<?xml version="1.0" encoding="UTF-8"?>
<arm:LibrariesRoot xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:arm="http://www.all4tec.net/armmetamodel/v2.2.0" UUID="_MrDJQIKFEeuZyKEaqlSrWg">
  <knowledgeBasesLibrariesList UUID="_MrDJQYKFEeuZyKEaqlSrWg">
    <knowledgeBasesList xsi:type="arm:SecurityMeasureTypesBase" UUID="_VG93p4KDEeuJW4AJD_4AAQ" name="Security measure types base - CMMC">
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-Gq8IKDEeuJW4AJD_4AAQ" name="Awareness &amp; Training (AT)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-HSAIKDEeuJW4AJD_4AAQ" name="Identification &amp; Authentication (IA)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-H5EIKDEeuJW4AJD_4AAQ" name="Asset Management (AM)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-IgIIKDEeuJW4AJD_4AAQ" name="Maintenance (MA)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-JHMIKDEeuJW4AJD_4AAQ" name="Media Protection (MP)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-JuQIKDEeuJW4AJD_4AAQ" name="Access Control (AC)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-KVUIKDEeuJW4AJD_4AAQ" name="Recovery (RE)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-KVUYKDEeuJW4AJD_4AAQ" name="System &amp; Communications Protection (SC)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-MKgIKDEeuJW4AJD_4AAQ" name="Incident Response (IR)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-NYoIKDEeuJW4AJD_4AAQ" name="Audit &amp; Accountability (AU)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-N_sIKDEeuJW4AJD_4AAQ" name="System &amp; Information Integrity (SI)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-PN0IKDEeuJW4AJD_4AAQ" name="Configuration Management (CM)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-RDAIKDEeuJW4AJD_4AAQ" name="Security Assessment (CA)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-S4MIKDEeuJW4AJD_4AAQ" name="Physical Protection (PE)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-TfQIKDEeuJW4AJD_4AAQ" name="Risk Management (RM)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-XwsIKDEeuJW4AJD_4AAQ" name="Situational Awareness (SA)" retained="true"/>
      <contentList xsi:type="arm:SecurityMeasureType" UUID="_j-rSsIKDEeuJW4AJD_4AAQ" name="Personnel Security (PS)" retained="true"/>
    </knowledgeBasesList>
    <knowledgeBasesList xsi:type="arm:StatusScale" UUID="_VG93rIKDEeuJW4AJD_4AAQ" name="Application state scale - CMMC">
      <contentList xsi:type="arm:StatusItem" UUID="_qYAW0IKEEeuJW4AJD_4AAQ" name="Done" retained="true" color="128,255,128"/>
      <contentList xsi:type="arm:StatusItem" UUID="_qc-WYIKEEeuJW4AJD_4AAQ" name="Work in progress" retained="true" color="255,128,64" differencesRequired="true"/>
      <contentList xsi:type="arm:StatusItem" UUID="_qidTUIKEEeuJW4AJD_4AAQ" name="To do" retained="true" color="255,0,0" differencesRequired="true"/>
    </knowledgeBasesList>
    <knowledgeBasesList xsi:type="arm:SecurityMeasuresBase" UUID="_j88NUIKDEeuJW4AJD_4AAQ" name="CMMC" description="CMMC v1.02" securityMeasureStatusScale="_VG93rIKDEeuJW4AJD_4AAQ" referenceStandardStatusScale="_VG93rIKDEeuJW4AJD_4AAQ">
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j8_QoIKDEeuJW4AJD_4AAQ" name="Limit information system access to authorized users, processes acting on behalf of authorized users or devices (including other information systems)." shortName="AC.1.001" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.i&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.1.1&lt;br/>&amp;bull; CIS Controls v7.1 1.4, 1.6, 5.1, 14.6, 15.10, 16.8, 16.9, 16.11&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1, PR.AC-3, PR.AC-4, PR.AC-6, PR.PT-3, PR.PT-4&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-2, AC-3, AC-17&lt;br/>&amp;bull; AU ACSC Essential Eight&lt;/p>" retained="true" theme="C001 - Establish system access requirements" level="1" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9DiEIKDEeuJW4AJD_4AAQ" name="Provide privacy and security notices consistent with applicable Controlled Unclassified Information (CUI) rules." shortName="AC.2.005" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.9&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-8&lt;/p>" retained="true" theme="C001 - Establish system access requirements" level="2" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9DiEYKDEeuJW4AJD_4AAQ" name="Limit use of portable storage devices on external systems." shortName="AC.2.006" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.21&lt;br/>&amp;bull; CIS Controls v7.1 13.7, 13.8, 13.9&lt;br/>&amp;bull; NIST CSF v1.1 ID.AM-4, PR.PT-2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-20(2)&lt;/p>" retained="true" theme="C001 - Establish system access requirements" level="2" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9EwMIKDEeuJW4AJD_4AAQ" name="Limit information system access to the types of transactions and functions that authorized users are permitted to execute." shortName="AC.1.002" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.ii&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.1.2&lt;br/>&amp;bull; CIS Controls v7.1 1.4, 1.6, 5.1, 8.5, 14.6, 15.10, 16.8, 16.9, 16.11&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1, PR.AC-3, PR.AC-4, PR.AC-6, PR.PT-3, PR.PT-4&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-2, AC-3, AC-17&lt;/p>" retained="true" theme="C002 - Control internal system access" level="1" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9EwMYKDEeuJW4AJD_4AAQ" name="Employ the principle of least privilege, including for specific security functions and privileged accounts." shortName="AC.2.007" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.5&lt;br/>&amp;bull; CIS Controls v7.1 14.6&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-4&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-6, AC-6(1), AC-6(5)&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C002 - Control internal system access" level="2" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9F-UIKDEeuJW4AJD_4AAQ" name="Use non-privileged accounts or roles when accessing nonsecurity functions." shortName="AC.2.008" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.6&lt;br/>&amp;bull; CIS Controls v7.1 4.3, 4.6&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-4&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-6(2)&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C002 - Control internal system access" level="2" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9GlYIKDEeuJW4AJD_4AAQ" name="Limit unsuccessful logon attempts." shortName="AC.2.009" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.8 &lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-7&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-7&lt;/p>" retained="true" theme="C002 - Control internal system access" level="2" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9GlYYKDEeuJW4AJD_4AAQ" name="Use session lock with pattern-hiding displays to prevent access and viewing of data after a period of inactivity." shortName="AC.2.010" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.10&lt;br/>&amp;bull; CIS Controls v7.1 16.11&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-11, AC-11(1)&lt;/p>" retained="true" theme="C002 - Control internal system access" level="2" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9HMcIKDEeuJW4AJD_4AAQ" name="Authorize wireless access prior to allowing such connections." shortName="AC.2.011" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.16&lt;br/>&amp;bull; CIS Controls v7.1 15.1, 15.10&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-4&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-18&lt;/p>" retained="true" theme="C002 - Control internal system access" level="2" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9HzgIKDEeuJW4AJD_4AAQ" name="Protect wireless access using authentication and encryption." shortName="AC.3.012" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.17&lt;br/>&amp;bull; CIS Controls v7.1 15.7, 15.8&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-4&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-18(1)&lt;/p>" retained="true" theme="C002 - Control internal system access" level="3" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9IakIKDEeuJW4AJD_4AAQ" name="Separate the duties of individuals to reduce the risk of malevolent activity without collusion." shortName="AC.3.017" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.4&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-4&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-5&lt;/p>" retained="true" theme="C002 - Control internal system access" level="3" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9IakYKDEeuJW4AJD_4AAQ" name="Prevent non-privileged users from executing privileged functions and capture the execution of such functions in audit logs." shortName="AC.3.018" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.7&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-4&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-6(9), AC-6(10)&lt;/p>" retained="true" theme="C002 - Control internal system access" level="3" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9JBoIKDEeuJW4AJD_4AAQ" name="Terminate (automatically) user sessions after a defined condition." shortName="AC.3.019" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.11&lt;br/>&amp;bull; CIS Controls v7.1 16.7, 16.11&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-12&lt;/p>" retained="true" theme="C002 - Control internal system access" level="3" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9JBoYKDEeuJW4AJD_4AAQ" name="Control connection of mobile devices." shortName="AC.3.020" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.18&lt;br/>&amp;bull; CIS Controls v7.1 13.6, 16.7&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-3, PR.AC-6&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-19&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C002 - Control internal system access" level="3" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9JBooKDEeuJW4AJD_4AAQ" name="Control information flows between security domains on connected systems." shortName="AC.4.023" description="&lt;p>&amp;bull; CMMC modification of Draft NIST SP 800-171B 3.1.3e &lt;br/>&amp;bull; CIS Controls v7.1 12.1, 12.2, 13.1, 13.3, 14.1, 14.2, 14.5, 14.6, 14.7, 15.6, 15.10&lt;br/>&amp;bull; NIST CSF v1.1 ID.AM-3, PR.AC-5, PR.DS-5, PR.PT-4, DE.AE-1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-4, AC-4(1), AC-4(6), AC-4(8), AC-4(12), AC-4(13), AC-4(15), AC-4(20)&lt;/p>" retained="true" theme="C002 - Control internal system access" level="4" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9JosIKDEeuJW4AJD_4AAQ" name="Periodically review and update CUI program