I've been trying to find some more information on what the security baselines for windows are for CMMC 2.0. Right now, I am just following the security baselines that Microsoft Recommends.

Is anyone doing the same thing or are you following CIS for setting your baselines?