fisma certification and accreditation handbook phần 3 docx

... Questions No. Question L1 L2 L3 L4 User Trust Required by: FISMA § 35 43 (a)(2) & 35 45(f); OMB Circular A- 130 III, FISCAM SD-1, 1.2, 2, 3. 2 Recommended by: NIST SP 800-18; NIST SP 800 -30 Is suspicious ... requirements for a Level 3 and you should always use the agency guidelines and follow the recommendations in their handbook. Information systems that typically may req...

Ngày tải lên: 14/08/2014, 18:20

... Fiji,Tonga, Solomon Islands, and the Cook Islands. 409_Cert_Accred_FM.qxd 11 /3/ 06 3: 32 PM Page v Contents xxi Preventative Maintenance . . . . . . . . . . . . . . . . . . . .33 3 Contingency and Disaster ... . . . . . . . . . .33 5 Network and System Security Operations . . . . . . . .33 6 Technical Controls . . . . . . . . . . . . . . . . . . . . . . . . . . .33 8 Authentication a...

Ngày tải lên: 14/08/2014, 18:20

... acknowledgment www.syngress.com Understanding the Certification and Accreditation Process • Chapter 3 37 409_Cert_Accred_ 03. qxd 11/2/06 1:28 PM Page 37 Summary Certification and Accreditation processes formally ... the www.syngress.com 28 Chapter 3 • Understanding the Certification and Accreditation Process 409_Cert_Accred_ 03. qxd 11/2/06 1:28 PM Page 28 Understanding the C...

Ngày tải lên: 14/08/2014, 18:20

... biometric false reject and false acceptance rates tracked and documented? Logical Access Controls Required by: FISMA § 35 42-44, 35 47; OMB Circular A- 130 III; FISCAM AC -3. 2 Recommended by: NIST ... Question L1 L2 L3 L4 Incident Response Capabilities Required by: FISMA § 35 46 (2), OMB Circular A- 130 III, FISCAM SP -3. 4 Recommended by: NIST SP 800-18, SP 800-61 Are security i...

Ngày tải lên: 14/08/2014, 18:20

... of 2002.” Memorandum for Heads of Executive Departments and Agencies. United States Office of Management and Budget. September 26, 20 03 (http://www.whitehouse.gov/omb/memo- randa/m 03- 22.html). 7.“Management ... Resources.” Memorandum for Heads of Executive Departments and Agencies. Circular No. A- 130 Revised. United States Office of Management and Budget (www.whitehouse.gov/omb/cir...

Ngày tải lên: 14/08/2014, 18:20

... ISBN: 0964164876. Hiles, Andrew. Business Continuity—Best Practices. Rothstein Associates, December 20 03. ISBN: 1 931 332 2 23. Hiles, Andrew. Enterprise Risk Assessment and Business Impact Analysis: Best ... con- www.syngress.com 238 Chapter 14 • Performing the Business Risk Assessment 409_Cert_Accred_14.qxd 11 /3/ 06 9 :34 AM Page 238 ■ Does a contact list exist and is it up-to-date...

Ngày tải lên: 14/08/2014, 18:20

... Hossein. Handbook of Information Security,Volume 3, Threats, Vulnerabilities, Prevention, Detection, and Management. John Wiley & Sons, January 2006. ISBN: 047164 832 9. Jones, Andy, and Debi ... 2005. ISBN: 07506779 53. Landoll, Douglas J., CRC. The Security Risk Assessment Handbook. December 12, 2005. ISBN: 084 932 9981. Long, Johnny and Chris Hurley, with Mark Wolfgang and...

Ngày tải lên: 14/08/2014, 18:20

... implemented? www.syngress.com Preparing the System Security Plan • Chapter 19 33 5 409_Cert_Accred_19.qxd 11 /3/ 06 2:50 PM Page 33 5 409_Cert_Accred_20.qxd 11 /3/ 06 2:54 PM Page 36 4 Configuration and Lockdown Guide,Version 2.7, October ... applica- tions, and databases are hardened and locked down. Section 35 44(b)(2)(D)iii www.syngress.com Preparing the System Security Plan • Cha...

Ngày tải lên: 14/08/2014, 18:20

... 23 4 23 409_Cert_Accred_ 23. qxd 11 /3/ 06 3: 03 PM Page 4 23 40. ‘‘§ 35 43. Authority and functions of the Director ‘‘(a) IN GENERAL.—The Director shall oversee agency information security policies and ... Report Card ■ Actions for Improvement ■ Trends Chapter 23 419 409_Cert_Accred_ 23. qxd 11 /3/ 06 3: 03 PM Page 419 409_Cert_Accred_ 23. qxd 11 /3/ 06 3: 03 PM Page 424 Table...

Ngày tải lên: 14/08/2014, 18:20

... Control Board), 30 4 certification See also Certification and Accreditation described, 3 4 determining level of, 93 102 Certification Agent, role in C&A process, 31 32 Certification and Accreditation (C&A) addressing ... 199 409_Cert_Accred_AC.qxd 11 /3/ 06 4 :37 PM Page 478 Index 487 process described, 2 3, 37 – 43 roles, responsibilities, 27 37 security tests....

Ngày tải lên: 14/08/2014, 18:20