access permissions." shortName="AC.4.025" description="&lt;p>&amp;bull; CMMC&lt;/p>" retained="true" theme="C002 - Control internal system access" level="4" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9JosYKDEeuJW4AJD_4AAQ" name="Identify and mitigate risk associated with unidentified wireless access points connected to the network." shortName="AC.5.024" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; CIS Controls v7.1 15.3&lt;br/>&amp;bull; NIST CSF v1.1 PR.DS-5, DE.AE-1, DE.CM-7&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SI-4(14)&lt;/p>" retained="true" theme="C002 - Control internal system access" level="5" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9KPwIKDEeuJW4AJD_4AAQ" name="Monitor and control remote access sessions." shortName="AC.2.013" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.12&lt;br/>&amp;bull; CIS Controls v7.1 12.11, 12.12&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-3, PR.PT-4&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-17(1)&lt;/p>" retained="true" theme="C003 - Control remote system access" level="2" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9K20IKDEeuJW4AJD_4AAQ" name="Employ cryptographic mechanisms to protect the confidentiality of remote access sessions." shortName="AC.3.014" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.13&lt;br/>&amp;bull; CIS Controls v7.1 15.7, 15.8&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-3, PR.PT-4&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-17(2)&lt;/p>" retained="true" theme="C003 - Control remote system access" level="3" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9K20YKDEeuJW4AJD_4AAQ" name="Route remote access via managed access control points." shortName="AC.2.015" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.14&lt;br/>&amp;bull; CIS Controls v7.1 15.5, 15.10&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-3, PR.PT-4&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-17(3)&lt;/p>" retained="true" theme="C003 - Control remote system access" level="2" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9Ld4IKDEeuJW4AJD_4AAQ" name="Authorize remote execution of privileged commands and remote access to security-relevant information." shortName="AC.3.021" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.15&lt;br/>&amp;bull; CIS Controls v7.1 8.8, 12.11, 12.12&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-3, PR.PT-4&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-17(4)&lt;/p>" retained="true" theme="C003 - Control remote system access" level="3" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9Ld4YKDEeuJW4AJD_4AAQ" name="Restrict remote network access based on organizational defined risk factors such as time of day, location of access, physical location, network connection state and measured properties of the current user and role." shortName="AC.4.032" description="&lt;p>&amp;bull; CMMC&lt;/p>" retained="true" theme="C003 - Control remote system access" level="4" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9ME8IKDEeuJW4AJD_4AAQ" name="Verify and control/limit connections to and use of external information systems." shortName="AC.1.003" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.iii&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.1.20&lt;br/>&amp;bull; CIS Controls v7.1 12.1, 12.4&lt;br/>&amp;bull; NIST CSF v1.1 ID.AM-4, PR.AC-3&lt;br/>&amp;bull; CERT RMM v1.2 EXD:SG3.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-20, AC-20(1)&lt;/p>" retained="true" theme="C004 - Limit data access to authorized users and processes" level="1" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9MsAIKDEeuJW4AJD_4AAQ" name="Control information posted or processed on publicly accessible information systems." shortName="AC.1.004" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.iv&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.1.22&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-22&lt;/p>" retained="true" theme="C004 - Limit data access to authorized users and processes" level="1" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9MsAYKDEeuJW4AJD_4AAQ" name="Control the flow of CUI in accordance with approved authorizations." shortName="AC.2.016" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.3&lt;br/>&amp;bull; CIS Controls v7.1 12.1, 12.2, 12.5, 12.8, 13.3, 14.1, 14.6, 14.7&lt;br/>&amp;bull; NIST CSF v1.1 ID.AM-3, PR.AC-5, PR.DS-5, PR.PT-4&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-4&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C004 - Limit data access to authorized users and processes" level="2" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9NTEIKDEeuJW4AJD_4AAQ" name="Encrypt CUI on mobile devices and mobile computing platforms." shortName="AC.3.022" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.1.19&lt;br/>&amp;bull; CIS Controls v7.1 13.6&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-3&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AC-19(5)&lt;/p>" retained="true" theme="C004 - Limit data access to authorized users and processes" level="3" securityMeasureType="_j-JuQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9NTEYKDEeuJW4AJD_4AAQ" name="Define procedures for the handling of CUI data." shortName="AM.3.036" description="&lt;p>&amp;bull; CMMC&lt;/p>" retained="true" theme="C005 - Identify and document assets" level="3" securityMeasureType="_j-H5EIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9N6IIKDEeuJW4AJD_4AAQ" name="Employ automated capability to discover and identify systems with specific component attributes (e.g., firmware level, OS type) within your inventory." shortName="AM.4.226" description="&lt;p>&amp;bull; CMMC modification of Draft NIST SP 800-171B 3.4.3e&lt;br/>&amp;bull; CIS Controls v7.1 1.1, 1.2, 1.4, 1.5, 2.3, 2.4, 2.5&lt;br/>&amp;bull; NIST CSF v1.1 ID.AM-1, ID.AM-2&lt;br/>&amp;bull; CERT RMM v1.2 ADM:SG1.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CM-8&lt;/p>" retained="true" theme="C006 - Manage asset inventory" level="4" securityMeasureType="_j-H5EIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9N6IYKDEeuJW4AJD_4AAQ" name="Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions." shortName="AU.2.041" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.3.2&lt;br/>&amp;bull; CIS Controls v7.1 16.8, 16.9&lt;br/>&amp;bull; NIST CSF v1.1 DE.CM-1, DE.CM-3, DE.CM-7&lt;br/>&amp;bull; CERT RMM v1.2 MON:SG1.SP3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-2, AU-3, AU-3(1), AU-6, AU-11, AU-12&lt;/p>" retained="true" theme="C007 - Define audit requirements" level="2" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9N6IoKDEeuJW4AJD_4AAQ" name="Review and update logged events." shortName="AU.3.045" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.3.3&lt;br/>&amp;bull; CIS Controls v7.1 6.7&lt;br/>&amp;bull; CERT RMM v1.2 IMC:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-2(3)&lt;/p>" retained="true" theme="C007 - Define audit requirements" level="3" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9OhMIKDEeuJW4AJD_4AAQ" name="Alert in the event of an audit logging process failure." shortName="AU.3.046" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.3.4&lt;br/>&amp;bull; CIS Controls v7.1 6.7&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-5&lt;/p>" retained="true" theme="C007 - Define audit requirements" level="3" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9OhMYKDEeuJW4AJD_4AAQ" name="Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation and reporting of unlawful or unauthorized system activity." shortName="AU.2.042" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.3.1&lt;br/>&amp;bull; CIS Controls v7.1 6.2&lt;br/>&amp;bull; NIST CSF v1.1. DE.CM-1, DE.CM-3, DE.CM-7&lt;br/>&amp;bull; CERT RMM v1.2 MON:SG2.SP3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-2, AU-3, AU-3(1), AU-6, AU-11, AU-12&lt;/p>" retained="true" theme="C008 - Perform auditing" level="2" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9PIQIKDEeuJW4AJD_4AAQ" name="Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records." shortName="AU.2.043" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.3.7&lt;br/>&amp;bull; CIS Controls v7.1 6.1&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-8, AU-8(1)&lt;/p>" retained="true" theme="C008 - Perform auditing" level="2" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9PIQYKDEeuJW4AJD_4AAQ" name="Collect audit information (e.g., logs) into one or more central repositories." shortName="AU.3.048" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; CIS Controls v7.1 6.5&lt;br/>&amp;bull; CERT RMM v1.2 COMP:SG3.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-6(4)&lt;/p>" retained="true" theme="C008 - Perform auditing" level="3" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9PIQoKDEeuJW4AJD_4AAQ" name="Identify assets not reporting audit logs and assure appropriate organizationally defined systems are logging." shortName="AU.5.055" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; CIS Controls v7.1 6.2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-12&lt;/p>" retained="true" theme="C008 - Perform auditing" level="5" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9PvUIKDEeuJW4AJD_4AAQ" name="Protect audit information and audit logging tools from unauthorized access, modification and deletion." shortName="AU.3.049" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.3.8 &lt;br/>&amp;bull; CERT RMM v1.2 MON:SG2.SP3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-6(7), AU-9&lt;/p>" retained="true" theme="C009 - Identify and protect audit information" level="3" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9PvUYKDEeuJW4AJD_4AAQ" name="Limit management of audit logging functionality to a subset of privileged users." shortName="AU.3.050" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.3.9&lt;br/>&amp;bull; CERT RMM v1.2 MON:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-6(7), AU-9(4)&lt;/p>" retained="true" theme="C009 - Identify and protect audit information" level="3" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9QWYIKDEeuJW4AJD_4AAQ" name="Review audit logs." shortName="AU.2.044" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; CIS Controls v7.1 6.7&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-1&lt;br/>&amp;bull; CERT RMM v1.2 COMP:SG3.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-6&lt;/p>" retained="true" theme="C010 - Review and manage audit logs" level="2" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9QWYYKDEeuJW4AJD_4AAQ" name="Correlate audit record review, analysis and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious or unusual activity." shortName="AU.3.051" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.3.5&lt;br/>&amp;bull; CIS Controls v7.1 6.6, 6.7&lt;br/>&amp;bull; NIST CSF v1.1 DE.AE-3&lt;br/>&amp;bull; CERT RMM v1.2 COMP: SG3.