cmmc controls Archives - Resilient IT

IA.L2-3.5.2 – Don’t Just Identify… Authenticate: Proving Identity Before Granting Access

by Kevin Mann | Aug 19, 2025 | CMMC, Cybersecurity

If IA.L2-3.5.1 is about knowing who is trying to access your systems, then IA.L2-3.5.2 is about verifying they really are who they claim to be. As a Certified CMMC Assessor and Certified CMMC MSP, we often find that organizations rely on weak or inconsistent...

IA.L2-3.5.1 – Identifying Users Before Granting Access: The First Gate

by Kevin Mann | Aug 12, 2025 | CMMC

The most fundamental question in cybersecurity is: “Who are you?” Before any system can enforce policy, log activity, or prevent unauthorized access, it must first identify the user. That’s what IA.L2-3.5.1 requires: reliable identification of users, processes, and...

CM.L2-3.4.2 – From Set to Secure: Enforcing Configuration Settings the Right Way

by Kevin Mann | Aug 4, 2025 | CMMC, Cybersecurity

When we assess organizations for CMMC Level 2, CM.L2-3.4.2 is one of the clearest indicators of whether their security is proactive or accidental. Having configuration settings is one thing. Enforcing them is another. This post explores how to implement and validate...

CM.L2-3.4.1 – The Foundation of Configuration Control: Baselines and Inventories

by Kevin Mann | Jul 29, 2025 | CMMC, Cybersecurity

In the CMMC world, Configuration Management begins with knowing what you have and how it should look. CM.L2-3.4.1 is foundational—and if you can’t meet this, the rest of the domain is going to fall apart quickly. As both an Authorized C3PAO and a Level 2 Certified...

Mastering AC.L1‑3.1.2: How to Limit Transactions & Functions — and Pass Your CMMC Level 2 Assessment

by Kevin Mann | Jul 21, 2025 | CMMC, Cybersecurity

1. Why This Practice Matters AC.L1‑3.1.2 may look deceptively simple (“limit information‑system access to the types of transactions and functions that authorized users are permitted to execute”), but it is the cornerstone of least‑privilege at Level 2 (Its a Level 1...

« Older Entries

CMMC Compliance Services

Assessments for Contractors

Assessments for MSPs

CMMC Compliant Managed IT

Not a DoD Contractor?

Our Company

Our Process

Why Choose Resilient IT?

Our Security

Careers

IA.L2-3.5.2 – Don’t Just Identify… Authenticate: Proving Identity Before Granting Access

IA.L2-3.5.1 – Identifying Users Before Granting Access: The First Gate

CM.L2-3.4.2 – From Set to Secure: Enforcing Configuration Settings the Right Way

CM.L2-3.4.1 – The Foundation of Configuration Control: Baselines and Inventories

Mastering AC.L1‑3.1.2: How to Limit Transactions & Functions — and Pass Your CMMC Level 2 Assessment

Recent Posts

Get in touch with our experts today.

And experience the difference the Resilient approach to your IT, cybersecurity, and compliance can make for your business.

Navigation

Virginia (HQ)

California

(571) 408-8810