ยท CMMC
Audit Log Sources Required for a CMMC Level 2 Assessment
CMMC Level 2 assessors expect complete audit coverage across your CUI boundary, so identify, collect, protect, retain, and review logs from identity, endpoints, networks, applications, cloud services, and security tools in line with NIST SP 800-171 AU controls.