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-6(3)&lt;/p>" retained="true" theme="C010 - Review and manage audit logs" level="3" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9Q9cIKDEeuJW4AJD_4AAQ" name="Provide audit record reduction and report generation to support on-demand analysis and reporting." shortName="AU.3.052" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.3.6&lt;br/>&amp;bull; NIST CSF v1.1 RS.AN-3&lt;br/>&amp;bull; CERT RMM v1.2 COMP:SG3.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-7&lt;/p>" retained="true" theme="C010 - Review and manage audit logs" level="3" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9Q9cYKDEeuJW4AJD_4AAQ" name="Automate analysis of audit logs to identify and act on critical indicators (TTPs) and/or organizationally-defined suspicious activity." shortName="AU.4.053" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; CIS Controls v7.1 6.6&lt;br/>&amp;bull; NIST CSF v1.1 DE.AE-3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SI-4(2)&lt;/p>" retained="true" theme="C010 - Review and manage audit logs" level="4" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9RkgIKDEeuJW4AJD_4AAQ" name="Review audit information for broad activity in addition to per-machine activity." shortName="AU.4.054" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 RA-5(6), RA-5(8), RA-5(10)&lt;/p>" retained="true" theme="C010 - Review and manage audit logs" level="4" securityMeasureType="_j-NYoIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9RkgYKDEeuJW4AJD_4AAQ" name="Ensure that managers, system administrators and users of organizational systems are made aware of the security risks associated with their activities and of the applicable policies, standards and procedures related to the security of those systems." shortName="AT.2.056" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.2.1&lt;br/>&amp;bull; CIS Controls v7.1 17.3&lt;br/>&amp;bull; NIST CSF v1.1 PR.AT-1, PR.AT-2, PR.AT-3, PR.AT-4, PR.AT-5&lt;br/>&amp;bull; CERT RMM v1.2 OTA:SG1.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AT-2, AT-3&lt;/p>" retained="true" theme="C011 - Conduct security awareness activities" level="2" securityMeasureType="_j-Gq8IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9RkgoKDEeuJW4AJD_4AAQ" name="Provide security awareness training on recognizing and reporting potential indicators of insider threat." shortName="AT.3.058" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.2.3&lt;br/>&amp;bull; NIST CSF v1.1 ID.RA-3&lt;br/>&amp;bull; CERT RMM v1.2 OTA:SG2.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AT-2(2)&lt;/p>" retained="true" theme="C011 - Conduct security awareness activities" level="3" securityMeasureType="_j-Gq8IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9SLkIKDEeuJW4AJD_4AAQ" name="Provide awareness training focused on recognizing and responding to threats from social engineering, advanced persistent threat actors, breaches and suspicious behaviors; update the training at least annually or when there are significant changes to the threat." shortName="AT.4.059" description="&lt;p>&amp;bull; Draft NIST SP 800-171B 3.2.1e&lt;br/>&amp;bull; CIS Controls v7.1 17.1, 17.2, 17.4&lt;br/>&amp;bull; NIST CSF v1.1 PR.AT-1, PR.AT-2, PR.AT-3, PR.AT-4, PR.AT-5&lt;br/>&amp;bull; CERT RMM v1.2 OTA:SG2.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AT-2&lt;/p>" retained="true" theme="C011 - Conduct security awareness activities" level="4" securityMeasureType="_j-Gq8IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9SyoIKDEeuJW4AJD_4AAQ" name="Include practical exercises in awareness training that are aligned with current threat scenarios and provide feedback to individuals involved in the training." shortName="AT.4.060" description="&lt;p>&amp;bull; CMMC modification of Draft NIST SP 800-171B 3.2.2e&lt;br/>&amp;bull; CIS Controls v7.1 17.1, 17.2, 17.4&lt;br/>&amp;bull; NIST CSF v1.1 PR.AT-1, PR.AT-2, PR.AT-3, PR.AT-4, PR.AT-5&lt;br/>&amp;bull; CERT RMM v1.2 OTA:SG3.SP1, OTA:SG3.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AT-2(1)&lt;/p>" retained="true" theme="C011 - Conduct security awareness activities" level="4" securityMeasureType="_j-Gq8IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9TZsIKDEeuJW4AJD_4AAQ" name="Ensure that personnel are trained to carry out their assigned information security- related duties and responsibilities." shortName="AT.2.057" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.2.2&lt;br/>&amp;bull; CIS Controls v7.1 17.5, 17.6, 17.7, 17.8, 17.9&lt;br/>&amp;bull; NIST CSF v1.1 PR.AT-1, PR.AT-2, PR.AT-3, PR.AT-4, PR.AT-5&lt;br/>&amp;bull; CERT RMM v1.2 OTA:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AT-2, AT-3&lt;/p>" retained="true" theme="C012 - Conduct training" level="2" securityMeasureType="_j-Gq8IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9TZsYKDEeuJW4AJD_4AAQ" name="Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware and documentation) throughout the respective system development life cycles." shortName="CM.2.061" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.4.1&lt;br/>&amp;bull; CIS Controls v7.1 1.4, 1.5, 2.1, 2.4, 5.1&lt;br/>&amp;bull; NIST CSF v1.1 ID.AM-1, ID.AM-2, PR.DS-3, PR.DS-7, PR.IP-1, DE.AE-1&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG5.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CM-2, CM-6, CM-8, CM-8(1)&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C013 -  Establish configuration baselines" level="2" securityMeasureType="_j-PN0IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9UAwIKDEeuJW4AJD_4AAQ" name="Employ the principle of least functionality by configuring organizational systems to provide only essential capabilities." shortName="CM.2.062" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.4.6&lt;br/>&amp;bull; NIST CSF v1.1 PR.IP-1, PR.PT-3&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CM-7&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C013 -  Establish configuration baselines" level="2" securityMeasureType="_j-PN0IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9UAwYKDEeuJW4AJD_4AAQ" name="Control and monitor user-installed software." shortName="CM.2.063" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.4.9&lt;br/>&amp;bull; CIS Controls v7.1 2.1, 2.2, 2.6&lt;br/>&amp;bull; NIST CSF v1.1 DE.CM-3&lt;br/>&amp;bull; CERT RMM v1.2 MON:SG2.SP3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CM-11&lt;/p>" retained="true" theme="C013 -  Establish configuration baselines" level="2" securityMeasureType="_j-PN0IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9Un0IKDEeuJW4AJD_4AAQ" name="Establish and enforce security configuration settings for information technology products employed in organizational systems." shortName="CM.2.064" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.4.2&lt;br/>&amp;bull; CIS Controls v7.1 1.4, 1.5, 2.1, 2.4, 5.1&lt;br/>&amp;bull; NIST CSF v1.1 ID.AM-1, ID.AM-2, PR.DS-3, PR.DS-7, PR.IP-1, DE.AE-1&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CM-2, CM-6, CM-8, CM-8(1)&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C014 -  Perform configuration and change management" level="2" securityMeasureType="_j-PN0IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9Un0YKDEeuJW4AJD_4AAQ" name="Track, review, approve or disapprove and log changes to organizational systems." shortName="CM.2.065" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.4.3&lt;br/>&amp;bull; NIST CSF v1.1 PR.IP-1, PR.IP-3&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG5.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CM-3&lt;br/>&amp;bull; AU ACSC Essential Eight&lt;/p>" retained="true" theme="C014 -  Perform configuration and change management" level="2" securityMeasureType="_j-PN0IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9VO4IKDEeuJW4AJD_4AAQ" name="Analyze the security impact of changes prior to implementation." shortName="CM.2.066" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.4.4&lt;br/>&amp;bull; NIST CSF v1.1 PR.IP-3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CM-4&lt;/p>" retained="true" theme="C014 -  Perform configuration and change management" level="2" securityMeasureType="_j-PN0IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9VO4YKDEeuJW4AJD_4AAQ" name="Define, document, approve and enforce physical and logical access restrictions associated with changes to organizational systems." shortName="CM.3.067" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.4.5&lt;br/>&amp;bull; CIS Controls v7.1 2.5, 2.7, 2.8, 2.9, 4.3, 11.1, 11.3, 11.7&lt;br/>&amp;bull; NIST CSF v1.1 PR.IP-1&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CM-5&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C014 -  Perform configuration and change management" level="3" securityMeasureType="_j-PN0IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9V18IKDEeuJW4AJD_4AAQ" name="Restrict, disable or prevent the use of nonessential programs, functions, ports, protocols and services." shortName="CM.3.068" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.4.7&lt;br/>&amp;bull; CIS Controls v7.1 9.2, 9.4, 12.4&lt;br/>&amp;bull; NIST CSF v1.1 PR.IP-1, PR.PT-3&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CM-7(1), CM-7(2)&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C014 -  Perform configuration and change management" level="3" securityMeasureType="_j-PN0IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9V18YKDEeuJW4AJD_4AAQ" name="Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized software or deny-all, permit-by-exception (whitelisting) policy to allow the execution of authorized software." shortName="CM.3.069" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.4.8&lt;br/>&amp;bull; CIS Controls v7.1 2.1, 2.2, 2.6, 2.7, 2.8, 2.9&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-3&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CM-7(4), CM-7(5)&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C014 -  Perform configuration and change management" level="3" securityMeasureType="_j-PN0IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9WdAIKDEeuJW4AJD_4AAQ" name="Employ application whitelisting and an application vetting process for systems identified by the organization." shortName="CM.4.073" description="&lt;p>&amp;bull; CMMC modification of NIST SP 800-171 3.4.8&lt;br/>&amp;bull; CIS Controls v7.1 2.1, 2.2, 2.6, 2.7, 2.8, 2.9&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-3&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CM-7(4), CM-7(5)&lt;/p>" retained="true" theme="C014 -  Perform configuration and change management" level="4" securityMeasureType="_j-PN0IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9WdAYKDEeuJW4AJD_4AAQ" name="Verify the integrity and correctness of security critical or essential software as defined by the organization (e.g., roots of trust, formal verification or cryptographic signatures)." shortName="CM.5.074" description="&lt;p>&amp;bull; CMMC modification of Draft NIST SP 800-171B 3.14.1e&lt;br/>&amp;bull; CIS Controls v7.1 2.10&lt;br/>&amp;bull; NIST CSF v1.1 PR.DS-6, PR.DS-8, PR.IP-2&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4&amp;nbsp; SI-7(6), SI-7(9), SI-7(10), SA-17&lt;/p>" retained="true" theme="C014 -  Perform configuration and change management" level="5" securityMeasureType="_j-PN0IKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9WdAoKDEeuJW4AJD_4AAQ" name="Identify information system users, processes acting on behalf of users or devices." shortName="IA.1.076" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.v&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.5.1&lt;br/>&amp;bull; CIS Controls v7.1 4.2, 4.3, 16.8, 16.9&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1, PR.AC-6, PR.AC-7&lt;br/>&amp;bull; CERT RMM v1.2 ID:SG1.