소장자료
LDR | 03312cam a2200349 a 4500 | ||
001 | 0093146686▲ | ||
003 | DLC▲ | ||
005 | 20180519174758▲ | ||
008 | 130621s2013 ne a b 001 0 eng c▲ | ||
010 | ▼a2013025238▲ | ||
020 | ▼a9780124058712 (pbk.)▲ | ||
040 | ▼aDLC▼beng▼cDLC▼dDLC▲ | ||
042 | ▼apcc▲ | ||
043 | ▼an-us---▲ | ||
050 | 0 | 0 | ▼aKF4850.A3282002▼bA2 2013▲ |
082 | 0 | 0 | ▼a342.73/0662▼223▲ |
084 | ▼a342.0662 ▼2부산대 동양관계항목전개표▲ | ||
090 | ▼a342.0662▼bT243f2▲ | ||
100 | 1 | ▼aTaylor, Laura P.▲ | |
245 | 1 | 0 | ▼aFISMA compliance handbook /▼cLaura P. Taylor.▲ |
250 | ▼a2nd ed.▲ | ||
260 | ▼aWaltham, MA :▼bSyngress,▼c2013.▲ | ||
300 | ▼axx, 359 p. :▼bill. ;▼c24 cm.▲ | ||
504 | ▼aIncludes bibliographical references and index.▲ | ||
505 | 0 | ▼aFISMA compliance overview -- FISMA trickles into the private sector -- FISMA compliance methodologies -- Understanding the FISMA compliance process -- Establishing a FISMA compliance program -- Getting started on your FISMA project -- Preparing the hardware and software inventory -- Catagorizing data sensitivity -- Addressing security awareness and training -- Addressing rules of behavior -- Developing an incident repsonse plan -- Conducting a privacy impact assessment -- Preparing the business impact analysis -- Developing the contingency plan -- Developing a configuration management plan -- Preparing the system security plan -- Peforming the business risk assessment -- Getting ready for security testing -- Submitting the security package -- Independent assessor audit guide -- Developing the security assessment report -- Addressing FISMA findings -- FedRAMP : FISMA for the cloud.▲ | |
520 | 2 | ▼a"FISMA, also known as Title III of the E-Government Act (Public Law107-347), requires that all systems and applications that reside on U.S. government networks undergo a formal security assessment before being put into production. System authorization is the ultimate output of a FISMA compliance project, and a system or application cannot be authorized unless it meets specific security control requirements. However, keep in mind that no system can be completely secure - unless it is powered off and locked in a vault. Of course then it is not very useable. Determining the security controls for the system is a balancing act between making the system useable and making the system secure. These two endeavors are often at odds with each other. In order to find the balance, security experts analyze the probability and impact of potential vulnerabilities being exploited (or not) and then make risk-based decisions based on the analysis. Clearly the goal of FISMA is to force federal agencies to put into production secure systems and applications. Once put into production, FISMA requires that system owners analyze risk periodically on the production system in order to find vulnerabilities, and fix them, before they are exploited by adversaries"--▼cProvided by publisher.▲ | |
610 | 1 | 0 | ▼aUnited States.▼tFederal Information Security Management Act of 2002.▲ |
650 | 0 | ▼aElectronic government information▼xSecurity measures▼zUnited States.▲ | |
650 | 0 | ▼aComputer security▼xLaw and legislation▼zUnited States.▲ | |
650 | 0 | ▼aData protection▼xLaw and legislation▼zUnited States.▲ | |
700 | 1 | ▼aMoulder, Patricia.▲ | |
999 | ▼c김정이▲ |
FISMA compliance handbook
자료유형
국외단행본
서명/책임사항
FISMA compliance handbook / Laura P. Taylor.
판사항
2nd ed.
발행사항
Waltham, MA : Syngress , 2013.
형태사항
xx, 359 p. : ill. ; 24 cm.
서지주기
Includes bibliographical references and index.
내용주기
FISMA compliance overview -- FISMA trickles into the private sector -- FISMA compliance methodologies -- Understanding the FISMA compliance process -- Establishing a FISMA compliance program -- Getting started on your FISMA project -- Preparing the hardware and software inventory -- Catagorizing data sensitivity -- Addressing security awareness and training -- Addressing rules of behavior -- Developing an incident repsonse plan -- Conducting a privacy impact assessment -- Preparing the business impact analysis -- Developing the contingency plan -- Developing a configuration management plan -- Preparing the system security plan -- Peforming the business risk assessment -- Getting ready for security testing -- Submitting the security package -- Independent assessor audit guide -- Developing the security assessment report -- Addressing FISMA findings -- FedRAMP : FISMA for the cloud.
요약주기
"FISMA, also known as Title III of the E-Government Act (Public Law107-347), requires that all systems and applications that reside on U.S. government networks undergo a formal security assessment before being put into production. System authorization is the ultimate output of a FISMA compliance project, and a system or application cannot be authorized unless it meets specific security control requirements. However, keep in mind that no system can be completely secure - unless it is powered off and locked in a vault. Of course then it is not very useable. Determining the security controls for the system is a balancing act between making the system useable and making the system secure. These two endeavors are often at odds with each other. In order to find the balance, security experts analyze the probability and impact of potential vulnerabilities being exploited (or not) and then make risk-based decisions based on the analysis. Clearly the goal of FISMA is to force federal agencies to put into production secure systems and applications. Once put into production, FISMA requires that system owners analyze risk periodically on the production system in order to find vulnerabilities, and fix them, before they are exploited by adversaries"-- Provided by publisher.
주제
ISBN
9780124058712 (pbk.)
청구기호
342.0662 T243f2
소장정보
예도서예약
서서가에없는책 신고
보보존서고신청
캠캠퍼스대출
우우선정리신청
배자료배달신청
문문자발송
출청구기호출력
학소장학술지 원문서비스
등록번호 | 청구기호 | 소장처 | 도서상태 | 반납예정일 | 서비스 |
---|
북토크
자유롭게 책을 읽고
느낀점을 적어주세요
글쓰기
느낀점을 적어주세요
청구기호 브라우징
관련 인기대출 도서