Understanding CUI Protection Responsibilities
Controlled Unclassified Information (CUI)is sensitive butnot classifiedinformation that requires protection underDoD Instruction 5200.48andDFARS 252.204-7012.
Theprimary responsibilityfor handling CUIis safeguardingit against unauthorized access, disclosure, or modification.
Why "D. Safeguarding" is Correct?
TheCUI Program (as per NARA and DoD)mandatessafeguarding measuresto protectCUI in both digital and physical forms.
CMMC 2.0 Level 2 (Advanced) practices align with NIST SP 800-171, which focuses on safeguarding CUIthrough access controls, encryption, and monitoring.
DFARS 252.204-7012requires DoD contractors to implementcybersecurity safeguardsto protect CUI.
Why Other Answers Are Incorrect?
A. Shielding (Incorrect)–Shieldingis not a cybersecurity term associated with CUI protection.
B. Governing (Incorrect)–Governing refers to policy-making, not direct protection.
C. Correcting (Incorrect)–Correcting implies remediation, but the primary responsibility is tosafeguardCUI proactively.
Conclusion
The correct answer isD. Safeguarding, asCUI protection focuses on implementing cybersecurity safeguards.
[References:, DoD Instruction 5200.48 (CUI Program), DFARS 252.204-7012, CMMC 2.0 Level 2 Practices (NIST SP 800-171), , ]
Submit