Cyber domains
The CMMC 1.0 framework consisted of 17 cyber security domains. A domain is a distinct group of security practices which have similar attributes to each other and are key to the protection of FCI and CUI, either individually or in combination. The following table outlines the domains defined in the CMMC for the protection of FCI and CUI within the CMMC framework.
Access Control (AC) | Asset Management (AM) | Audit and Accountability (AU) | Awareness and Training (AT) | Configuration Management (CM) |
Identification and Authentication (IA) | Incident response (IR) | Maintenance (MA) | Media Protection (MP) | Personnel Security (PS) |
Physical Protection (PE) | Recovery (RE) | Risk Management (RM) | Security Assessment (CA) | Situational Awareness (SA) |
System Communications Protection (SC) | Systems Information Integrity (SI) |
Table 1: CMMC 1.0 Domains