filmov
tv
CMMC 2.0 Control AU.L2-3.3.1- Essential Audit Logs: Monitoring and Reporting System Activity
Показать описание
CMMC 2.0 Control AU.L2-3.3.1- Essential Audit Logs: Monitoring and Reporting System Activity
In this video, Mike Frieder from On-Call Compliance Solutions discusses the CMMC 2.0 control AU.L2-3.3.1, which focuses on creating and retaining essential audit logs for monitoring and reporting system activity. Mike emphasizes the need for a Security Information Event Management (SIEM) solution to achieve compliance. He explains that a SIEM solution collects and analyzes log files from devices like computers and firewalls to provide timely security alerts and relevant information. Mike breaks down the assessment points for this control, including specifying audit log types, defining audit record content, creating audit records, ensuring they contain the defined content, defining retention requirements, and verifying retention. He recommends a retention period of at least 90 days to comply with DFARS requirements. Mike concludes by offering assistance from On-Call Compliance Solutions to help defense contractors navigate and achieve compliance in the complex world of CMMC, DFARS, and NIST SP 800-171.
00:00 Introduction and topic overview
00:32 Challenges faced by defense contractors with compliance
01:07 Explanation of control AU.L2-3.3.1: Essential Audit Logs
01:43 Importance of a Security Information Event Management (SIEM) solution
02:11 Benefits of having a SIEM solution
02:41 Assessor expectations and assessment point 1: Specifying audit log types
03:11 Assessment point 2: Defining content of audit records
03:41 Assessment point 3: Creating audit records
04:14 Assessment point 4: Ensuring audit records contain defined content
04:45 Assessment point 5: Retention requirements for audit records
05:18 Assessment point 6: Verifying retention of audit records
05:46 Recommended retention period and justification
06:15 Assessment point 7: Demonstrating audit record retention
06:42 Assistance available from On-Call Compliance Solutions
07:08 Call to action and website link for further help
07:36 Conclusion, subscription request, and comments invitation
Don't forget to like and subscribe for more great content!
✅ LINKS MENTIONED IN THE VIDEO
👍Please like and Share the Video.
🔔Don't forget to Subscribe & Press the Bell for Updates.
★★★★★ You can also watch the Following Related Videos on @OnCallCompliance ★★★★
✅✅ Defense Contractor Compliance Help: How On Call Compliance Solutions Can Help You
✅✅ DOD Manufacturing Compliance: Get Compliant While Manufacturing with the Department of Defense
✅✅ Don't Worry, You're Not Alone: DFARS, NIST SP 800-171, and CMMC Compliance Help is Here
Here’s How To Connect with Us:
Tags:
#CMMC #ComplianceTips #AuditLogs #SystemActivity #SIEM #SecurityManagement #DFARS #NIST #OnCallCompliance #DefenseContractors #ComplianceSolutions #Cybersecurity #ITSecurity #InformationSecurity #DataProtection #RiskManagement #ComplianceHeroes #AuditRecords #Monitoring #Reporting
In this video, Mike Frieder from On-Call Compliance Solutions discusses the CMMC 2.0 control AU.L2-3.3.1, which focuses on creating and retaining essential audit logs for monitoring and reporting system activity. Mike emphasizes the need for a Security Information Event Management (SIEM) solution to achieve compliance. He explains that a SIEM solution collects and analyzes log files from devices like computers and firewalls to provide timely security alerts and relevant information. Mike breaks down the assessment points for this control, including specifying audit log types, defining audit record content, creating audit records, ensuring they contain the defined content, defining retention requirements, and verifying retention. He recommends a retention period of at least 90 days to comply with DFARS requirements. Mike concludes by offering assistance from On-Call Compliance Solutions to help defense contractors navigate and achieve compliance in the complex world of CMMC, DFARS, and NIST SP 800-171.
00:00 Introduction and topic overview
00:32 Challenges faced by defense contractors with compliance
01:07 Explanation of control AU.L2-3.3.1: Essential Audit Logs
01:43 Importance of a Security Information Event Management (SIEM) solution
02:11 Benefits of having a SIEM solution
02:41 Assessor expectations and assessment point 1: Specifying audit log types
03:11 Assessment point 2: Defining content of audit records
03:41 Assessment point 3: Creating audit records
04:14 Assessment point 4: Ensuring audit records contain defined content
04:45 Assessment point 5: Retention requirements for audit records
05:18 Assessment point 6: Verifying retention of audit records
05:46 Recommended retention period and justification
06:15 Assessment point 7: Demonstrating audit record retention
06:42 Assistance available from On-Call Compliance Solutions
07:08 Call to action and website link for further help
07:36 Conclusion, subscription request, and comments invitation
Don't forget to like and subscribe for more great content!
