During a CMMC Level 3 assessment, a CCA will evaluate whether the organization meets the requirement to Implement multi-factor authentication (MFA) for all network access to privileged accounts. Which assessment procedure would the CCA most likely use to evaluate this requirement?
Practise this Certified CMMC Assessor (CCA) Exam question free, then download the PDF, watch the video walkthrough, or unlock timed mock exams for the full web bank.
AObserve users logging into the network with privileged accounts
BReview training documentation on multi-factor authentication practices
CExamine system logs and configuration files that confirm the use of multiple authentication factors for privileged accounts
DInterview personnel responsible for managing network access to privileged accounts
✓ Correct answer: C. Examine system logs and configuration files that confirm the use of multiple authentication factors for privileged accountsTo evaluate the implementation of MFA, the primary assessment procedure for the CCA is to examine system logs and configuration files that confirm MFA use. While interviewing personnel or observing users may provide context, these methods do not conclusively determine MFA implementation. Examining logs and configuration files ensures the control is actively implemented.
Keep practising. Use the free Certified CMMC Assessor (CCA) Exam PDF, watch the YouTube walkthrough, or unlock all 10 web questions with timed mock exams.
Free practice here. Timed mocks when you are ready.
Study the Certified CMMC Assessor Prep free question explanations, download the PDF, then unlock timed mock exams on the web when you want exam-day practice.