical components to being a trusted and effective CMMC consultant. Below is a breakdown of the key areas of knowledge, education, and training required...")
- 01:31, 30 September 2024 Marieramsay talk contribs created page C3PAO (Created page with "C3PAOs (Certified Third-Party Assessment Organizations) are critical entities within the Cybersecurity Maturity Model Certification (CMMC) ecosystem. These organizations are accredited by the Cyber-AB (Cybersecurity Maturity Model Certification Accreditation Body) to perform official CMMC assessments for companies that seek certification, especially those that handle Controlled Unclassified Information (CUI) as part of contracts with the Department of Defense (DoD). C3PA...")
- 01:24, 30 September 2024 Marieramsay talk contribs created page SPRS (Created page with "The Supplier Performance Risk System (SPRS) is a Department of Defense (DoD) platform used to assess and evaluate the performance, risks, and security posture of DoD suppliers. SPRS plays a critical role in the DoD’s acquisition process, providing procurement officials with performance ratings, risk assessments, and supplier compliance information, especially in relation to cybersecurity standards like NIST 800-171 and the Cybersecurity Maturity Model Certification (CM...")
- 01:18, 30 September 2024 Marieramsay talk contribs created page CMMC-AB (Created page with "The Cyber-AB (Cybersecurity Maturity Model Certification Accreditation Body) is an independent, nonprofit organization responsible for overseeing the Cybersecurity Maturity Model Certification (CMMC) ecosystem. The Cyber-AB plays a crucial role in ensuring the effective implementation of the CMMC framework, which is designed to enhance cybersecurity practices across the Defense Industrial Base (DIB) by ensuring that contractors meet specific security requirements for...")
- 01:08, 30 September 2024 Marieramsay talk contribs created page Risk Assessment (Created page with "The Risk Assessment family in NIST 800-171 Rev 2 focuses on ensuring that organizations have a structured process for identifying, assessing, and managing risks to their information systems and Controlled Unclassified Information (CUI). The goal is to help organizations understand their security risks, prioritize mitigation efforts, and protect sensitive information from potential threats and vulnerabilities. ==Key Risk Assessment Requirements in NIST 800-171 Rev 2:==...")
- 01:04, 30 September 2024 Marieramsay talk contribs created page System and Information Integrity (Created page with "The System and Information Integrity family in NIST 800-171 Rev 2 focuses on ensuring that an organization’s information systems can detect, respond to, and correct issues that may compromise the integrity and security of Controlled Unclassified Information (CUI). This family emphasizes the importance of monitoring systems for vulnerabilities, applying security patches promptly, and ensuring that malicious software and unauthorized system changes are detected and addre...")
- 00:56, 30 September 2024 Marieramsay talk contribs created page System and Communications Protection (Created page with "The System and Communications Protection family in NIST 800-171 Rev 2 addresses the safeguards necessary to protect the security and confidentiality of Controlled Unclassified Information (CUI) as it is processed, transmitted, or stored within an organization's information systems. This family emphasizes the need to secure both system boundaries and communication channels to prevent unauthorized access, tampering, or data leakage. ==Key System and Communications Protect...")
- 00:46, 30 September 2024 Marieramsay talk contribs created page Security Assessment (Created page with "The Security Assessment family in NIST 800-171 Rev 2 focuses on ensuring that organizations regularly evaluate and improve their information system security controls and practices to protect Controlled Unclassified Information (CUI). The purpose of this family is to establish a formal process for assessing security controls, conducting regular system reviews, and ensuring continuous monitoring to identify and address potential vulnerabilities or weaknesses in security....")
- 00:41, 30 September 2024 Marieramsay talk contribs created page Physical Protection (Created page with "The Physical Protection family in NIST 800-171 Rev 2 focuses on safeguarding Controlled Unclassified Information (CUI) by implementing physical security measures that protect information systems and their associated facilities from unauthorized physical access, tampering, or destruction. This family addresses the need to control physical access to systems, devices, and media that contain CUI, ensuring that only authorized personnel can access sensitive information. ==Ke...")
