Security Controls Evaluation, Testing, and Assessment Handbook
- ISBN-10
- 0128206241
- ISBN-13
- 9780128206249
- Category
- Law
- Pages
- 788
- Language
- English
- Published
- 2019-11-21
- Publisher
- Academic Press
- Author
- Leighton Johnson
Description
Security Controls Evaluation, Testing, and Assessment Handbook, Second Edition, provides a current and well-developed approach to evaluate and test IT security controls to prove they are functioning correctly. This handbook discusses the world of threats and potential breach actions surrounding all industries and systems. Sections cover how to take FISMA, NIST Guidance, and DOD actions, while also providing a detailed, hands-on guide to performing assessment events for information security professionals in US federal agencies. This handbook uses the DOD Knowledge Service and the NIST Families assessment guides as the basis for needs assessment, requirements and evaluation efforts. Provides direction on how to use SP800-53A, SP800-115, DOD Knowledge Service, and the NIST Families assessment guides to implement thorough evaluation efforts Shows readers how to implement proper evaluation, testing, assessment procedures and methodologies, with step-by-step walkthroughs of all key concepts Presents assessment techniques for each type of control, provides evidence of assessment, and includes proper reporting techniques
Get the book
Other editions
Similar books
-
The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments, Second Edition
By Douglas LandollDesigned for security professionals and their customers who want a more in-depth understanding of the risk assessment process, this volume contains real-wor
-
Intermodal Maritime Security: Supply Chain Risk Mitigation
By Gary A. Gordon, Richard R. YoungLinking new technological standards with intermodal operations, this book provides the foundational knowledge readers need, including transportation and maritime trade students, researchers, practitioners and regulatory agencies.
-
ECCWS 2021 20th European Conference on Cyber Warfare and Security
By Dr Thaddeus EzeCurry, John; Engle, Chris; Perla, Peter P. (Eds.) (2018): The Matrix Games Handbook. Professional applications from education to analysis and wargaming. [Bristol]: The History of Wargaming Project (History of Wargaming Project).
-
THEETAS 2022: Proceedings of The International Conference on Emerging Trends in Artificial Intelligence and Smart Systems, THEETAS 2022, 16-17 April...
By Deepak Sinwar, Marcin Paprzycki, Mahesh Jangid... Sanjeev Jain, Sanjeev Sharma: A Survey of Routing Attacks and Security Measures in Mobile Ad-Hoc Networks, ... RFC 3561 [20] Leighton Johnson: In Security Controls Evaluation, Testing, and Assessment Handbook (Second Edition), ...
-
Academic Studies in Humanities and Social Sciences
By Redzep ŠKRIJELJ, Ertugrul DUZGUNIn: Security Controls Evaluation, Testing, and Assessment Handbook (Second Edition). London: Academic Press. https://doi.org/10.1016/b978-0-12-818427-1.00012-4 Kostopoulos, G. K. (2017). Cyberspace and Cybersecurity. London: CRC Press.
-
FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security
By Stephen D. Gantz, Daniel R. PhilpottNissenbaum H. Will security enhance trust online, or supplant it? In: Kramer RM, Cook KS, editors Trust and distrust in organizations. New York, NY: Russell Sage Foundation; 2004. p. 155–88. Guide for applying the risk management ...
-
Technical Guide to Information Security Testing and Assessment: Recommendations of the National Institute of Standards and Technology
By Karen ScarfoneThis is a guide to the basic tech. aspects of conducting ISA.
-
Computer Incident Response and Forensics Team Management: Conducting a Successful Incident Response
By Leighton JohnsonThe EnCase Certified Examiner (EnCE®) is a training program for learning the use of Guidance Software's EnCase ... that must be answered in 2h, and covers much of the information found in the Official EnCE Study Guide from Sybex.
-
Defensive Security Handbook: Best Practices for Securing Infrastructure
By Lee Brotherston, Amanda BerlinDNS Servers Domain Name Servers/Service (DNS) is a main building block of the internet and technology in general. There are several main attacks to design a DNS infrastructure around preventing DNS spoofing, DNS ID hacking, ...
-
Vulnerability Assessment of Physical Protection Systems
By Mary Lynn GarciaThis book will be of interest to physical security professionals, security managers, security students and professionals, and government officials.