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IA-2, IA-3, IA-5&lt;/p>" retained="true" theme="C015 - Grant access to authenticated entities" level="1" securityMeasureType="_j-HSAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9XEEIKDEeuJW4AJD_4AAQ" name="Authenticate (or verify) the identities of those users, processes or devices, as a prerequisite to allowing access to organizational information systems." shortName="IA.1.077" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.vi&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.5.2&lt;br/>&amp;bull; CIS Controls v7.1 4.2, 4.3, 16.8, 16.9&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1, PR.AC-6, PR.AC-7&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IA-2, IA-3, IA-5&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C015 - Grant access to authenticated entities" level="1" securityMeasureType="_j-HSAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9XEEYKDEeuJW4AJD_4AAQ" name="Enforce a minimum password complexity and change of characters when new passwords are created." shortName="IA.2.078" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.5.7&lt;br/>&amp;bull; CIS Controls v7.1 4.2, 4.4&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1, PR.AC-6, PR.AC-7&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IA-5(1)&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C015 - Grant access to authenticated entities" level="2" securityMeasureType="_j-HSAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9XrIIKDEeuJW4AJD_4AAQ" name="Prohibit password reuse for a specified number of generations." shortName="IA.2.079" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.5.8&lt;br/>&amp;bull; CIS Controls v7.1 4.2, 4.4&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1, PR.AC-6, PR.AC-7&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IA-5(1)&lt;/p>" retained="true" theme="C015 - Grant access to authenticated entities" level="2" securityMeasureType="_j-HSAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9XrIYKDEeuJW4AJD_4AAQ" name="Allow temporary password use for system logons with an immediate change to a permanent password." shortName="IA.2.080" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.5.9&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1, PR.AC-6, PR.AC-7&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IA-5(1)&lt;/p>" retained="true" theme="C015 - Grant access to authenticated entities" level="2" securityMeasureType="_j-HSAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9YSMIKDEeuJW4AJD_4AAQ" name="Store and transmit only cryptographically- protected passwords." shortName="IA.2.081" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.5.10&lt;br/>&amp;bull; CIS Controls v7.1 16.4, 16.5&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1, PR.AC-6, PR.AC-7&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IA-5(1)&lt;/p>" retained="true" theme="C015 - Grant access to authenticated entities" level="2" securityMeasureType="_j-HSAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9YSMYKDEeuJW4AJD_4AAQ" name="Obscure feedback of authentication information." shortName="IA.2.082" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.5.11&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IA-6&lt;/p>" retained="true" theme="C015 - Grant access to authenticated entities" level="2" securityMeasureType="_j-HSAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9Y5QIKDEeuJW4AJD_4AAQ" name="Use multi-factor authentication for local and network access to privileged accounts and for network access to non-privileged accounts." shortName="IA.3.083" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.5.3&lt;br/>&amp;bull; CIS Controls v7.1 4.5, 11.5, 12.11&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1, PR.AC-6, PR.AC-7&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IA-2(1), IA-2(2), IA-2(3)&lt;br/>&amp;bull; AU ACSC Essential Eight&lt;/p>" retained="true" theme="C015 - Grant access to authenticated entities" level="3" securityMeasureType="_j-HSAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9Y5QYKDEeuJW4AJD_4AAQ" name="Employ replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts." shortName="IA.3.084" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.5.4&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1, PR.AC-6, PR.AC-7&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IA-2(8), IA-2(9)&lt;/p>" retained="true" theme="C015 - Grant access to authenticated entities" level="3" securityMeasureType="_j-HSAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9ZgUIKDEeuJW4AJD_4AAQ" name="Prevent the reuse of identifiers for a defined period." shortName="IA.3.085" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.5.5&lt;br/>&amp;bull; CIS Controls v7.1 16.7, 16.10, 16.12&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1, PR.AC-6, PR.AC-7&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IA-4&lt;/p>" retained="true" theme="C015 - Grant access to authenticated entities" level="3" securityMeasureType="_j-HSAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9ZgUYKDEeuJW4AJD_4AAQ" name="Disable identifiers after a defined period of inactivity." shortName="IA.3.086" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.5.6&lt;br/>&amp;bull; CIS Controls v7.1 16.9, 16.10, 16.11&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1, PR.AC-6, PR.AC-7&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IA-4&lt;/p>" retained="true" theme="C015 - Grant access to authenticated entities" level="3" securityMeasureType="_j-HSAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9aHYIKDEeuJW4AJD_4AAQ" name="Establish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery and user response activities." shortName="IR.2.092" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.6.1&lt;br/>&amp;bull; NIST CSF v1.1. RS.RP-1&lt;br/>&amp;bull; CERT RMM v1.2 IMC:SG1.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IR-2, IR-4&lt;/p>" retained="true" theme="C016 - Plan incident response" level="2" securityMeasureType="_j-MKgIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9aHYYKDEeuJW4AJD_4AAQ" name="Use knowledge of attacker tactics, techniques and procedures in incident response planning and execution." shortName="IR.4.100" description="&lt;p>&amp;bull; CMMC&lt;/p>" retained="true" theme="C016 - Plan incident response" level="4" securityMeasureType="_j-MKgIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9aucIKDEeuJW4AJD_4AAQ" name="In response to cyber incidents, utilize forensic data gathering across impacted systems, ensuring the secure transfer and protection of forensic data." shortName="IR.5.106" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; NIST CSF v1.1 RS.AM-3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-12&lt;/p>" retained="true" theme="C016 - Plan incident response" level="5" securityMeasureType="_j-MKgIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9aucYKDEeuJW4AJD_4AAQ" name="Detect and report events." shortName="IR.2.093" description="&lt;p>&amp;bull; CIS Controls v7.1 19.4&lt;br/>&amp;bull; NIST CSF v1.1 DE.CM-1, DE.CM-2, DE.CM-3, RS.CO-2&lt;br/>&amp;bull; CERT RMM v1.2 IMC:SG2.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IR-6&lt;/p>" retained="true" theme="C017 - Detect and report events" level="2" securityMeasureType="_j-MKgIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9bVgIKDEeuJW4AJD_4AAQ" name="Analyze and triage events to support event resolution and incident declaration." shortName="IR.2.094" description="&lt;p>&amp;bull; CERT RMM v1.2 IMC:SG2.SP4&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IR-4(3)&lt;/p>" retained="true" theme="C017 - Detect and report events" level="2" securityMeasureType="_j-MKgIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9bVgYKDEeuJW4AJD_4AAQ" name="Develop and implement responses to declared incidents according to pre- defined procedures." shortName="IR.2.095" retained="true" theme="C018 - Develop and implement a response to a declared incident" level="2" securityMeasureType="_j-MKgIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9b8kIKDEeuJW4AJD_4AAQ" name="Track, document and report incidents to designated officials and/or authorities both internal and external to the organization." shortName="IR.3.098" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.6.2&lt;br/>&amp;bull; CIS Controls v7.1 19.4&lt;br/>&amp;bull; NIST CSF v1.1 RS.CO-2, RS.CO-3&lt;br/>&amp;bull; CERT RMM v1.2 IMC:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IR-6, IR-7&lt;/p>" retained="true" theme="C018 - Develop and implement a response to a declared incident" level="3" securityMeasureType="_j-MKgIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9b8kYKDEeuJW4AJD_4AAQ" name="Establish and maintain a Security Operations Center (SOC) capability that facilitates a 24/7 response capability." shortName="IR.4.101" description="&lt;p>&amp;bull; CMMC modification of Draft NIST SP 800-171B 3.6.1e&lt;/p>" retained="true" theme="C018 - Develop and implement a response to a declared incident" level="4" securityMeasureType="_j-MKgIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9cjoIKDEeuJW4AJD_4AAQ" name="Use a combination of manual and automated, real-time response to anomalous activities that match incident patterns." shortName="IR.5.102" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IR-4(1)&lt;/p>" retained="true" theme="C018 - Develop and implement a response to a declared incident" level="5" securityMeasureType="_j-MKgIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9cjoYKDEeuJW4AJD_4AAQ" name="Establish and maintain a Cyber Incident Response Team (CIRT) that can investigate an issue physically or virtually at any location within 24 hours." shortName="IR.5.108" description="&lt;p>&amp;bull; CMMC modification of Draft NIST SP 800-171B 3.6.2e&lt;/p>" retained="true" theme="C018 - Develop and implement a response to a declared incident" level="5" securityMeasureType="_j-MKgIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9dKsIKDEeuJW4AJD_4AAQ" name="Perform root cause analysis on incidents to determine underlying causes." shortName="IR.2.097" description="&lt;p>&amp;bull; NIST CSF v1.1 DE.AE-2&lt;br/>&amp;bull; CERT RMM v1.2 IMC:SG5.