- 00:35, 30 September 2024 Marieramsay talk contribs created page Personnel Security (Created page with "The Personnel Security family in NIST 800-171 Rev 2 focuses on ensuring that individuals who have access to Controlled Unclassified Information (CUI) are properly vetted and that access to CUI is restricted when personnel no longer require it due to changes in employment status. The primary goal of this family is to prevent unauthorized access to CUI by ensuring that only trustworthy individuals are granted access, and that access is promptly revoked when personnel leave...")
- 00:31, 30 September 2024 Marieramsay talk contribs created page Media Protection (Created page with "The Media Protection family in NIST 800-171 Rev 2 outlines the security controls necessary to protect Controlled Unclassified Information (CUI) that is stored on both digital and non-digital media. The goal is to ensure that media containing sensitive information is properly handled, stored, and disposed of to prevent unauthorized access, loss, or theft. This family covers various forms of media, including physical storage devices like hard drives and USB drives, paper...")
- 00:25, 30 September 2024 Marieramsay talk contribs created page Maintenance (Created page with "The Maintenance family in NIST 800-171 Rev 2 focuses on ensuring that organizations perform appropriate and secure maintenance on information systems while protecting Controlled Unclassified Information (CUI). This includes managing the maintenance of both physical and virtual components, whether performed on-site or remotely, in a way that prevents unauthorized access or tampering during maintenance activities. ==Key Maintenance Requirements in NIST 800-171 Rev 2:== T...")
- 00:17, 30 September 2024 Marieramsay talk contribs created page Incident Response (Created page with "The Incident Response family in NIST 800-171 Rev 2 outlines the processes and controls that organizations must implement to detect, report, respond to, and recover from cybersecurity incidents, particularly those that may affect Controlled Unclassified Information (CUI). The goal of these requirements is to ensure that organizations have the capability to effectively manage security incidents, minimize damage, and recover swiftly while preserving evidence for future inve...")
- 00:09, 30 September 2024 Marieramsay talk contribs created page Identification and Authentication (Created page with "The Identification and Authentication family in NIST 800-171 Rev 2 focuses on ensuring that information systems can correctly identify and authenticate users, devices, and processes before granting access to systems and data, particularly Controlled Unclassified Information (CUI). This family helps protect against unauthorized access by verifying that only legitimate users or systems can access information resources. ==Key Identification and Authentication Requirements...")
- 00:03, 30 September 2024 Marieramsay talk contribs created page Configuration Management (Created page with "The Configuration Management family in NIST 800-171 Rev 2 focuses on ensuring that organizations establish and maintain a secure state for their information systems by controlling changes to hardware, software, and firmware. This helps organizations reduce vulnerabilities, maintain a secure baseline configuration, and prevent unauthorized modifications that could compromise the security of Controlled Unclassified Information (CUI). ==Key Configuration Management Req...")
- 23:51, 29 September 2024 Marieramsay talk contribs created page Audit and Accountability (Created page with "The Audit and Accountability family in NIST 800-171 Rev 2 is designed to ensure that organizations have the ability to track, monitor, and analyze activities within their information systems. By logging events and auditing system activity, organizations can detect unauthorized access, identify anomalies, and maintain accountability for user actions, which is critical for protecting Controlled Unclassified Information (CUI). This family includes requirements for logging...")
- 23:43, 29 September 2024 Marieramsay talk contribs created page Awareness and Training (Created page with "The Awareness and Training family in NIST 800-171 Rev 2 is one of the 14 security control families that focuses on ensuring that employees and users of an organization’s systems are well-informed about cybersecurity risks and know how to protect Controlled Unclassified Information (CUI). This family emphasizes the importance of educating and training users to recognize and respond appropriately to potential security threats, thus helping to minimize human-related s...")
