CMMC - Unpatched Legacy Systems

old.reddit.com / @/u/IlIIIllIIIIII, https://old.reddit.com/user/IlIIIllIIIIII

When I read CMMC Level 1 it speaks extensively to patching, but when I review NIST there is clarity for systems that are not patched but adequately protected in other ways.

Can a system be unpatched and still compliant with Level 1 providing it is protected in other ways such as isolation?

submitted by /u/IlIIIllIIIIII
[link] [comments]

published about 1 month ago


Previous

If an RMM is hosted on a server in the MSP's office to support a CMMC client, is the RMM considered a cloud service?
published about 1 month ago

Next

CMMC Scoring Math
published about 1 month ago
See all items from the same source