!!UPDATE!! The November 28, 2017 changes applied to NIST 800-171r1 have been updated in CAPE! What changed?

3.1.1 Limit information system access to authorized users, or processes acting on behalf of authorized users, or and devices (including other information systems).
3.3.1 Create, protect, and retain information system audit records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful, unauthorized, or inappropriate information system activity.
3.4.3 Track, review, approve/disapprove approve or disapprove, and audit changes to information systems.
3.4.7 Restrict, disable, and prevent the use of nonessential programs, functions, ports, protocols, and or services.
3.5.1 Identify information system users, processes acting on behalf of users, or and devices.
3.6.1 Establish an operational incident- handling capability for organizational information systems that includes adequate preparation, detection, analysis, containment, recovery, and user response activities.
3.7.2 Provide effective controls on the tools, techniques, mechanisms, and personnel used to conduct information system maintenance.
3.9.2 Ensure CUI and information systems containing CUI are protected during and after personnel actions such as terminations and transfers.
3.10.6 Enforce safeguarding measures for CUI at alternate work sites (e.g., telework sites).
3.14.1 Identify, report, and correct information and system flaws in a timely manner.
3.14.3 Monitor information system security alerts and advisories and take appropriate actions in response.


CAPE Downloadable Instructions

NOTE: CAPE has been improved! The “Next” button will now save your progress! Save and Exit is no longer needed and has been removed.