Forensic analysis of the CMMC/NIST 800-171 domains (D01a)
In this talk, we will delve into an analysis of how an attacker gets in via a weakness in various domains. The session aims to help OSCs understand not just what CMMC is, but why specific controls are important. Examples of how attackers exploit weaknesses in access controls, awareness and training, audit and accountability, configuration management, etc. will be presented to illustrate the importance of each domain. The talk will also highlight the complementarity of the domains and how they work together to reinforce security.