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 AU-2&lt;/p>" retained="true" theme="C019 - Perform post incident reviews" level="2" securityMeasureType="_j-MKgIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9dKsYKDEeuJW4AJD_4AAQ" name="Test the organizational incident response capability." shortName="IR.3.099" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.6.3&lt;br/>&amp;bull; CIS Controls v7.1 19.7&lt;br/>&amp;bull; NIST CSF v1.1 DE.DP-3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 IR-3&lt;/p>" retained="true" theme="C020 - Test incident response" level="3" securityMeasureType="_j-MKgIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9dxwIKDEeuJW4AJD_4AAQ" name="Perform unannounced operational exercises to demonstrate technical and procedural responses." shortName="IR.5.110" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; CIS Controls v7.1 19.7&lt;/p>" retained="true" theme="C020 - Test incident response" level="5" securityMeasureType="_j-MKgIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9dxwYKDEeuJW4AJD_4AAQ" name="Perform maintenance on organizational systems." shortName="MA.2.111" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.7.1&lt;br/>&amp;bull; NIST CSF v1.1 PR.MA-1&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG5.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MA-2&lt;/p>" retained="true" theme="C021 - Manage maintenance" level="2" securityMeasureType="_j-IgIIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9eY0IKDEeuJW4AJD_4AAQ" name="Provide controls on the tools, techniques, mechanisms and personnel used to conduct system maintenance." shortName="MA.2.112" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.7.2&lt;br/>&amp;bull; NIST CSF v1.2 PR.MA-1&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG5.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MA-3&lt;/p>" retained="true" theme="C021 - Manage maintenance" level="2" securityMeasureType="_j-IgIIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9eY0YKDEeuJW4AJD_4AAQ" name="Require multifactor authentication to establish nonlocal maintenance sessions via external network connections and terminate such connections when nonlocal maintenance is complete." shortName="MA.2.113" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.7.5&lt;br/>&amp;bull; NIST CSF v1.1 PR.MA-2&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MA-4&lt;/p>" retained="true" theme="C021 - Manage maintenance" level="2" securityMeasureType="_j-IgIIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9e_4IKDEeuJW4AJD_4AAQ" name="Supervise the maintenance activities of personnel without required access authorization." shortName="MA.2.114" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.7.6&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG5.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MA-5&lt;/p>" retained="true" theme="C021 - Manage maintenance" level="2" securityMeasureType="_j-IgIIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9fm8IKDEeuJW4AJD_4AAQ" name="Ensure equipment removed for off-site maintenance is sanitized of any CUI." shortName="MA.3.115" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.7.3&lt;br/>&amp;bull; CERT RMM v1.2 TM:SG5.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MA-2&lt;/p>" retained="true" theme="C021 - Manage maintenance" level="3" securityMeasureType="_j-IgIIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9fm8YKDEeuJW4AJD_4AAQ" name="Check media containing diagnostic and test programs for malicious code before the media are used in organizational systems." shortName="MA.3.116" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.7.4&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MA-3(2)&lt;/p>" retained="true" theme="C021 - Manage maintenance" level="3" securityMeasureType="_j-IgIIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9gOAIKDEeuJW4AJD_4AAQ" name="Mark media with necessary CUI markings and distribution limitations." shortName="MP.3.122" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.8.4&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-2&lt;br/>&amp;bull; CERT RMM v1.2 MON:SG2.SP4&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MP-3&lt;/p>" retained="true" theme="C022 - Identify and mark media" level="3" securityMeasureType="_j-JHMIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9gOAYKDEeuJW4AJD_4AAQ" name="Protect (e.g., physically control and securely store) system media containing Federal Contract Information, both paper and digital." shortName="MP.2.119" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.8.1&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-2&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MP-4&lt;/p>" retained="true" theme="C023 - Protect and control media" level="2" securityMeasureType="_j-JHMIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9g1EIKDEeuJW4AJD_4AAQ" name="Limit access to CUI on system media to authorized users." shortName="MP.2.120" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.8.2&lt;br/>&amp;bull; CIS Controls v7.1 14.6&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-2&lt;br/>&amp;bull; CERT RMM v1.2 MON:SG2.SP4&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MP-2&lt;/p>" retained="true" theme="C023 - Protect and control media" level="2" securityMeasureType="_j-JHMIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9g1EYKDEeuJW4AJD_4AAQ" name="Control the use of removable media on system components." shortName="MP.2.121" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.8.7&lt;br/>&amp;bull; CIS Controls v7.1 13.7, 13.8&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-2&lt;br/>&amp;bull; CERT RMM v1.2 MON:SG2.SP4&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MP-7&lt;/p>" retained="true" theme="C023 - Protect and control media" level="2" securityMeasureType="_j-JHMIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9hcIIKDEeuJW4AJD_4AAQ" name="Prohibit the use of portable storage devices when such devices have no identifiable owner." shortName="MP.3.123" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.8.8&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-2&lt;br/>&amp;bull; CERT RMM v1.2 MON:SG2.SP4&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MP-7(1)&lt;/p>" retained="true" theme="C023 - Protect and control media" level="3" securityMeasureType="_j-JHMIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9hcIYKDEeuJW4AJD_4AAQ" name="Sanitize or destroy information system media containing Federal Contract Information (FCI) before disposal or release for reuse." shortName="MP.1.118" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.vii&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.8.3&lt;br/>&amp;bull; NIST CSF v1.1 PR.DS-3&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MP-6&lt;/p>" retained="true" theme="C024 - Sanitize media" level="1" securityMeasureType="_j-JHMIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9iDMIKDEeuJW4AJD_4AAQ" name="Control access to media containing CUI and maintain accountability for media during transport outside of controlled areas." shortName="MP.3.124" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.8.5&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-2&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MP-5&lt;/p>" retained="true" theme="C025 - Protect media during transport" level="3" securityMeasureType="_j-JHMIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9iDMYKDEeuJW4AJD_4AAQ" name="Implement cryptographic mechanisms to protect the confidentiality of CUI stored on digital media during transport unless otherwise protected by alternative physical safeguards." shortName="MP.3.125" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.8.6&lt;br/>&amp;bull; CIS Controls v7.1 13.9&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 MP-5(4)&lt;/p>" retained="true" theme="C025 - Protect media during transport" level="3" securityMeasureType="_j-JHMIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9iqQIKDEeuJW4AJD_4AAQ" name="Screen individuals prior to authorizing access to organizational systems containing CUI." shortName="PS.2.127" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.9.1&lt;br/>&amp;bull; CERT RMM v1.2 HRM:SG2.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 PS-3&lt;/p>" retained="true" theme="C026 - Screen personnel" level="2" securityMeasureType="_j-rSsIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9iqQYKDEeuJW4AJD_4AAQ" name="Ensure that organizational systems containing CUI are protected during and after personnel actions such as terminations and transfers." shortName="PS.2.128" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.9.2&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-1&lt;br/>&amp;bull; CERT RMM v1.2 HRM:SG4.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 PS-4, PS-5&lt;/p>" retained="true" theme="C027 - Protect federal contract information during personnel actions" level="2" securityMeasureType="_j-rSsIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9jRUIKDEeuJW4AJD_4AAQ" name="Limit physical access to organizational information systems, equipment and the respective operating environments to authorized individuals." shortName="PE.1.131" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.viii&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.10.1&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-2&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 PE-2&lt;/p>" retained="true" theme="C028 - Limit physical access" level="1" securityMeasureType="_j-S4MIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9jRUYKDEeuJW4AJD_4AAQ" name="Escort visitors and monitor visitor activity." shortName="PE.1.132" description="&lt;p>&amp;bull; FAR Clause 52.204-21 Partial b.1.ix &lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.10.3&lt;br/>&amp;bull; CERT RMM v1.2 AM:SG1.