Certified Cybersecurity Maturity Model Certification (CMMC) Professional (CCP) Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Enhance your understanding for the CMMC Professional Test. Engage with flashcards and multiple choice questions, complete with hints and explanations. Elevate your cybersecurity knowledge and prepare diligently for your certification exam.

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which contract clause is applicable for CMMC Level 1 compliance?

FAR 52.204-22
FAR 52.204-20
FAR 52.204-21
FAR 52.204-19

The correct answer is: FAR 52.204-21

FAR 52.204-21 is the applicable contract clause for CMMC Level 1 compliance. This clause requires contractors to implement specific security controls and practices, particularly in the context of safeguarding Controlled Unclassified Information (CUI). As CMMC Level 1 focuses on basic cybersecurity hygiene and includes practices that are fundamental to protect sensitive but unclassified information, this clause aligns with the foundational nature of CMMC Level 1 requirements. The language within FAR 52.204-21 emphasizes the need for contractors to implement measures that reflect the basic principles of cybersecurity. Compliance with this clause is crucial because it establishes the baseline for contractors who are seeking to meet the CMMC Level 1 requirements in their operations, reinforcing the organization's responsibility in managing and protecting information throughout their supply chains. The other clauses, while they may be relevant in different contexts or levels of the CMMC, do not directly correspond to the basic cybersecurity practices outlined for Level 1 compliance. Thus, understanding the role of FAR 52.204-21 is essential for ensuring that organizations can align their cybersecurity measures with CMMC’s foundational tier effectively.