CMMC 2.0 • LEVEL 2 • MAINTENANCE

MA.L2-3.7.5Nonlocal Maintenance

Approve and monitor nonlocal maintenance and diagnostic activities. Implement multi-factor authentication and replay resistance in the establishment of nonlocal maintenance and diagnostic sessions. Terminate session and network connections when nonlocal maintenance is completed.

NIST 800-171 Mapping

NIST 800-53 Controls

MA-5

Assessment Objectives

  • nonlocal maintenance and diagnostic activities are approved.
  • nonlocal maintenance and diagnostic activities are monitored.
  • session connections are terminated when nonlocal maintenance is completed.
  • network connections are terminated when nonlocal maintenance is completed.
  • multi-factor authentication is implemented in the establishment of nonlocal maintenance and diagnostic sessions.
  • replay resistance is implemented in the establishment of nonlocal maintenance and diagnostic sessions.

Practitioner Notes

Practitioner commentary coming soon.

Related CMMC 2.0 Practices

MA.L2-3.7.1 Perform Maintenance on Organizational Systems MA.L2-3.7.2 Provide Controls on the Tools, Techniques, Mechanisms, and Personnel Used to Conduct System Maintenance MA.L2-3.7.3 Ensure Equipment Removed for Off-Site Maintenance Is Sanitized of Any CUI MA.L2-3.7.4 Maintenance Tools