fisma certification and accreditation handbook phần 5 ppt

... 223 ■ 5 U.S.C. § 55 2, Freedom of Information Act (FOIA) of 1966, as Amended by Public Law No. 104-231, 110 Stat. 3048 ■ 5 U.S.C. § 55 2a, Privacy Act of 1974, as Amended ■ Public Law 100 -50 3, ... Departments and Agencies. United States Office of Management and Budget. January 7, 1999 (www.whitehouse.gov/omb/ memoranda/m99- 05. html). 5. Jacob J. Lew.“Privacy Policies on Federal...

Ngày tải lên: 14/08/2014, 18:20

... VBP965T5T5 007 HJJJ863WD3E 008 2987GVTWMK 009 629MP5SDJT 010 IMWQ295T6T PUBLISHED BY Syngress Publishing, Inc. 800 Hingham Street Rockland, MA 02370 FISMA Certification & Accreditation Handbook Copyright ... agency, you will continually need to go back to the handbook and reference it.The handbook will have way too much information in it for you to read and absorb and remem...

Ngày tải lên: 14/08/2014, 18:20

... Institute of Standards and Technology pursuant to paragraphs (2) and (3) of section 20(a) of the National Institute of Standards and Technology Act ( 15 U.S.C. 278g–3(a)), prescribe standards and guidelines ... Board), 304 certification See also Certification and Accreditation described, 3–4 determining level of, 93–102 Certification Agent, role in C&A process, 31–32 C...

Ngày tải lên: 14/08/2014, 18:20

... initiation 2. Development and acquisition 3. Implementation 4. Operation and maintenance 5. Disposal FISMA mandates that new systems and applications need to be fully certi- fied and accredited before ... Understanding the Certification and Accreditation Process 409_Cert_Accred_03.qxd 11/2/06 1:28 PM Page 28 Understanding the Certification and Accreditation Process “You say i...

Ngày tải lên: 14/08/2014, 18:20

... Process and Rationale for the C&A Level Recommendation The <Agency Name> Certification and Accreditation Program Handbook, <publica- tion date> pages ... security ■ Physical and environmental operations and safeguards ■ Administration and implementation ■ Preventative maintenance ■ Contingency and disaster recovery planning ■ Training and security awareness ■...

Ngày tải lên: 14/08/2014, 18:20

... false reject rates? Are biometric false reject and false acceptance rates tracked and documented? Logical Access Controls Required by: FISMA § 354 2-44, 354 7; OMB Circular A-130 III; FISCAM AC-3.2 Recommended ... security awareness and training plan. Notes 1. Mark Wilson and Joan Hash.“Building an Information Technology Security Awareness and Training Program.” NIST Special Publ...

Ngày tải lên: 14/08/2014, 18:20

... escalation time frames, and such in a summary table. www.syngress.com 250 Chapter 15 • Preparing the Business Impact Assessment 409_Cert_Accred_ 15. qxd 11/3/06 2:42 PM Page 250 ■ Documents estimated ... contact www.syngress.com Preparing the Business Impact Assessment • Chapter 15 251 409_Cert_Accred_ 15. qxd 11/3/06 2:42 PM Page 251 You should, however, use the stated vulnerability...

Ngày tải lên: 14/08/2014, 18:20

... March 15, 20 05. ISBN: 0 750 677 953 . Landoll, Douglas J., CRC. The Security Risk Assessment Handbook. December 12, 20 05. ISBN: 0849329981. Long, Johnny and Chris Hurley, with Mark Wolfgang and Mike Petruzzi. ... vulnerabilities Reporting and Review by Management There are multiple stipulations in FISMA that call for reporting and review by management. For example, in FISMA §...

Ngày tải lên: 14/08/2014, 18:20

... the System Security Plan • Chapter 19 3 35 409_Cert_Accred_19.qxd 11/3/06 2 :50 PM Page 3 35 409_Cert_Accred_20.qxd 11/3/06 2 :54 PM Page 364 Configuration and Lockdown Guide,Version 2.7, October ... 11/3/06 2 :54 PM Page 355 The following information should be included in your discussion about interconnectivity security: ■ How denial-of-service attacks are prevented ■ What type of firewal...

Ngày tải lên: 14/08/2014, 18:20

... coordinating the development of standards and guidelines under section 20 of the National Institute of Standards and Technology Act ( 15 U.S.C. 278g–3) with agencies and offices operating or exercising ... section 354 5; ‘‘(B) an assessment of the development, promulgation, and adoption of, and compliance with, stan- dards developed under section 20 of the National Institute of Stan...

Ngày tải lên: 14/08/2014, 18:20