CMMC 2.13
CMMC Practices
Each practice, grouped by domain and cross-referenced to the NIST controls that support it.
Domain: IA — Identification & Authenticationclear ✕
15 practices
IA
Identification & Authentication15IA.L1-b.1.vIdentification [FCI Data]1 refL1IA.L1-b.1.viAuthentication [FCI Data]1 refL1IA.L2-3.5.1Identification [CUI Data]1 refL2IA.L2-3.5.2Authentication [CUI Data]1 refL2IA.L2-3.5.3Multifactor Authentication1 refL2IA.L2-3.5.4Replay-Resistant Authentication1 refL2IA.L2-3.5.5Identifier Reuse1 refL2IA.L2-3.5.6Identifier Handling1 refL2IA.L2-3.5.7Password Complexity1 refL2IA.L2-3.5.8Password Reuse1 refL2IA.L2-3.5.9Temporary Passwords1 refL2IA.L2-3.5.10Cryptographically-Protected Passwords1 refL2IA.L2-3.5.11Obscure Feedback1 refL2IA.L3-3.5.1eBidirectional AuthenticationL3IA.L3-3.5.3eBlock Untrusted AssetsL3
Looking for the underlying standards? Browse NIST SP 800-171, 800-172 & 800-53 →