According to the assessment objectives of CMMC practice AC.L2-3.1.3, what must be defined?

The correct choice emphasizes the importance of defining the duties of individuals requiring separation as part of the CMMC practice AC.L2-3.1.3 assessment objectives. This practice focuses on the principle of separation of duties, which is a crucial security measure to prevent fraud and error. By clearly defining the roles and responsibilities of individuals who require separation, organizations can mitigate risks associated with individuals having excessive privileges or compromising sensitive information.

This definition ensures that no single individual has control over all aspects of any critical process, which can lead to conflicts of interest or unauthorized access. It highlights the necessity of establishing clear boundaries in responsibility to promote accountability and enhance the organization's overall security posture.

The other options, while relevant to broader security practices, do not specifically align with the core focus of AC.L2-3.1.3 concerning the separation of duties. Hence, they do not fulfill the specific requirements set forth in the assessment objectives.