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 PE-3&lt;/p>" retained="true" theme="C028 - Limit physical access" level="1" securityMeasureType="_j-S4MIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9j4YIKDEeuJW4AJD_4AAQ" name="Maintain audit logs of physical access." shortName="PE.1.133" description="&lt;p>&amp;bull; FAR Clause 52.204-21 Partial b.1.ix &lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.10.4&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 PE-3&lt;/p>" retained="true" theme="C028 - Limit physical access" level="1" securityMeasureType="_j-S4MIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9j4YYKDEeuJW4AJD_4AAQ" name="Control and manage physical access devices." shortName="PE.1.134" description="&lt;p>&amp;bull; FAR Clause 52.204-21 Partial b.1.ix &lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.10.5&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 PE-3&lt;/p>" retained="true" theme="C028 - Limit physical access" level="1" securityMeasureType="_j-S4MIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9kfcIKDEeuJW4AJD_4AAQ" name="Protect and monitor the physical facility and support infrastructure for organizational systems." shortName="PE.2.135" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.10.2&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-2&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 PE-6&lt;/p>" retained="true" theme="C028 - Limit physical access" level="2" securityMeasureType="_j-S4MIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9kfcYKDEeuJW4AJD_4AAQ" name="Enforce safeguarding measures for CUI at alternate work sites." shortName="PE.3.136" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.10.6&lt;br/>&amp;bull; CERT RMM v1.2 EC:SG2.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 PE-17&lt;/p>" retained="true" theme="C028 - Limit physical access" level="3" securityMeasureType="_j-S4MIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9lGgIKDEeuJW4AJD_4AAQ" name="Regularly perform and test data back-ups." shortName="RE.2.137" description="&lt;p>&amp;bull; CIS Controls v7.1 10.1, 10.3&lt;br/>&amp;bull; NIST CSF v1.1 PR.IP-4&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG6.SP1&lt;br/>&amp;bull; NIST 800-53 Rev 4 CP-9&lt;br/>&amp;bull; AU ACSC Essential Eight&lt;/p>" retained="true" theme="C029 - Manage back-ups" level="2" securityMeasureType="_j-KVUIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9ltkIKDEeuJW4AJD_4AAQ" name="Protect the confidentiality of backup CUI at storage locations." shortName="RE.2.138" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.8.9&lt;br/>&amp;bull; CERT RMM v1.2 MON:SG2.SP4&lt;br/>&amp;bull; NIST 800-53 Rev 4 CP-9&lt;/p>" retained="true" theme="C029 - Manage back-ups" level="2" securityMeasureType="_j-KVUIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9ltkYKDEeuJW4AJD_4AAQ" name="Regularly perform complete, comprehensive and resilient data backups as organizationally-defined." shortName="RE.3.139" description="&lt;p>&amp;bull; CIS Controls v7.1 10.1, 10.2, 10.5&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG6.SP1&lt;br/>&amp;bull; NIST 800-53 Rev 4 CP-9, CP-9(3)&lt;/p>" retained="true" theme="C029 - Manage back-ups" level="3" securityMeasureType="_j-KVUIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9mUoIKDEeuJW4AJD_4AAQ" name="Ensure information processing facilities meet organizationally-defined information security continuity, redundancy and availability requirements." shortName="RE.5.140" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; NIST CSF v1.1 PR.IP-9&lt;br/>&amp;bull; CERT RMM v1.2 RRM:SG1.SP2&lt;br/>&amp;bull; NIST 800-53 Rev 4 CP-10&lt;/p>" retained="true" theme="C030 - Manage information security continuity" level="5" securityMeasureType="_j-KVUIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9mUoYKDEeuJW4AJD_4AAQ" name="Periodically assess the risk to organizational operations (including mission, functions, image or reputation), organizational assets and individuals, resulting from the operation of organizational systems and the associated processing, storage or transmission of CUI." shortName="RM.2.141" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.11.1&lt;br/>&amp;bull; NIST CSF v1.1 ID.RA-1, ID.RA-4, DE.AE-4, RS.MI-3&lt;br/>&amp;bull; CERT RMM v1.2 RISK:SG4&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 RA-3&lt;/p>" retained="true" theme="C031 - Identify and evaluate risk" level="2" securityMeasureType="_j-TfQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9m7sIKDEeuJW4AJD_4AAQ" name="Scan for vulnerabilities in organizational systems and applications periodically and when new vulnerabilities affecting those systems and applications are identified." shortName="RM.2.142" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.11.2&lt;br/>&amp;bull; CIS Controls v7.1 3.1, 3.2&lt;br/>&amp;bull; NIST CSF v1.1 ID.RA-1&lt;br/>&amp;bull; CERT RMM v1.2 VAR:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 RA-5&lt;/p>" retained="true" theme="C031 - Identify and evaluate risk" level="2" securityMeasureType="_j-TfQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9niwIKDEeuJW4AJD_4AAQ" name="Periodically perform risk assessments to identify and prioritize risks according to the defined risk categories, risk sources and risk measurement criteria." shortName="RM.3.144" description="&lt;p>&amp;bull; NIST CSF v1.1 ID.RA-5&lt;br/>&amp;bull; CERT RMM v1.2 RISK:SG3, RISK:SG4.SP3 &lt;br/>&amp;bull; NIST SP 800-53 Rev 4 RA-3&lt;/p>" retained="true" theme="C031 - Identify and evaluate risk" level="3" securityMeasureType="_j-TfQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9niwYKDEeuJW4AJD_4AAQ" name="Catalog and periodically update threat profiles and adversary Tactics, Techniques &amp; Procedures (TTPs)." shortName="RM.4.149" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; NIST CSF v1.1 DE.AE-2&lt;br/>&amp;bull; CERT RMM v1.2 VAR:SG2.SP1&lt;/p>" retained="true" theme="C031 - Identify and evaluate risk" level="4" securityMeasureType="_j-TfQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9oJ0IKDEeuJW4AJD_4AAQ" name="Employ threat intelligence to inform the development of the system and security architectures, selection of security solutions, monitoring, threat hunting and response and recovery activities." shortName="RM.4.150" description="&lt;p>&amp;bull; Draft NIST SP 800-171B 3.11.1e&lt;br/>&amp;bull; NIST CSF v1.1 ID.RA-2, ID.RA-3&lt;/p>" retained="true" theme="C031 - Identify and evaluate risk" level="4" securityMeasureType="_j-TfQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9oJ0YKDEeuJW4AJD_4AAQ" name="Perform scans for unauthorized ports available across perimeter network boundaries, over the organization's Internet boundaries and other organization-defined boundaries." shortName="RM.4.151" description="&lt;p>&amp;bull; CIS Controls v7.1 12.2&lt;br/>&amp;bull; NIST CSF v1.1 DE.CM-7&lt;/p>" retained="true" theme="C031 - Identify and evaluate risk" level="4" securityMeasureType="_j-TfQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9ow4IKDEeuJW4AJD_4AAQ" name="Remediate vulnerabilities in accordance with risk assessments." shortName="RM.2.143" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.11.3&lt;br/>&amp;bull; CIS Controls v7.1 3.7&lt;br/>&amp;bull; NIST CSF v1.1 RS.MI-3&lt;br/>&amp;bull; CERT RMM v1.2 VAR:SG3.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 RA-5&lt;/p>" retained="true" theme="C032 - Manage risk" level="2" securityMeasureType="_j-TfQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9ow4YKDEeuJW4AJD_4AAQ" name="Develop and implement risk mitigation plans." shortName="RM.3.146" description="&lt;p>&amp;bull; NIST CSF v1.1 ID.RA-6, ID.RM-1&lt;br/>&amp;bull; CERT RMM v1.2 RISK:SG5.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 PM-9&lt;/p>" retained="true" theme="C032 - Manage risk" level="3" securityMeasureType="_j-TfQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9pX8IKDEeuJW4AJD_4AAQ" name="Manage non-vendor-supported products (e.g., end of life) separately and restrict as necessary to reduce risk." shortName="RM.3.147" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; CIS Controls v7.1 2.2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SA-22(1)&lt;/p>" retained="true" theme="C032 - Manage risk" level="3" securityMeasureType="_j-TfQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9p_AIKDEeuJW4AJD_4AAQ" name="Utilize an exception process for non-whitelisted software that includes mitigation techniques." shortName="RM.5.152" description="&lt;p>&amp;bull; CMMC&lt;/p>" retained="true" theme="C032 - Manage risk" level="5" securityMeasureType="_j-TfQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9p_AYKDEeuJW4AJD_4AAQ" name="Analyze the effectiveness of security solutions at least annually to address anticipated risk to the system and the organization based on current and accumulated threat intelligence." shortName="RM.5.155" description="&lt;p>&amp;bull; CMMC modification of Draft NIST SP 800-171B 3.11.5e&lt;br/>&amp;bull; CERT RMM v1.2 RISK:SG6.SP1&lt;/p>" retained="true" theme="C032 - Manage risk" level="5" securityMeasureType="_j-TfQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9qmEIKDEeuJW4AJD_4AAQ" name="Develop and update as required, a plan for managing supply chain risks associated with the IT supply chain." shortName="RM.4.148" description="&lt;p>&amp;bull; CMMC modification of Draft NIST SP 800-171B 3.11.7e&lt;br/>&amp;bull; NIST CSF v1.1 ID.SC-1, ID.SC-2&lt;br/>&amp;bull; CERT RMM v1.2 EC:SG3.SP1, EC:SG3.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SA-12&lt;/p>" retained="true" theme="C033 - Manage supply chain risk" level="4" securityMeasureType="_j-TfQIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9qmEYKDEeuJW4AJD_4AAQ" name="Develop, document and periodically update System Security Plans (SSPs) that describe system boundaries, system environments of operation, how security requirements are implemented and the relationships with or connections to other systems." shortName="CA.2.157" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.12.4&lt;br/>&amp;bull; NIST CSF v1.1 PR.IP-7&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 PL-2&lt;/p>" retained="true" theme="C034 - Develop and manage a system security plan" level="2" securityMeasureType="_j-RDAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9rNIIKDEeuJW4AJD_4AAQ" name="Create, maintain and leverage a security strategy and roadmap for organizational cybersecurity improvement." shortName="CA.4.163" description="&lt;p>&amp;bull; NIST CSF v1.1 ID.RM-1, RS.IM-1, RS.IM-2, RC.IM-1, and RC.IM-2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 PL-1&lt;/p>" retained="true" theme="C034 - Develop and manage a system security plan" level="4" securityMeasureType="_j-RDAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9rNIYKDEeuJW4AJD_4AAQ" name="Periodically assess the security controls in organizational systems to determine if the controls are effective in their application." shortName="CA.2.158" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.12.1&lt;br/>&amp;bull; NIST CSF v1.1 DE.DP-3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CA-2&lt;/p>" retained="true" theme="C035 - Define and manage controls" level="2" securityMeasureType="_j-RDAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9r0MIKDEeuJW4AJD_4AAQ" name="Develop and implement plans of action (e.g., POA&amp;M) designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems." shortName="CA.2.159" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.12.2&lt;br/>&amp;bull; CERT RMM v1.2 RISK:SG5.