✅ LINKS MENTIONED IN THE VIDEO
👍Please like and Share the Video.
🔔Don't forget to Subscribe & Press the Bell for Updates.
★★★★★ You can also watch the Following Related Videos on @OnCallCompliance ★★★★
✅✅ Defense Contractor Compliance Help: How On Call Compliance Solutions Can Help You
✅✅ DOD Manufacturing Compliance: Get Compliant While Manufacturing with the Department of Defense
✅✅ Don't Worry, You're Not Alone: DFARS, NIST SP 800-171, and CMMC Compliance Help is Here
Here’s How To Connect with Us:
Tags:
#CMMC #ComplianceTips #AuditLogs #SystemActivity #SIEM #SecurityManagement #DFARS #NIST #OnCallCompliance #DefenseContractors #ComplianceSolutions #Cybersecurity #ITSecurity #InformationSecurity #DataProtection #RiskManagement #ComplianceHeroes #AuditRecords #Monitoring #Reporting
0:07:52
CMMC 2.0 Control AU.L2-3.3.1- Essential Audit Logs: Monitoring and Reporting System Activity
0:04:20
CMMC 2 0 Control AU.L2-3.3.5 - Audit Review & Reporting: Investigating Unusual Activities
0:05:14
CMMC 2.0 Control AC.L2-3.1.15: Authorize Remote Commands, Access Security Info
0:03:17
CMMC 2.0 Control AC.L2-3.1.16: Pre-approve Wireless Access for Connections
0:05:09
CMMC 2.0 Control CM L2-3.4.2: Establishing Secure Configuration Settings
0:03:27
CMMC 2.0 Control SC.L2-3.13.3 - Separate user functionality from system management functionality
0:04:22
CMMC 2.0 Control AU.L2-3.3.9 - Restricted Privileged User Access for Audit Logging Management
0:08:19
CMMC 2.0 Control AC.L2-3.1.20: Verify, Control, and Limit External System Connections
0:03:20
CMMC 2.0 Control AU.L2-3.3.2 - Traceability for User Accountability: Clearing Actions
0:23:46
CMMC 2 0 Compliance Understanding the Requirements
0:24:01
Understanding CMMC 2.0 Controls AU L2-3.3.3: Review and update logged events | Episode 66
0:04:39
CMMC 2.0 Control AU.L2-3.3.7 - Synchronizing System Clocks for Audit Records
0:04:43
CMMC 2.0 Control AU.L2-3.3.4 - Alert in the Event of an Audit Logging Process Failure
0:06:21
CMMC 2.0 Control AT.L2-3.2.1: Raise Awareness of Security Risks and Policies
0:03:43
CMMC 2.0 Control AC.L2-3.1.13: Secure Remote Access Sessions Cryptographically
0:04:20
CMMC 2.0 Control AU.L2-3.3.6 - Efficient Audit Record Reduction and On-Demand Report Generation
0:06:04
CMMC 2.0 Control CM L2-3.4.6 - Employ the principle of least functionality by configuring organizati
0:06:21
CMMC 2.0 Control AT L2-3.2.3: 3.2.3 Provide security awareness training on recognizing and reporting
0:06:03
CMMC 2.0 Control AC.L2-3.1.21: Restrict Portable Storage Use on External Systems
0:08:14
CMMC 2.0 Control CM L2-3.4.1: Baseline Configurations and Documentation
0:05:12
CMMC 2.0 Control AT.L1-3.2.2: Ensuring Adequate Training for Information Security Job Duties
0:06:17
CMMC 2.0 Control IA.L2-3.5.3 - Use multifactor authentication for local and network access to
0:03:45
CMMC 2.0 Control AC.L2-3.1.12: Monitor & Control Remote Access Sessions
0:05:25
CMMC 2.0 Control CA L2-3.12.1: Assessing Security Controls and Risk Management
Комментарии