NIST Security Controls Framework Report

 
Purpose
The purpose of this assignment is twofold.
First, I want you to get familiar with reading official documents related to information security. Security professionals need to be able to read documents like the NIST Security Publications to understand best practices. They also provide weight to recommendations when talking with executives about security decision making.
Second, I want you to be able to teach yourself new things. You may read about things in NIST 800-53 that you don’t already know about. Take time to do some research and learn more. Google is your friend.
InstructionsLook at NIST SP 800-53 (Links to an external site.), Appendix F: Security Control Catalog
Identify one family of controls you would like to learn more aboutReview controls within that family
Identify 2 controls you will research
GRAD STUDENTS: 2 families, 2 controls per family.For the 2 controls you choose: write at least 800 words (total), grad students 1500 words.List control titles
Describe what the control entails
Describe at least one way an organization could implement that control (each control)
Do some research and include at least one external source per control (properly cited) to support what you say
You don’t have to cite NIST SP 800-53 unless you are quoting directly, but cite any external sourcesVery basic (and short) example
I chose the family Identification and Authentication (starts on page F-90), and the controls IA-1, IA-3, and IA-5.
IA-1 Identification and Authentication Policy and Procedures
Identification and Authentication policy and procedures refers to an organization’s need to have specified policies related to these two important concepts. The policy needs to address who should be authenticated, and what types of activities require authentication. The policy can also outline how authentication will work across organizations, for example, how contractors can obtain authentication credentials for their work on internal systems. A good authentication policy will define the scope of the policy, too.
One good component of an authentication policy is the Acceptable Use policy. Requiring that all users accept some terms and conditions before accessing a network can be set as a prerequisite (Jackson Hole, n.d.).
The IA-1 requirement also specifies that the organization should review and update the policies and procedures on a regular basis. Such reviews could be a part of the policy itself, and should be carried out regularly to ensure that they are (a) being followed, and (b) serving the needs of the business.
Sources:
Approximate price: $22
We value our customers and so we ensure that what we do is 100% original..

With us you are guaranteed of quality work done by our qualified experts.Your information and everything that you do with us is kept completely confidential.You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.The Product ordered is guaranteed to be original. Orders are checked by the most advanced anti-plagiarism software in the market to assure that the Product is 100% original. The Company has a zero tolerance policy for plagiarism.The Free Revision policy is a courtesy service that the Company provides to help ensure Customer’s total satisfaction with the completed Order. To receive free revision the Company requires that the Customer provide the request within fourteen (14) days from the first completion date and within a period of thirty (30) days for dissertations.The Company is committed to protect the privacy of the Customer and it will never resell or share any of Customer’s personal information, including credit card data, with any third party. All the online transactions are processed through the secure and reliable online payment systems.By placing an order with us, you agree to the service we provide. We will endear to do all that it takes to deliver a comprehensive paper as per your requirements. We also count on your cooperation to ensure that we deliver on this mandate.