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CA-5&lt;/p>" retained="true" theme="C035 - Define and manage controls" level="2" securityMeasureType="_j-RDAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9sbQIKDEeuJW4AJD_4AAQ" name="Monitor security controls on an ongoing basis to ensure the continued effectiveness of the controls." shortName="CA.3.161" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.12.3&lt;br/>&amp;bull; NIST CSF v1.1 PR.IP-7, DE.DP-5&lt;br/>&amp;bull; CERT RMM v1.2 MON:SG1.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CA-7&lt;/p>" retained="true" theme="C035 - Define and manage controls" level="3" securityMeasureType="_j-RDAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9sbQYKDEeuJW4AJD_4AAQ" name="Conduct penetration testing periodically, leveraging automated scanning tools and ad hoc tests using human experts." shortName="CA.4.164" description="&lt;p>&amp;bull; CMMC modification of Draft NIST SP 800-171B 3.12.1e&lt;br/>&amp;bull; CIS Controls v7.1 20.2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CA-8&lt;/p>" retained="true" theme="C035 - Define and manage controls" level="4" securityMeasureType="_j-RDAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9tCUIKDEeuJW4AJD_4AAQ" name="Periodically perform red teaming against organizational assets in order to validate defensive capabilities" shortName="CA.4.227" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; CIS Controls v7.1 20.3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 CA-8(2)&lt;/p>" retained="true" theme="C035 - Define and manage controls" level="4" securityMeasureType="_j-RDAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9tpYIKDEeuJW4AJD_4AAQ" name="Employ a security assessment of enterprise software that has been developed internally, for internal use, and that has been organizationally-defined as an area of risk." shortName="CA.3.162" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; CIS Controls v7.1 18.1, 18.2&lt;/p>" retained="true" theme="C036 - Perform code reviews" level="3" securityMeasureType="_j-RDAIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9tpYYKDEeuJW4AJD_4AAQ" name="Receive and respond to cyber threat intelligence from information sharing forums and sources and communicate to stakeholders." shortName="SA.3.169" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; NIST CSF v1.1 ID.RA-2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 PM-16&lt;/p>" retained="true" theme="C037 - Implement threat monitoring" level="3" securityMeasureType="_j-XwsIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9uQcIKDEeuJW4AJD_4AAQ" name="Establish and maintain a cyber threat hunting capability to search for Indicators of Compromise (IoC) in organizational systems and detect, track and disrupt threats that evade existing controls." shortName="SA.4.171" description="&lt;p>&amp;bull; Draft NIST SP 800-171B 3.11.2e&lt;br/>&amp;bull; NIST CSF v1.1 DE.CM-1, DE.CM-2, DE.CM-3, DE.CM-4, DE.CM-5, DE.CM-6, DE.CM.7, DE.CM-8&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 PM-16&lt;/p>" retained="true" theme="C037 - Implement threat monitoring" level="4" securityMeasureType="_j-XwsIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9uQcYKDEeuJW4AJD_4AAQ" name="Design network and system security capabilities to leverage, integrate and share Indicators of Compromise (IoC)." shortName="SA.4.173" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SI-4(24)&lt;/p>" retained="true" theme="C037 - Implement threat monitoring" level="4" securityMeasureType="_j-XwsIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9u3gIKDEeuJW4AJD_4AAQ" name="Prohibit remote activation of collaborative computing devices and provide indication of devices in use to users present at the device." shortName="SC.2.178" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.12&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-15&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="2" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9vekIKDEeuJW4AJD_4AAQ" name="Use encrypted sessions for the management of network devices." shortName="SC.2.179" description="&lt;p>&amp;bull; CMMC &lt;br/>&amp;bull; CIS Controls v7.1 11.5&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="2" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9vekYKDEeuJW4AJD_4AAQ" name="Employ FIPS-validated cryptography when used to protect the confidentiality of CUI." shortName="SC.3.177" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.11&lt;br/>&amp;bull; CIS Controls v7.1 14.4, 14.8&lt;br/>&amp;bull; NIST CSF v1.1 PR.DS-1, PR.DS-2&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-13&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9wFoIKDEeuJW4AJD_4AAQ" name="Employ architectural designs, software development techniques and systems engineering principles that promote effective information security within organizational systems." shortName="SC.3.180" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.2&lt;br/>&amp;bull; CIS Controls v7.1 5.1, 5.2, 5.4&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SA-8&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9wFoYKDEeuJW4AJD_4AAQ" name="Separate user functionality from system management functionality." shortName="SC.3.181" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.3&lt;br/>&amp;bull; CIS Controls v7.1 4.3&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-2&lt;br/>&amp;bull; AU ACSC Essential Eight&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9wssIKDEeuJW4AJD_4AAQ" name="Prevent unauthorized and unintended information transfer via shared system resources." shortName="SC.3.182" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.4&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-4&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9xTwIKDEeuJW4AJD_4AAQ" name="Deny network communications traffic by default and allow network communications traffic by exception (e.g., deny all, permit by exception)." shortName="SC.3.183" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.6&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-7(5)&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9xTwYKDEeuJW4AJD_4AAQ" name="Prevent remote devices from simultaneously establishing non-remote connections with organizational systems and communicating via some other connection to resources in external networks (e.g., split tunneling)." shortName="SC.3.184" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.7&lt;br/>&amp;bull; CIS Controls v7.1 12.12&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-7(7)&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9x60IKDEeuJW4AJD_4AAQ" name="Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission unless otherwise protected by alternative physical safeguards." shortName="SC.3.185" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.8&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-2&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-8(1)&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9yh4IKDEeuJW4AJD_4AAQ" name="Terminate network connections associated with communications sessions at the end of the sessions or after a defined period of inactivity." shortName="SC.3.186" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.9&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-10&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9yh4YKDEeuJW4AJD_4AAQ" name="Establish and manage cryptographic keys for cryptography employed in organizational systems." shortName="SC.3.187" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.10&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-12&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9zI8IKDEeuJW4AJD_4AAQ" name="Control and monitor the use of mobile code." shortName="SC.3.188" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.13&lt;br/>&amp;bull; NIST CSF v1.1 DE.CM-5&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-18&lt;br/>&amp;bull; AU ACSC Essential Eight&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9zwAIKDEeuJW4AJD_4AAQ" name="Control and monitor the use of Voice over Internet Protocol (VoIP) technologies." shortName="SC.3.189" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.14&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-19&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9zwAYKDEeuJW4AJD_4AAQ" name="Protect the authenticity of communications sessions." shortName="SC.3.190" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.15&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-23&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j90XEIKDEeuJW4AJD_4AAQ" name="Protect the confidentiality of CUI at rest." shortName="SC.3.191" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.13.16&lt;br/>&amp;bull; CIS Controls v7.1 14.8&lt;br/>&amp;bull; NIST CSF v1.1 PR.DS-1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-28&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j90-IIKDEeuJW4AJD_4AAQ" name="Employ physical and logical isolation techniques in the system and security architecture and/or and where deemed appropriate by the organization." shortName="SC.4.197" description="&lt;p>&amp;bull; CMMC modification of Draft NIST SP 800-171B 3.13.4e&lt;br/>&amp;bull; CIS Controls v7.1 14.1&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-5&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="4" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j90-IYKDEeuJW4AJD_4AAQ" name="Configure monitoring systems to record packets passing through the organization's Internet network boundaries and other organizational-defined boundaries." shortName="SC.5.198" description="&lt;p>&amp;bull; CIS Controls v7.1 12.5&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="5" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j91lMIKDEeuJW4AJD_4AAQ" name="Isolate administratrion of organizationally-defined high-value critical network infrastructure components and servers." shortName="SC.4.228" description="&lt;p>&amp;bull; CMMC modification of NIST SP 800-171 Rev 1 3.13.2&lt;br/>&amp;bull; CIS Controls v7.1 11.7, 