Defense Tech Stack — Answered Instantly

Compliance, GCC High, Azure Gov, infrastructure security, and incident response. 70+ official sources covering CMMC, NIST, DFARS, M365, and more. Free to use.

You

What are the CMMC 2.0 levels?

OpsDoctor

CMMC 2.0 has three levels. Level 1 (Foundational) — 17 practices from FAR 52.204-21, self-assessed annually. Level 2 (Advanced) — 110 controls from NIST SP 800-171, third-party assessed for critical CUI contracts. Level 3 (Expert) — NIST SP 800-172 controls, government-assessed.

Most small defense contractors handling CUI need Level 2. What kind of information are you handling on your contracts?

CMMC Final Rule — 32 CFR Part 170 NIST SP 800-171 Rev 2

Defense Tech Stack — Answered Instantly

Sign in to your account

Create a free account to continue

Get Early Access to OpsDoctor