文件名称:
NIST SP800-60 Vol2 Rev1.pdf
开发工具:
文件大小: 1mb
下载次数: 0
上传时间: 2020-02-18
详细说明:Title III of the E-Government Act (Public Law 107-347), titled the Federal Information Security Management Act (FISMA), tasked the National Institute of Standards and Technology (NIST) to develop:
•
Standards to be used by all Federal agencies to categorize all information and information systems collected or maintained by or on behalf of each agency based on the objectives of providing appropriate levels of information security according to a range of risk levels;
•
Guidelines recommending the types of information and information systems to be included in each such category; and
•
Minimum information security requirements (i.e., management, operational, and technical security controls), for information and information systems in each such category.
In response to the second of these tasks, this guideline has been developed to assist Federal government agencies to categorize information and information systems. The guideline’s objective is to facilitate provision of appropriate levels of information security according to a range of levels of impact or consequences that might result from the unauthorized disclosure, modification, or loss of availability of the information or information system. This guideline assumes that the user is familiar with Standards for Security Categorization of Federal Information and Information Systems (FIPS 199). The guideline and its appendices:
•
Review the security categorization terms and definitions established by FIPS 199;
•
Recommend a security categorization process;
•
Describe a methodology for identifying types of Federal information and information systems;
•
Suggest provisional security impact levels for common information types;
•
Discuss information attributes that may result in variances from the provisional security impact level assignment; and
•
Describe how to establish a system security categorization based on the system’s use, connectivity, and aggregate information content.
This document is intend
(系统自动生成,下载前可以参看下载内容)
下载文件列表
相关说明
- 本站资源为会员上传分享交流与学习,如有侵犯您的权益,请联系我们删除.
- 本站是交换下载平台,提供交流渠道,下载内容来自于网络,除下载问题外,其它问题请自行百度。
- 本站已设置防盗链,请勿用迅雷、QQ旋风等多线程下载软件下载资源,下载后用WinRAR最新版进行解压.
- 如果您发现内容无法下载,请稍后再次尝试;或者到消费记录里找到下载记录反馈给我们.
- 下载后发现下载的内容跟说明不相乎,请到消费记录里找到下载记录反馈给我们,经确认后退回积分.
- 如下载前有疑问,可以通过点击"提供者"的名字,查看对方的联系方式,联系对方咨询.