- 23:28, 29 September 2024 Marieramsay talk contribs created page Access Control (Created page with "Access Control is one of the 14 security families in NIST 800-171 Rev 2, which provides guidelines for protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations. The Access Control family focuses on limiting access to information systems, applications, and data to authorized individuals and ensuring that only those with appropriate permissions can access sensitive information. This helps prevent unauthorized access, which is critical fo...")
- 23:16, 29 September 2024 Marieramsay talk contribs created page Self-Assessment and Certification (Created page with "In the Cybersecurity Maturity Model Certification (CMMC) framework, self-assessments and third-party certifications are two key mechanisms that organizations (especially defense contractors) use to demonstrate compliance with cybersecurity requirements set by the Department of Defense (DoD). These mechanisms are designed to ensure that contractors handling Controlled Unclassified Information (CUI) and Federal Contract Information (FCI) have adequate cybersecurity measure...")
- 23:00, 29 September 2024 Marieramsay talk contribs created page Continuous monitoring (Created page with "Continuous monitoring is a cybersecurity practice that involves the ongoing, real-time assessment and analysis of an organization's systems, networks, and data to identify potential vulnerabilities, threats, or unauthorized access. The goal of continuous monitoring is to maintain visibility into the security posture of an organization at all times, allowing for faster detection and response to cybersecurity incidents. === Key Components of Continuous Monitoring: === '...")
- 22:55, 29 September 2024 Marieramsay talk contribs created page APT (Created page with "Advanced Persistent Threats (APTs) refer to highly sophisticated and persistent cyberattacks typically launched by well-funded and skilled adversaries, such as nation-states, organized cybercriminal groups, or advanced hacking collectives. Unlike typical cyberattacks that focus on immediate gains or disruption, APTs aim to infiltrate a network, remain undetected for long periods, and continuously gather intelligence or data over time. === Key Characteristics of APTs: ==...")
- 22:45, 29 September 2024 Marieramsay talk contribs created page NIST SP 800-172 (Created page with "[https://csrc.nist.gov/pubs/sp/800/172/final NIST SP 800-172], titled "Enhanced Security Requirements for Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations," builds on the foundation of NIST SP 800-171. It provides additional security controls and enhancements for organizations that handle highly sensitive Controlled Unclassified Information (CUI), particularly when the risk of advanced persistent threats (APTs) is a concern. H...")
- 22:39, 29 September 2024 Marieramsay talk contribs created page NIST 800-171 (Created page with "[https://csrc.nist.gov/pubs/sp/800/171/r2/upd1/final NIST 800-171], officially titled "Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations," is a publication developed by the National Institute of Standards and Technology (NIST). It provides a set of guidelines and security requirements for protecting sensitive but unclassified information, specifically Controlled Unclassified Information (CUI), when it is stored or transmitted by...")
- 22:31, 29 September 2024 Marieramsay talk contribs created page FAR (Created page with "The [https://www.acquisition.gov/browse/index/far FAR] (Federal Acquisition Regulation) is the set of rules and regulations that govern the acquisition process for all executive agencies of the U.S. federal government. It establishes the policies and procedures for government procurement of goods and services, ensuring that the process is conducted in a fair, transparent, and consistent manner. The FAR covers a wide range of topics, including: 1. Contract Types: It out...")
- 00:05, 27 September 2024 Marieramsay talk contribs created page Preferred Partners (Created page with "These are Preferred Partners that our community has used and would recommend. The community does not guarantee the services on behalf of the vendors, but services have been used (and continue to be used) and preferred by many in our community. ===Compliance Consultants & Managed Service Providers (MSP)s:=== [https://defcert.com/ DEFCERT] [https://www.sentinelblue.com/ Sentinel Blue] ===Manufacturers:===")
- 23:11, 26 September 2024 Marieramsay talk contribs created page FCI (Created page with "Federal Contract Information (FCI) refers to information provided by or generated for the government under a contract that is not intended for public release. While FCI is not classified or as sensitive as Controlled Unclassified Information (CUI), it still requires protection to prevent unauthorized access or disclosure. ===Key Aspects of FCI:=== 1 - Definition: FCI includes any information that is not public and is provided or developed during the course of performi...")
