[Read] Security and Privacy Controls for Federal Information Systems and Organizations: Nist Sp
https://haimasdaiik.blogspot.com/?book=1547077913
This publication provides a catalog of security and privacy controls for federal information systems and organizations and a process for selecting controls to protect organizational operations (including mission, functions, image, and reputation), organizational assets, individuals, other organizations, and the Nation from a diverse set of threats including hostile cyber attacks, natural disasters, structural failures, and human errors. The controls are customizable and implemented as part of an organization-wide process that manages information security and privacy risk. The controls address a diverse set of security and privacy requirements across the federal government and critical infrastructure, derived from legislation, Executive Orders, policies, directives, regulations, standards, and/or mission/business needs. The publication also describes how to develop specialized sets of controls, or overlays, tailored for specific types of missions/business functions, technologies, or environments of operation. Finally, the catalog of security controls addresses security from both a functionality perspective (the strength of security functions and mechanisms provided) and an assurance perspective (the measures of confidence in the implemented security capability). Addressing both security functionality and security assurance ensures that information technology products and the information systems built from those products using sound systems and security engineering principles are sufficiently trustworthy.Why buy a book you can download for free?First you gotta find it and make sure it's the latest version, not always easy. Then you gotta print it using a network printer you share with 100 other people - and its outta paper - and the toner is low (take out the toner cartridge, shake it, then put it back). If it's just 10 pages, no problem, but if it's a 250-page book, you will need to punch 3 holes in all those pages and put it in a 3-ring binder. Takes at least an hour. An engineer that's paid $75 an hour has to do this himself (who has assistant's anymore?).If you are paid more than $10 an hour and use an ink jet printer, buying this book will save you money.It's much more cost-effective to just order the latest version from Amazon.comThis public domain material is published by 4th Watch Books. We publish tightly-bound, full-size books at 8 1/2 by 11 inches, with glossy covers. 4th Watch Books is a Service Disabled Veteran Owned Small Business (SDVOSB) and is not affiliated with the National Institute of Standards and Technology.For more titles published by 4th Watch, please visit: cybah.webplus.netGSA P-100Facilities Standards for the Public Buildings ServiceGSA P-120 Cost and Schedule Management Policy RequirementsGSA P-140 Child Care Center Design GuideGSA Standard Level Features and Finishes for U.S. Courts FacilitiesGSA Courtroom Technology ManualNIST SP 500-299NIST Cloud Computing Security Reference ArchitectureNIST SP 500-291NIST Cloud Computing Standards Roadmap Version 2NIST SP 500-293US Government Cloud Computing Technology Roadmap Volume 1 & 2NIST SP 500-293US Government Cloud Computing Technology Roadmap Volume 3 DRAFTNIST SP 1800-8Securing Wireless Infusion PumpsNISTIR 7497Security Architecture Design Process for Health Information Exchanges (HIEs)NIST SP 800-66Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security RuleNIST SP 1800-1 Securing Electronic Health Records on Mobile DevicesNIST SP 800-177 Trustworthy EmailNIST SP 800-184 Guide for Cybersecurity Event RecoveryNIST SP 800-190 Application Container Security GuideNIST SP 800-193 Platform Firmware Resiliency Guidelines
This publication provides a catalog of security and privacy controls for federal information systems and organizations and a process for selecting controls to protect organizational operations (including mission, functions, image, and reputation), organizational assets, individuals, other organizations, and the Nation from a diverse set of threats including hostile cyber attacks, natural disasters, structural failures, and human errors. The controls are customizable and implemented as part of an organization-wide process that manages information security and privacy risk. The controls address a diverse set of security and privacy requirements across the federal government and critical infrastructure, derived from legislation, Executive Orders, policies, directives, regulations, standards, and/or mission/business needs. The publication also describes how to develop specialized sets of controls, or overlays, tailored for specific types of missions/business functions, technologies, or environments of operation. Finally, the catalog of security controls addresses security from both a functionality perspective (the strength of security functions and mechanisms provided) and an assurance perspective (the measures of confidence in the implemented security capability). Addressing both security functionality and security assurance ensures that information technology products and the information systems built from those products using sound systems and security engineering principles are sufficiently trustworthy.Why buy a book you can download for free?First you gotta find it and make sure it's the latest version, not always easy. Then you gotta print it using a network printer you share with 100 other people - and its outta paper - and the toner is low (take out the toner cartridge, shake it, then put it back). If it's just 10 pages, no problem, but if it's a 250-page book, you will need to punch 3 holes in all those pages and put it in a 3-ring binder. Takes at least an hour. An engineer that's paid $75 an hour has to do this himself (who has assistant's anymore?).If you are paid more than $10 an hour and use an ink jet printer, buying this book will save you money.It's much more cost-effective to just order the latest version from Amazon.comThis public domain material is published by 4th Watch Books. We publish tightly-bound, full-size books at 8 1/2 by 11 inches, with glossy covers. 4th Watch Books is a Service Disabled Veteran Owned Small Business (SDVOSB) and is not affiliated with the National Institute of Standards and Technology.For more titles published by 4th Watch, please visit: cybah.webplus.netGSA P-100Facilities Standards for the Public Buildings ServiceGSA P-120 Cost and Schedule Management Policy RequirementsGSA P-140 Child Care Center Design GuideGSA Standard Level Features and Finishes for U.S. Courts FacilitiesGSA Courtroom Technology ManualNIST SP 500-299NIST Cloud Computing Security Reference ArchitectureNIST SP 500-291NIST Cloud Computing Standards Roadmap Version 2NIST SP 500-293US Government Cloud Computing Technology Roadmap Volume 1 & 2NIST SP 500-293US Government Cloud Computing Technology Roadmap Volume 3 DRAFTNIST SP 1800-8Securing Wireless Infusion PumpsNISTIR 7497Security Architecture Design Process for Health Information Exchanges (HIEs)NIST SP 800-66Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security RuleNIST SP 1800-1 Securing Electronic Health Records on Mobile DevicesNIST SP 800-177 Trustworthy EmailNIST SP 800-184 Guide for Cybersecurity Event RecoveryNIST SP 800-190 Application Container Security GuideNIST SP 800-193 Platform Firmware Resiliency Guidelines