Reference: CMMC 2.0
Level Introduced: 2
Title: System Baselining
Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles.
Build and configure systems from a known, secure, and approved configuration baseline. This includes:
• documenting the software and configuration settings of a system;
• placement within the network; and
• other specifications as required by the organization.
An effective cybersecurity program depends on system and component configuration and management.
You are in charge of upgrading the computer operating systems of your office's 10 machines. You research how to setup and configure a machine with the least functionality and highest security. The setup must allow users to do their tasks. You document this configuration. Then, you apply it to the other nine machines. You understand the baseline configuration of every machine. This helps when you need to install new patches, software, or make changes.