14.1&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-5&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SA-8&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="4" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j92MQIKDEeuJW4AJD_4AAQ" name="Enforce port and protocol compliance." shortName="SC.5.230" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; CIS Controls v7.1 9.2&lt;br/>&amp;bull; NIST 800-53 Rev 4 SC-7(17)&lt;/p>" retained="true" theme="C038 - Define security requirements for systems and communications" level="5" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j92MQYKDEeuJW4AJD_4AAQ" name="Monitor, control and protect organizational communications (e.g., information transmitted or received by organizational information systems) at the external boundaries and key internal boundaries of the information systems." shortName="SC.1.175" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.x&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.13.1&lt;br/>&amp;bull; NIST CSF v1.1 PR.PT-4&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-7&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C039 -  Control communications at system boundaries" level="1" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j92zUIKDEeuJW4AJD_4AAQ" name="Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks." shortName="SC.1.176" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.xi&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.13.5&lt;br/>&amp;bull; CIS Controls v7.1 14.1&lt;br/>&amp;bull; NIST CSF v1.1 PR.AC-5&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-7&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;/p>" retained="true" theme="C039 -  Control communications at system boundaries" level="1" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j93aYIKDEeuJW4AJD_4AAQ" name="Implement Domain Name System (DNS) filtering services." shortName="SC.3.192" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; CIS Controls v7.1 7.7&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-20&lt;/p>" retained="true" theme="C039 -  Control communications at system boundaries" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j93aYYKDEeuJW4AJD_4AAQ" name="Implement a policy restricting the publication of CUI on externally-owned, publicly-accessible websites (e.g., forums, LinkedIn, Facebook, Twitter, etc.)." shortName="SC.3.193" description="&lt;p>&amp;bull; CMMC&lt;/p>" retained="true" theme="C039 -  Control communications at system boundaries" level="3" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j94BcIKDEeuJW4AJD_4AAQ" name="Utilize threat intelligence to proactively block DNS requests from reaching malicious domains." shortName="SC.4.199" description="&lt;p>&amp;bull; CMMC&lt;/p>" retained="true" theme="C039 -  Control communications at system boundaries" level="4" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j94ogIKDEeuJW4AJD_4AAQ" name="Employ mechanisms to analyze executable code and scripts (e.g., sandbox) traversing Internet network boundaries or other organizationally-defined boundaries." shortName="SC.4.202" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-44&lt;/p>" retained="true" theme="C039 -  Control communications at system boundaries" level="4" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j94ogYKDEeuJW4AJD_4AAQ" name="Employ organizationally-defined and tailored boundary protections in addition to commercially-available solutions." shortName="SC.5.208" description="&lt;p>&amp;bull; CMMC&lt;/p>" retained="true" theme="C039 -  Control communications at system boundaries" level="5" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j95PkIKDEeuJW4AJD_4AAQ" name="Utilize a URL categorization service and implement techniques to enforce URL filtering of websites that are not approved by the organization." shortName="SC.4.229" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; CIS Controls v7.1 7.4&lt;/p>" retained="true" theme="C039 -  Control communications at system boundaries" level="4" securityMeasureType="_j-KVUYKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j952oIKDEeuJW4AJD_4AAQ" name="Identify, report and correct information and information system flaws in a timely manner." shortName="SI.1.210" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.xii&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.14.1&lt;br/>&amp;bull; NIST CSF v1.1 RS.CO-2, RS.MI-3&lt;br/>&amp;bull; CERT RMM v1.2 VAR:SG2.SP2&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SI-2&lt;br/>&amp;bull; UK NCSC Cyber Essentials&lt;br/>&amp;bull; AU ACSC Essential Eight&lt;/p>" retained="true" theme="C040 - Identify and manage information system flaws" level="1" securityMeasureType="_j-N_sIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j952oYKDEeuJW4AJD_4AAQ" name="Monitor system security alerts and advisories and take action in response." shortName="SI.2.214" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.14.3&lt;br/>&amp;bull; CIS Controls v7.1 6.5, 6.6&lt;br/>&amp;bull; NIST CSF v1.1 RS.AN-5&lt;br/>&amp;bull; CERT RMM v1.2 IMC:SG2.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SI-5&lt;/p>" retained="true" theme="C040 - Identify and manage information system flaws" level="2" securityMeasureType="_j-N_sIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j96dsIKDEeuJW4AJD_4AAQ" name="Use threat indicator information relevant to the information and systems being protected and effective mitigations obtained from external organizations to inform intrusion detection and threat hunting." shortName="SI.4.221" description="&lt;p>&amp;bull; Draft NIST SP 800-171B 3.14.6e&lt;br/>&amp;bull; NIST CSF v1.1 ID.RA-2, ID.RA-3&lt;/p>" retained="true" theme="C040 - Identify and manage information system flaws" level="4" securityMeasureType="_j-N_sIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j97EwIKDEeuJW4AJD_4AAQ" name="Provide protection from malicious code at appropriate locations within organizational information systems." shortName="SI.1.211" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.xiii&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.14.2&lt;br/>&amp;bull; CIS Controls v7.1 8.1&lt;br/>&amp;bull; NIST CSF v1.1 DE.CM-4&lt;br/>&amp;bull; CERT RMM v1.2 VAR:SG3.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SI-3&lt;br/>&amp;bull; AU ACSC Essential Eight&lt;/p>" retained="true" theme="C041 - Identify malicious content" level="1" securityMeasureType="_j-N_sIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j97EwYKDEeuJW4AJD_4AAQ" name="Update malicious code protection mechanisms when new releases are available." shortName="SI.1.212" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.xiv&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.14.4&lt;br/>&amp;bull; CIS Controls v7.1 8.2&lt;br/>&amp;bull; NIST CSF v1.1 DE.CM-4&lt;br/>&amp;bull; CERT RMM v1.2 VAR:SG3.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SI-3&lt;/p>" retained="true" theme="C041 - Identify malicious content" level="1" securityMeasureType="_j-N_sIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j97EwoKDEeuJW4AJD_4AAQ" name="Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened or executed." shortName="SI.1.213" description="&lt;p>&amp;bull; FAR Clause 52.204-21 b.1.xv&lt;br/>&amp;bull; NIST SP 800-171 Rev 1 3.14.5&lt;br/>&amp;bull; CIS Controls v7.1 8.4, 8.7&lt;br/>&amp;bull; NIST CSF v1.1 DE.CM-4&lt;br/>&amp;bull; CERT RMM v1.2 VAR:SG3.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SI-3&lt;/p>" retained="true" theme="C041 - Identify malicious content" level="1" securityMeasureType="_j-N_sIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j98S4IKDEeuJW4AJD_4AAQ" name="Analyze system behavior to detect and mitigate execution of normal system commands and scripts that indicate malicious actions." shortName="SI.5.222" description="&lt;p>&amp;bull; CMMC&lt;/p>" retained="true" theme="C041 - Identify malicious content" level="5" securityMeasureType="_j-N_sIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j98S4YKDEeuJW4AJD_4AAQ" name="Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks." shortName="SI.2.216" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.14.6&lt;br/>&amp;bull; CIS Controls v7.1 12.6&lt;br/>&amp;bull; NIST CSF v1.1 DE.CM-1&lt;br/>&amp;bull; CERT RMM v1.2 MON:SG1.SP3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SI-4&lt;/p>" retained="true" theme="C042 - Perform network and system monitoring" level="2" securityMeasureType="_j-N_sIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9858IKDEeuJW4AJD_4AAQ" name="Identify unauthorized use of organizational systems." shortName="SI.2.217" description="&lt;p>&amp;bull; NIST SP 800-171 Rev 1 3.14.7&lt;br/>&amp;bull; NIST CSF v1.1 DE.CM-1, DE.CM-7&lt;br/>&amp;bull; CERT RMM v1.2 MON:SG1.SP3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SI-4&lt;/p>" retained="true" theme="C042 - Perform network and system monitoring" level="2" securityMeasureType="_j-N_sIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j99hAIKDEeuJW4AJD_4AAQ" name="Employ spam protection mechanisms at information system access entry and exit points." shortName="SI.3.218" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SI-8&lt;/p>" retained="true" theme="C042 - Perform network and system monitoring" level="3" securityMeasureType="_j-N_sIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j99hAYKDEeuJW4AJD_4AAQ" name="Monitor individuals and system components on an ongoing basis for anomalous or suspicious behavior." shortName="SI.5.223" description="&lt;p>&amp;bull; Draft NIST SP 800-171B 3.14.2e&lt;br/>&amp;bull; CIS Controls v7.1 13.3, 16.12, 16.13&lt;br/>&amp;bull; NIST CSF v1.1 DE.CM-1, DE.CM-3&lt;br/>&amp;bull; CERT RMM v1.2 MON:SG1.SP3&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SI-4&lt;/p>" retained="true" theme="C042 - Perform network and system monitoring" level="5" securityMeasureType="_j-N_sIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9-IEIKDEeuJW4AJD_4AAQ" name="Implement email forgery protections" shortName="SI.3.219" description="&lt;p>&amp;bull; CMMC&lt;br/>&amp;bull; CIS Controls v7.1 7.8&lt;br/>&amp;bull; NIST CSF v1.1 PR.DS-2&lt;br/>&amp;bull; CERT RMM v1.2 KIM:SG4.SP1&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-8&lt;/p>" retained="true" theme="C043 - Implement advanced email protections" level="3" securityMeasureType="_j-N_sIKDEeuJW4AJD_4AAQ"/>
      <contentList xsi:type="arm:SecurityMeasure" UUID="_j9-vIIKDEeuJW4AJD_4AAQ" name="Utilize email sandboxing to detect or block potentially malicious email." shortName="SI.3.220" description="&lt;p>&amp;bull; CIS Controls v7.1 7.10&lt;br/>&amp;bull; NIST SP 800-53 Rev 4 SC-44&lt;/p>" retained="true" theme="C043 - Implement advanced email protections" level="3" securityMeasureType="_j-N_sIKDEeuJW4AJD_4AAQ"/>
    </knowledgeBasesList>
  </knowledgeBasesLibrariesList>
</arm:LibrariesRoot>
