Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. Cyber AB
  4. CMMC
  5. CMMC-CCA Discussions
  6. CMMC-CCA Exam Topic 4 Question 32 Discussion
 Cyber AB Discussions
Exam CMMC-CCA All Questions
Exam CMMC-CCA All Questions

View all questions & answers for the CMMC-CCA exam

Go to Exam

Cyber AB CMMC CMMC-CCA Question # 32 Topic 4 Discussion

CMMC-CCA Exam Topic 4 Question 32 Discussion:
Question #: 32
Topic #: 4

You are part of an Assessment Team tasked with conducting a CMMC Assessment for an OSC. When assessing the contractor’s implementation of SC.L2-3.13.6 – Network Communication by Exception, objectives [a] and [b], the OSC’s system admin informs you that they use Fortinet Next-Generation Firewall (NGFW). Fortinet NGFWs are hardcoded to deny all traffic by default, and traffic is only allowed on an exception basis. While this is factual, the Lead Assessor asks you to test the NGFW to ascertain whether it meets the intent of Assessment Objectives in SC.L2-3.13.6 – Network Communication by Exception. What is the benefit of testing as an assessment method?
A.

Testing helps determine if CMMC practices are implemented and whether adequate resources were provided to the individuals performing the practices.

B.

Testing allows you to observe what has been done and what has not been done.

C.

Testing allows you to determine if the OSC has the intent to meet the Assessment Objectives.

D.

Testing provides insight into the OSC’s handling of CMMC practices.

Get Premium CMMC-CCA Questions
Actual exam question for Cyber AB CMMC-CCA exam by Nash58225 at May 2, 2026, 10:44:49 PM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit