CMMC Practice Requirement:

Implement Domain Name System (DNS) filtering services.

CMMC Requirement Explanation:

By blocking malicious sites with DNS filtering your users are less exposed to threats.

Example CMMC Implementation:

Use Domain Name System (DNS) filtering to help block access to known malicious domains. DNS filtering solutions such as Cisco's OpenDNS allow you to select types of website that can be blocked. Theses include malicious sites, adult, gambling, and other sites. Document the types of sites users a restricted from visiting, and block them using DNS filtering.


- Scenario 1:

An employee was browsing for information for a work project. They accidentally clicked on a link that took them to a malicious website. Because your company uses DNS filtering services to block access to malicious sites the user only sees a message saying that the malicious site was blocked.

Discover Our NIST SP 800-171 Solutions:


Compliance Accelerator

For contractors seeking compliance

Quantum Assessor

For IT service providers

Supply Chain Verifier

For contractors seeking to verify partner compliance