CMMC CCP Exam | Questions & Answers (100 %Score) Latest Updated 2024/2025
Comprehensive Questions A+ Graded Answers | 100% Pass
How Many domains are in Level 1 and What are they? - ✔✔6 domains: AC, IA, MP, PE, SC, SI
How many controls are in Level 1? - ✔✔17
What is some evidence For control AC.L1-3.1.2 - Limit information system access to the types of
transactions and functions that authorized users are permitted to execute. - ✔✔CUI Allowed Roster,
Access Control Policy, Screenshot of AD CUI Allowed Group, Screenshot of Users in Preveil, Principle of
least privilege in AD
What is some evidence For control IA.L1-3.5.2 - Authenticate (or verify) the identities of those users,
processes, or devices, as a prerequisite to allowing access to organizational information systems -
✔✔Computer Naming Schema - PD102, Unique Usernames and passwords are in place, Screenshot of
password policy, Identification & Authentication Policy
What does the domain PE stand for? - ✔✔Physical Protection
What does the domain SI stand for? - ✔✔System & Information Integrity
Control SI.L1-3.14.1 - Flaw Remediation is defined as Identify, report, and correct information and
information system flaws in a timely manner. What evidence can be used as Clampco's Response for this
control? - ✔✔Screenshot of Ninja Patches, Change Mgmt smartsheet log, communication email alerts
from fortinet, cisa, etc.
According to our Media Protection Policy what do we do after the electronic media is picked up and we
receive the destruction certificate? - ✔✔Document on the MP- Inventory Recycling Log in smartsheets
under the Destroyed By and Destroyed by Date
What does CMMC stand for? - ✔✔Cybersecurity Maturity Model Certification
What does CUI Stand for? - ✔✔Controlled Unclassified Information
Comprehensive Questions A+ Graded Answers | 100% Pass
How Many domains are in Level 1 and What are they? - ✔✔6 domains: AC, IA, MP, PE, SC, SI
How many controls are in Level 1? - ✔✔17
What is some evidence For control AC.L1-3.1.2 - Limit information system access to the types of
transactions and functions that authorized users are permitted to execute. - ✔✔CUI Allowed Roster,
Access Control Policy, Screenshot of AD CUI Allowed Group, Screenshot of Users in Preveil, Principle of
least privilege in AD
What is some evidence For control IA.L1-3.5.2 - Authenticate (or verify) the identities of those users,
processes, or devices, as a prerequisite to allowing access to organizational information systems -
✔✔Computer Naming Schema - PD102, Unique Usernames and passwords are in place, Screenshot of
password policy, Identification & Authentication Policy
What does the domain PE stand for? - ✔✔Physical Protection
What does the domain SI stand for? - ✔✔System & Information Integrity
Control SI.L1-3.14.1 - Flaw Remediation is defined as Identify, report, and correct information and
information system flaws in a timely manner. What evidence can be used as Clampco's Response for this
control? - ✔✔Screenshot of Ninja Patches, Change Mgmt smartsheet log, communication email alerts
from fortinet, cisa, etc.
According to our Media Protection Policy what do we do after the electronic media is picked up and we
receive the destruction certificate? - ✔✔Document on the MP- Inventory Recycling Log in smartsheets
under the Destroyed By and Destroyed by Date
What does CMMC stand for? - ✔✔Cybersecurity Maturity Model Certification
What does CUI Stand for? - ✔✔Controlled Unclassified Information
