CMMC Assessment Interview Guides

The primary function of this domain is to systematically monitor and review actions and events that occur within a system or network. This assures that all operations, including those involving sensitive data, are traceable to an individual or component. By maintaining these detailed records, organizations can not only identify discrepancies, irregularities, or other issues – these detailed records ensure accountabilities for all actions within an organization.

For example, imagine a CCTV. If something goes wrong, you can review the footage to find out what happened. This family ensures that actions are logged and traceable, helping to spot and investigate any mishaps. Read now.

Awareness and Training are pivotal components within an organization’s cybersecurity framework, and are aimed at cultivating a culture of security amongst all personnel. It is intended to ensure that team members may both recognize potential threats and risks associated with their actions, but also that team members have sufficient knowledge (and practice) to act accordingly when/if an issue occurs. Read now. 

Configuration Management operates as a meticulous librarian, ensuring everything is in its proper place and that the library’s systems are running smoothly. That can mean a lot of things, but in the realm of cybersecurity, it focuses on establishing and maintaining consistency of a system’s performance and its functional attributes throughout the life cycle. This requires strict control of changes made to hardware, software, and other components while maintaining all baselines and documentation. Ultimately, our goal is to guard against unauthorized changes that could introduce vulnerabilities. It also aids in the quick restoration of system operations in case of disruptions. Read now.

Identification and Authentication are the digital equivalents of checking someone’s ID at the door. From a cybersecurity perspective, identification, and authentication work collaboratively to ensure that users are who they say they are before granting access to a system or network. Read now.

Incident Response operates much like our emergency services, responding quickly and appropriately to a fire or other emergency. It encompasses the strategies, processes, procedures, tools, resources, training, and other elements that are necessary to ensure an appropriate and meaningful response through the detection, management, and mitigation of security incidents. The primary focus is to respond in a manner that limits damage, reduces recovery time and costs, and ensures that the organization may resume normal operations as swiftly as possible.

Read now.

Maintenance focuses on the health and servicing of our critical systems, much like a routine health check-up or scheduled car service. It requires consistent upkeep, servicing, and updating of an organization’s systems, hardware, and software to ensure optimal functionality. This regular maintenance can help to detect and resolve minor issues before they escalate, and is performed through periodic assessment and updating of systems, such as patching vulnerabilities, such that the organization may guard against exploitation of known or emerging vulnerabilities. Read now.

Media Protection focuses on the protection of both digital and physical media, both in storage and in transit. This includes USB drives, DVDs, hard drives, and even printed documentation that may include sensitive data. Media protection ensures that the data cannot be accessed, altered, or breached by unauthorized entities. These protections could include things like, encryption, access control, physical locks, and secure transportation methods. Read now.

Personnel Security emphasizes a thorough review and vetting of all personnel to ensure these individuals can be trusted with access to sensitive information. This is typically performed through an initial background check, ongoing review of accesses, and regular training; it is intended to mitigate the risks associated with our ‘human firewalls’. Read now.

Picture a bank with security guards and a vault, or a castle with a moat and drawbridge. These physical barriers ensure that the actual systems, devices, and storage locations for sensitive information are physically secure. The focus is on implementing tangible measures to prevent unauthorized physical access to facilities, equipment, and other resources as well as, protecting against environmental hazards. This may be implemented through a variety of protective measures, including security guards, visitor control desks, CCTV cameras, badge readers, secured server/storage rooms, and more. Read now.

Think of this as checking the weather before going on a hike. By identifying potential threats and vulnerabilities, organizations can prepare and guard against them. This involves systematically identifying, evaluating, and understanding potential threats and vulnerabilities that could adversely impact an organization’s assets and operations. By assessing and evaluating these risks, organizations may prioritize their resources and responses based on the needs of the organization. Read now.

Organizations benefit through regular checks of their operationalized cybersecurity mechanisms, including verifying that implemented security controls are operating ‘as intended’, producing the desired results, and are effective. This is usually accomplished through rigorous, ongoing checks of the organization’s information systems to identify weaknesses or compliance gaps while providing a clear picture of the organization’s cybersecurity health. This insight enables organizations to understand potential threats, address identified vulnerabilities, and improve overall security protocols. Read now.

System and Communications Protection emphasizes the safeguarding of information as it is transmitted across networks and systems, ultimately ensuring that messages and/or data sent and received can remain confidential and unaltered. This may include measures such as encryption, firewalls, intrusion detection systems (IDSs), secure communication protocols, and more, ultimately securing this data from external threats. Read now.

This domain focuses on ensuring the accuracy, reliability, and overall integrity of data and systems – by ensuring the trustworthiness and proper functioning of the organization’s information systems. This includes detecting, preventing, and responding to potential compromises or corruptions in the data and system operations. Read now.