Documentation Index

Fetch the complete documentation index at: https://kb.northerndatasolutions.com/llms.txt

Use this file to discover all available pages before exploring further.

AC.L2-3.1.12[a]

  • Published on Apr 28, 2026
  • 1 minute(s) read
  • CT
 Prev Next

AC.L2-3.1.12[a] — Access Control (Remote Access Control)

Domain: Access Control (AC)  |  Practice: AC.L2-3.1.12  |  Objective ID: 3.1.12[a]  |  Source: NIST SP 800-171 Rev. 2 / CMMC 2.0 Level 2

Assessment Objective:

Allowed methods of remote access are identified.

Executive Summary (For Leadership and the Board)

CMMC objective AC.L2-3.1.12[a] sits inside the Access Control domain (AC.L2-3.1.12 — Remote Access Control) and reads: Allowed methods of remote access are identified.. Document all approved remote access methods (VPN, virtual desktop, SSH, RDP through jump servers, etc.) and prohibit unapproved methods. For organizations that handle Controlled Unclassified Information (CUI), this objective is part of the foundation that every downstream control depends on.

Related articles
  • AC.L2-3.1.21[b]
    Compliance > CMMC (NIST 800-171) > CMMC 2.0 Assessment Objectives