SC.5.198

Control Acronym

SC

Family

System And Communications Protection

CMMC Level

5

800-171 Control #

N/A

CMMC Description

Configure monitoring systems to record packets passing through the organization's Internet network boundaries and other organizationally defined boundaries.

CMMC Clarification

The organization shall capture and save all packets traversing the network boundary for a period of time determined by the organization. The system will support detailed analysis of an event showing what packets were transmitted and received and be able to reconstruct and determine content transmitted during a specific time period. Example You manage security systems for the organization. You purchase a network recorder appliance and install it between the firewall and the Internet router to record all traffic entering or exiting the organization’s network. The network recorder is configured to retain three months of network traffic.

800-171 Description

800-171 Discussion

N/A

Other Source Discussion

CIS CONTROLS V7.1 Configure monitoring systems to record network packets passing through the boundary at each of the organization’s network boundaries.

CIS Control References

CIS Controls v7.1 12.5

NIST 800-53 Control Ref.

CMMC Derived

NIST CSF Control References

NIST 800-171 References

Applicable FAR Clause

NIST CSF Control Reference

CERT RMM Reference

Modification of NIST 800-171B Reference

NIST 800-171B Reference

UK NCSCCyber Reference

AS ACSC Reference

Assessment Sub-Criteria 1

Assessment Sub-Criteria 2

Assessment Sub-Criteria 3

Assessment Sub-Criteria 4

Assessment Sub-Criteria 5

Assessment Sub-Criteria 6

Assessment Sub-Criteria 7

Assessment Sub-Criteria 8

Assessment Sub-Criteria 9

Assessment Sub-Criteria 10

Assessment Sub-Criteria 11

Assessment Sub-Criteria 12

Assessment Sub-Criteria 13

Assessment Sub-Criteria 14

Assessment Sub-Criteria 15