CMMCTenantSetup

CMMC COMPLIANCE CONFIGURATION

• Windows 365 Deployment - Build Windows 365 environment

• Windows Security Baselines - Security Baseline for Windows 11 - Microsoft Defender for Endpoint Security Baseline - Security Baseline for Microsoft Edge

• Audit & Logging Advanced Audit Policy Firewall Logging

• Local Policies & User Rights Local Policies Login Warning Banner

• Application & Device Hardening Administrative Templates (Computer & User Turn off Windows Copilot (Free Version) Remove Gaming / Xbox apps Windows Sandbox Features Smart Screen Configuration Application Guard

• Cloud & Productivity Controls Microsoft 365 Apps for Enterprise Security Baseline OneDrive

• CMMC Compliance Tenant Hardening Audit Plug and Play Events: Success/failure auditing enabled Other Object Access Events: Success/failure auditing enabled Sensitive Privilege Use: Success/failure auditing enabled Advanced Audit Policy Configuration

• Additional Notes Impact: Some features (e.g., printing, remote desktop, Bluetooth) will be unavailable after applying these scripts. Reversibility: Services and apps can be re-enabled or reinstalled if needed for specific use cases. Deployment: Suitable for use in Intune, GPO, or manual execution by administrators. Access to GRC Platform.

• Out-of-scope services provided at hourly rate: Pre-Assessment Documentation Support: i.e. Artifact collection, CRM review, etc. Support & Remediation during CMMC assessment Participation in CMMC assessment meetings as needed