User Account

All Pages

Identification of the eighteen candidate security control

Assignment Help Management Information Sys
Reference no: EM132027303

Security Assessment for an enterprise must be incorporated into the Software Development Life Cycle (SDLC) in order to be a secure, integrated process.

Testing of selected security controls ensures that applications meet business requirements, function as planned, and protect associated data securely from attack.

A security assessment of the targeted environment identifies vulnerabilities that may cause a security breach and specifies the security controls that mitigate the vulnerabilities.

Refer to NIST SP 800-53 rev 4 for identification of the eighteen candidate security control families and associated security controls.

Choose five distinct security control families as specified in SP 800-53 rev 4, click on the chosen familites, and create a spreadsheet that identifies the following criteria for each family:

Control ID

Control Name

Vulnerability

Provide a short paragraph for each family describing the testing procedure that will mitigate the vulnerability.

Example:

Family - Identification and Authentication

Control ID - IA-2

Control Name - Identification and Authentication (Organizational Users)

Vulnerability - Illegal user access

Submit your assignment using the Assignment Files tab.

Reference no: EM132027303

Questions Cloud

Roles and needs affect the process of teamwork : What are some examples of different roles and needs within a team? How can these roles and needs affect the process of teamwork?
To loan or not to loan : Harry Edwards is the loan officer at High Plains Bank, a small bank located in a town of 3,000 people in rural Oklahoma.
Identify the internal and external processes : Identify the internal and external processes used by auditors for your chosen organization from your Week One assignment.
How large of a sales increase can the company achieve : Paladin Furnishings generated $2 million in sales during 2016, and its year-end total assets were $1.5 million.
Identification of the eighteen candidate security control : Security Assessment for an enterprise must be incorporated into the Software Development Life Cycle (SDLC) in order to be a secure, integrated process.
What are some factors in selecting a strong team : Why is the management team so important to a new business and what are some factors in selecting a strong team?
Desired treatment or perspectives might you encounter : As a manger of a business, what differences in desired treatment or perspectives might you encounter?
Describe evolution of health care information technology : Describe the evolution of health care information technology by identifying key technological advancements in each decade, beginning with the 1960s.
How do we know what different groups or individuals need : How do we know what different groups or individuals need? Perhaps instead of using the golden rule, we could use the platinum rule, which states

Reviews

Write a Review

Management Information Sys Questions & Answers

  List and define at least five functions of the system

List and define at least 5 functions of the system. What IT staff will be required to supprt the system, and what business staff will be required and if any staff will need to be re-allocated or layed-off as a result of the system implementation.

  Aircraft solutions

Definition of the solution - Hardware solutions must include vendor, major specifications with an emphasis on the security features.

  Create a system wide clinical documentation program

Write a 2 page report (paper) on your plan to create and implement a system wide clinical documentation program at your organization

  Explain the relationship between the it balanced scorecard

Build a balanced scorecard for a typical IT department. Include at least 10 metrics for each perspective. Each metric should be quantifiable; for example, the number of supplier relationships. Explain the relationship between the IT balanced score..

  Explain how the system could be verified as operational

Describe the series of malicious events that led up to the incident. Identify who needs to be notified based on the type and severity of the incident. Outline how the incident could be contained.

  Develop procedures for supporting the new system

Describe the resources that will be needed for supporting the system during the startup period.Define ongoing system maintenance roles and responsibilities (Corrective, Adaptive, Protective, Preventive).Describe procedures for evaluating and prioriti..

  How about internal and external threats

List and Describe the methods firms use to ensure the integrity of their software, their hardware, their networks, and their partners?Was Hardware, Software and Networks addressed?Was Wired and Wireless addressed?How about Internal and External thre..

  Explaining the idea and request the information system

Create a 4-page document explaining the idea and request the information system department initiate systems investigation for this project.

  Simon-newell rational decision making process

Describe how you would use the Simon-Newell rational decision making process to purchase a new vehicle. Was there bounded rationality involved? What does that mean? Be specific about your final decision. Is your decision satisficing"? What doe..

  Discuss the history of hipaa

Discuss the history of HIPAA

  Advantages of automating the businessa small bank is

advantages of automating the business.a small bank is seeking your expertise to help automate its operations. the bank

  How to maximize communication systems

How to maximize communication systems within an organization

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd