CMMC CCP PRACTICE EXAM QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) ALREADY GRADED A+
5 views 0 purchase
Course
CMCP
Institution
CMCP
What is a CUI Asset?
Asset that stores, processes, or transmits CUI
Examples: Servers, Printers, Endpoints, Cloud Services, ERP Systems
Where do you document a CUI Asset?
Document in Asset Inventory
Document in SSP
Document in Network Diagram
What practices do you apply to a ...
QUESTIONS AND CORRECT DETAILED
ANSWERS (VERIFIED ANSWERS)
ALREADY GRADED A+
,What is a CUI Asset?
Asset that stores, processes, or transmits CUI
Examples: Servers, Printers, Endpoints, Cloud Services, ERP Systems
Where do you document a CUI Asset?
K
Document in Asset Inventory
Document in SSP
Document in Network Diagram
C
What practices do you apply to a CUI Asset?
LO
CMMC Level 2
What does CMMC stand for?
YC
Cybersecurity Maturity Model Certification
How many controls are in CMMC L2?
D
110 controls
U
What impact level is required when storing CUI?
IL4
ST
What contract clause is used for CMMC L1?
FAR 52.204-21 (17 practices in total)
If you want to be CMMC L2 compliant, do you need to also be CMMC L1 compliant?
Yes
, What do you call the part before the first period in the following control? AC.L1-3.1.1
Domain
What do you call the part after the first period in the following control? AC.L1-3.1.1
Level
What do you call the part after the dash in the following control? AC.L1-3.1.1
Security Practice Number
K
What is confidentiality?
C
Information Access and disclosure includes means for protecting personal privacy and
proprietary information.
LO
What is file integrity?
Stored information is sufficiently guarded against modification or destruction.
YC
What are the three levels of FedRAMP?
Low
Moderate
High
D
What is reciprocity?
Privileges granted by one organization to another for mutual benefit.
U
What is an Assessment Objective?
Identify the specific items being assessed and can include specifications, mechanism, activities,
ST
and individuals to receive MET for the practice as defined in NIST SP 800-171A
Means to gain detailed insight about practices implemented in and by the OSC and how those
practices are performed
What are the six components of a CMMC practice?
1. Identifier and Practice Statement
2. Assessment Objectives
3. Potential Assessment Methods and Objects
4. Discussion
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Studyclock. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.49. You're not tied to anything after your purchase.