CMMC 1.0 Practice SC.2.179 Requirement:
Use encrypted sessions for the management of network devices.
CMMC 1.0 SC.2.179 Requirement Explanation:
Telnet allows you to remotely connect to a device on your network. Unfortunately, Telnet transmits user names and passwords unencrypted. SSH offers the same functionality but is encrypted.
Example CMMC 1.0 SC.2.179 Implementation:
Do not use telnet to access your devices over the network, use SSH instead.
CMMC 1.0 SC.2.179 Scenario(s):
- Scenario 1:
Alice used to connect to a switch on her network using Telnet. Because it is unencrypted and her company needs to meet CMMC requirements she close the port for Telnet and only uses SSH going forward.