1. Assessment Phase

  • CMMC 2.0 Level 1 Compliance Assessment Execution
20 Credits

CMMC 2.0 Level 1 Compliance Report

Overview

This report performs a technical assessment of your AWS environment against the CMMC 2.0 Level 1 compliance standard. CMMC (Cybersecurity Maturity Model Certification) 2.0 Level 1 focuses on Foundational cybersecurity practices and is aligned with safeguarding Federal Contract Information (FCI). It consists of 17 basic cyber hygiene practices derived from NIST SP 800-171.

This assessment evaluates your environment based on the following grouped controls:

Access Control (AC)

  • AC.L1-3.1.1 – Authorized Access Control
  • AC.L1-3.1.2 – Transaction & Function Control
  • AC.L1-3.1.20 – External Connections

Identification and Authentication (IA)

  • IA.L1-3.5.1 – Identification
  • IA.L1-3.5.2 – Authentication

System and Communications Protection (SC)

  • SC.L1-3.13.1 – Boundary Protection

System and Information Integrity (SI)

  • SI.L1-3.14.1 – Flaw Remediation
  • SI.L1-3.14.2 – Malicious Code Protection
  • SI.L1-3.14.5 – System & File Scanning

The assessment covers many AWS services, including EC2, IAM, S3, CloudTrail, and Security Hub.

Upon completion, you will receive a detailed report identifying all passed and failed resources, along with actionable remediation steps to help you achieve compliance with the CMMC 2.0 Level 1 technical recommendations.