- 23:04, 26 September 2024 Marieramsay talk contribs created page CUI (Created page with "Controlled Unclassified Information (CUI) refers to sensitive information that, while not classified, requires safeguarding or dissemination controls in accordance with laws, regulations, or government-wide policies. The CUI program was established by Executive Order 13556 in 2010 to standardize the way the federal government and its contractors handle this type of information, reducing inconsistencies and improving information security across agencies. ===Key Aspects o...")
- 23:02, 26 September 2024 Marieramsay talk contribs created page DoD (Created page with "The Department of Defense (DoD) is the federal executive department responsible for ensuring the national security and overseeing the U.S. Armed Forces. Its mission is to provide military forces to deter war and protect the security of the United States. The DoD's personnel structure is vast and includes both civilian and military personnel organized in a hierarchical framework. Here’s an overview of the key components of the DoD's structure: 1. '''Civilian Leadership...")
- 22:54, 26 September 2024 Marieramsay talk contribs created page DFARS (Created page with "Several Defense Federal Acquisition Regulation Supplement (DFARS) clauses are directly related to CMMC (Cybersecurity Maturity Model Certification) and the protection of Controlled Unclassified Information (CUI). These DFARS clauses mandate that contractors meet certain cybersecurity requirements and, in some cases, obtain CMMC certification. Here are the most relevant DFARS clauses: 1. [https://www.acquisition.gov/dfars/252.204-7012-safeguarding-covered-defense-inform...")
- 22:50, 26 September 2024 Marieramsay talk contribs created page DIB (Created page with "The Defense Industrial Base (DIB) refers to a global network of private-sector companies and organizations that provide products and services to the Department of Defense (DoD) and other defense-related government entities. These companies design, develop, manufacture, and maintain military systems, equipment, and technologies that are critical for national defense and security. The DIB includes a wide range of industries, such as: *Aerospace and aviation *Shipbuilding...")
- 22:27, 26 September 2024 Marieramsay talk contribs created page CMMC Overview (Created page with "The Cybersecurity Maturity Model Certification (CMMC) is a framework designed to enhance cybersecurity practices across the Defense Industrial Base (DIB). It applies to any organization within the supply chain (receiving specific DFARS flow-down) that works on contracts with the Department of Defense (DoD), ensuring these companies can safeguard Controlled Unclassified Information (CUI) and Federal Contract Information (FCI). In November 2021, in response to industry fe...")
- 22:16, 26 September 2024 Marieramsay talk contribs created page Talk:Main Page (Created page with "CMMC Overview")
- 17:33, 24 September 2024 ValentinIfl talk contribs created page User:ValentinIfl (Created page with "I'm a 33 yеars old and woгk аt the high school (Occupational Tһerapy).<br>In my spare time I teach myseⅼf Englisһ. I have been there and look [https://openclipart.org/search/?query=forward forward] to go there anytime soon. I like to read, prеferably on my ipad. I ⅼike to ᴡatch Ꭺrrested Development and [https://www.dict.cc/?s=American%20Dad American Dad] aѕ well aѕ docus about anything aѕtronomical. I like Radio-Controlled Car Racing.<br><br>Here is m...")
- 16:31, 24 September 2024 Cooey talk contribs changed group membership for Marieramsay from administrator to administrator, interface administrator, bureaucrat and suppressor
- 16:31, 24 September 2024 Cooey talk contribs changed group membership for Uncouth from administrator to administrator, interface administrator, bureaucrat and suppressor
- 16:25, 24 September 2024 Cooey talk contribs changed group membership for Uncouth from (none) to administrator
- 16:25, 24 September 2024 User account Uncouth talk contribs was created by Cooey talk contribs
- 16:24, 24 September 2024 Cooey talk contribs changed group membership for Marieramsay from (none) to administrator
- 16:24, 24 September 2024 User account Marieramsay talk contribs was created by Cooey talk contribs
- 15:44, 24 September 2024 User account ValentinIfl talk contribs was created