security assessment case studies for implementing the nsa iam phần 6 pdf

... flow for the process .The customer should be presented with the assessment s ultimate objec- tives as defined by the customer during the pre -assessment phase. Keeping these objectives in the forefront ... the customer and the assessment team. Continued Customer Education The education process for the customer doesn’t stop at the pre -assessment phase or even the...

Ngày tải lên: 13/08/2014, 15:21

... drive the assessment effort. Ultimately, the majority of information is the same in either www.syngress.com Laying the Foundation for Your Assessment • Chapter 1 3 Contracting and the NSA IAM NSA ... of performing assessments the way NSA does. To recap, the IAM trains the individuals in the IAM standard, while the IA- CMM appraises the organization’s ab...

Ngày tải lên: 13/08/2014, 15:21

... directly from the integration of the organization’s mission with the IAM process and security www.syngress.com 46 Chapter 2 • The Pre -Assessment Visit Figure 2.1 The IAM Timeline: The Pre -Assessment ... the Foundation for Your Assessment 2 86 _NSA_ IAM_ 01.qxd 12/15/03 3:15 PM Page 38 Introduction The Pre -Assessment site visit supports multiple aspects of...

Ngày tải lên: 13/08/2014, 15:21

... Determining the Organization’s Information Criticality 2 86 _NSA_ IAM_ 03.qxd 12/11/03 3:25 PM Page 102 no impact on the organization for that particular information type .The number 5, on the other hand, ... have the appropriate pieces in place to create the OICM.This is one of the primary deliverables of the IAM assessment; it defines much of the key information that...

Ngày tải lên: 13/08/2014, 15:21

... the columns across the top of the matrix with the names of the impact attributes we’ll be using for the assessment. The rows are labeled along the left edge with the information types that the customer ... information or systems should be protected and why. NSA has decided that for these reasons, it makes the most sense for the assessment team to act in the...

Ngày tải lên: 13/08/2014, 15:21

... authentication, but they can cover the entire organization or multiple systems. www.syngress.com The System Security Environment • Chapter 5 169 2 86 _NSA_ IAM_ 05.qxd 12/11/03 3:28 PM Page 169 The ... accepted. From the Trenches… 2 86 _NSA_ 06. qxd 12/15/03 11:32 AM Page 1 86 Introduction This chapter focuses on one of the key management tools of the IAM, the tech- nica...

Ngày tải lên: 13/08/2014, 15:21

... questions that will help the assessment team gain the needed information and identify the organization’s vulnerabilities .The first resource for questions comes from the security expertise of the assessment ... feedback from the departments that the assessment was going better than they expected and that they found value in the information that was being collected.Th...

Ngày tải lên: 13/08/2014, 15:21

... have to map the finding to the OICM, or can you just map it to the SICM? A: As you have already learned, the impact definitions are the same for both the OICM and the SICM.Therefore, the findings ... and click on the “Ask the Author” form. You will also gain access to thousands of other FAQs at ITFAQnet.com. 2 86 _NSA_ IAM_ 08.qxd 12/15/03 5:03 PM Page 307 2 86 _NSA_ IA...

Ngày tải lên: 13/08/2014, 15:21

... conduct the assessment. In our case, we describe the NSA IAM as the methodology used to conduct the assessment and the basis for the assessment process. Since this is the main document, the assessment ... anal- ysis. Security Horizon utilized the National Security Agency (NSA) Information Security Assessment Methodology (IAM) to conduct the organizati...

Ngày tải lên: 13/08/2014, 15:21

... information criticality; system information criticality information exchange, 231–232 information request, 69 –70 Information Security (INFOSEC) assessment, 6, 23 documentation, 234 NSA IAM for, ... Approval Information Affected www.syngress.com Forms, Worksheets, and Templates • Appendix A 411 2 86 _NSA_ IAM_ AppA.qxd 12/ 16/ 03 12:37 PM Page 411 2 86 _NSA_ IAM_ AppA.qxd 12/ 16...

Ngày tải lên: 13/08/2014, 15:21