Security Controls Evaluation, Testing, and Assessment Handbook 2nd ed. Edition
The approach of this book is to take FISMA, NIST Guidance, and DOD policy guidance and provide a detailed hands-on guide to performing assessment events in the federal space since, as of March 2014, all agencies are following the same guidelines under the NIST-based Risk Management Framework as found in Special Publication (SP) 800-37, rev. 1. This book will provide assessment guidance for federal civilian agencies, DOD, and IC-type authorization efforts following the CNSS 4015, RMF-DOD Validator, and NIST-based SCA requirements and documentation along with my practical experience of performing and overseeing these efforts for 12 different federal agencies on 35 different types of systems over the past 6 years.
We will use the NIST SP800-53A, NIST SP800-115, NIST SP800-171A, DOD’s RMF Knowledge Service, and the NIST Control Families assessment guides for our exploration of the needs, requirements, and actual test and evaluation efforts for all of the security controls. Each of the controls has a unique way it can and should be evaluated through test, examination, and key personnel interviews, and each of these will be explained and discussed. We will supplement this process with detailed technical, operational, and administrative knowledge for each control, as needed, with data from the various best practices Special Publications from NIST, technical support data available from various security vendors, best business practices gathered from industry, and in-depth knowledge of controls and their assessment gleaned from hands-on utilization and evaluation efforts.
Introduction for second edition
Some of the various references and documents that are used as resources in this book have been updated, revised, deleted, or altered over the past 3 years. This second edition will account for most of these changes along with using new references, which have been introduced since the ﬁrst version was written and compiled.
|Download Ebook||Read Now||File Type||Upload Date|
|Download Now here||Read Now
|December 25, 2019|
Do you like this book? Please share with your friends, let's read it !! :)
How to Read and Open File Type for PC ?