建國科技大學圖書館 |

語系: 繁體中文

說明(常見問題)

圖書館個人資料蒐集告知聲明

登入

回首頁

切換: 標籤 | MARC模式 | ISBD

FISMA compliance handbook

Moulder, Patricia

FISMA compliance handbook

紀錄類型:	書目-語言資料,印刷品 : 單行本
作者:	TaylorLaura P.,
其他作者:	MoulderPatricia,
出版地:	Waltham, MA
出版者:	Syngress;
出版年:	c2013
版本:	2nd ed.
面頁冊數:	xx, 359 p.ill. : 24 cm.;
標題:	Computer security - Law and legislation - United States -
標題:	Data protection - Law and legislation - United States -
標題:	Electronic government information - Security measures - United States -
附註:	Includes bibliographical references and index
摘要註:	"FISMA, also known as Title III of the E-Government Act (Public Law107-347), requires that all systems and applications that reside on U.S. government networks undergo a formal security assessment before being put into production. System authorization is the ultimate output of a FISMA compliance project, and a system or application cannot be authorized unless it meets specific security control requirements. However, keep in mind that no system can be completely secure - unless it is powered off and locked in a vault. Of course then it is not very useable. Determining the security controls for the system is a balancing act between making the system useable and making the system secure. These two endeavors are often at odds with each other. In order to find the balance, security experts analyze the probability and impact of potential vulnerabilities being exploited (or not) and then make risk-based decisions based on the analysis. Clearly the goal of FISMA is to force federal agencies to put into production secure systems and applications. Once put into production, FISMA requires that system owners analyze risk periodically on the production system in order to find vulnerabilities, and fix them, before they are exploited by adversaries"--Provided by publisher
ISBN:	978-0-12-405871-2
內容註:	FISMA compliance overview FISMA trickles into the private sector FISMA compliance methodologies Understanding the FISMA compliance process Establishing a FISMA compliance program Getting started on your FISMA project Preparing the hardware and software inventory Catagorizing data sensitivity Addressing security awareness and training Addressing rules of behavior Developing an incident repsonse plan Conducting a privacy impact assessment Preparing the business impact analysis Developing the contingency plan Developing a configuration management plan Preparing the system security plan Peforming the business risk assessment Getting ready for security testing Submitting the security package Independent assessor audit guide Developing the security assessment report Addressing FISMA findings FedRAMP : FISMA for the cloud

FISMA compliance handbook
Taylor, Laura P.

FISMA compliance handbook / Laura P. Taylor ; Patricia Moulder, technical editor - 2nd ed.. - Waltham, MA : Syngress, c2013. - xx, 359 p. ; ill. ; 24 cm..
FISMA compliance overview.
Includes bibliographical references and index.
ISBN 978-0-12-405871-2ISBN 0-12-405871-X
Computer securityData protectionElectronic government information -- Law and legislation -- Law and legislation -- Security measures -- United States -- United States -- United States

Moulder, Patricia

FISMA compliance handbook
LDR:02830cam0 2200253 450 001 339924
005 20140401130013.0
009 2013025238
010 1 $a 978-0-12-405871-2 $b pbk. $d NT2101
010 1 $a 0-12-405871-X $b pbk.
020 $a us $b 2013025238
100 $a 20140626d2013 m y0engy50 ba
101 0 $a eng
102 $a nl
105 $a a a 001yy
200 1 $a FISMA compliance handbook $f Laura P. Taylor $g Patricia Moulder, technical editor
205 $a 2nd ed.
210 $a Waltham, MA $c Syngress $d c2013
215 1 $a xx, 359 p. $c ill. $d 24 cm.
300 $a Includes bibliographical references and index
327 1 $a FISMA compliance overview $a FISMA trickles into the private sector $a FISMA compliance methodologies $a Understanding the FISMA compliance process $a Establishing a FISMA compliance program $a Getting started on your FISMA project $a Preparing the hardware and software inventory $a Catagorizing data sensitivity $a Addressing security awareness and training $a Addressing rules of behavior $a Developing an incident repsonse plan $a Conducting a privacy impact assessment $a Preparing the business impact analysis $a Developing the contingency plan $a Developing a configuration management plan $a Preparing the system security plan $a Peforming the business risk assessment $a Getting ready for security testing $a Submitting the security package $a Independent assessor audit guide $a Developing the security assessment report $a Addressing FISMA findings $a FedRAMP : FISMA for the cloud
330 $a "FISMA, also known as Title III of the E-Government Act (Public Law107-347), requires that all systems and applications that reside on U.S. government networks undergo a formal security assessment before being put into production. System authorization is the ultimate output of a FISMA compliance project, and a system or application cannot be authorized unless it meets specific security control requirements. However, keep in mind that no system can be completely secure - unless it is powered off and locked in a vault. Of course then it is not very useable. Determining the security controls for the system is a balancing act between making the system useable and making the system secure. These two endeavors are often at odds with each other. In order to find the balance, security experts analyze the probability and impact of potential vulnerabilities being exploited (or not) and then make risk-based decisions based on the analysis. Clearly the goal of FISMA is to force federal agencies to put into production secure systems and applications. Once put into production, FISMA requires that system owners analyze risk periodically on the production system in order to find vulnerabilities, and fix them, before they are exploited by adversaries"--Provided by publisher
601 0 2 $a United States $t Federal Information Security Management Act of 2002 $2 lc $3 313265
606 $a Computer security $x Law and legislation $y United States $2 lc $3 313266
606 $a Data protection $x Law and legislation $y United States $2 lc $3 66418
606 $a Electronic government information $x Security measures $y United States $2 lc $3 313267
660 $a n-us---
676 $a 342.73/0662 $v 23
680 $a KF4850.A3282002 $b A2 2013
700 1 $a Taylor $b Laura P. $3 313263
702 1 $a Moulder $b Patricia $3 313264