• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Security Architecture

MIS 5214 - Section 001 - David Lanter

Security Architecture

MIS 5214.951 ■ Spring 2023 ■ Jose Gomez
  • Homepage
  • Instructor
  • Syllabus
  • Schedule
    • First Half of the Course
      • Unit 0a – Introduction
      • Unit 0b – The Threat Environment
      • Unit 1a – System Security Plan
      • Unit 1b – Planning and Policy
      • Unit 2a – Case Study 1 – A High Performance Computing Cluster Under Attack: The Titan Incident
      • Unit 2b – Cryptography
      • Unit 3a – Secure Networks
      • Unit 3b – Firewalls, Intrusion Detection and Protection Systems
    • Second Half of the Course
      • Unit 4b – Case Study 2 Data Breach at Equifax
      • Unit 5a – Access Control
      • Unit 5b Host Hardening
      • Unit 6a Application Security
      • Unit 6b Data Protection
      • Unit 7a – Incident and Disaster Response
  • Deliverables
    • Assignments
    • Case Studies
      • Case Study 1 – A High Performance Computing Cluster Under Attack: The Titan Incident
      • Case Study 2 – Data Breach at Equifax
    • Team Project Instructions
  • Harvard Coursepack

NIST 800 100 Information Security Handbook Chapter 8

January 1, 2022 by Jose Gomez 2 Comments

Filed Under: 0b - The Threat Environment Tagged With:

Reader Interactions

Comments

  1. Chenhao Zhang says

    March 1, 2024 at 9:47 am

    The handbook is based on relevant information security laws and regulations, including the Klinger-Cohen Act of 1996, the Federal Information Security Management Act (FISMA) of 2002, and the Office of Management and Budget (OMB) ‘s A-130 Circular. Its purpose is to help managers understand how to select and implement appropriate safety controls and to clarify the results of compliance with safety requirements.
    Overall, the Information Security manual is an important tool that can help organizations improve information security, reduce security risks, and protect the security of their business and data.

    Log in to Reply
  2. Yi Liu says

    March 4, 2024 at 12:35 pm

    Security planning for federal information systems covers the categorization of applications and systems, delineates roles and responsibilities for security planning, discusses rules of behavior, details the approval process for system security plans including the selection of security controls, and emphasizes the importance of ongoing maintenance of the system security plan.
    1. System security plans are dynamic documents needing periodic review, modification, and updates of action plans and milestones for implementing security controls. These plans should be developed and reviewed before proceeding with the security certification and accreditation process for the system. During this process, the system security plan is analyzed, updated, and accepted, ensuring that the security controls align with the federal information processing standards (FIPS) and other regulatory requirements.
    2. Roles and responsibilities in security planning are specified, including those of the Chief Information Officer (CIO), who is responsible for developing and maintaining an agency-wide information security program. The CIO’s responsibilities include designating a SAISO, developing security policies and procedures, managing the implementation of common security controls, ensuring training for personnel with significant responsibilities for system security plans, and assisting senior agency officials with their system security plan responsibilities.

    Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

READINGS & CASE STUDY QUESTIONS

  • 0a – Introduction (1)
  • 0b – The Threat Environment (5)
  • 1a – System Security Plan (4)
  • 1b – Planning and Policy (4)
  • 2a – Case Study 1 (4)
  • 2b – Cryptography (4)
  • 3a – Secure Networks (5)
  • 3b – Firewalls and IDS and IPS (3)
  • 4b – Case Study 2 (4)
  • 5a – Access Control (5)
  • 5b – Host Hardening (3)
  • 6a – Application Security (4)
  • 6b – Data Protection (2)
  • 7a – Incident and Disaster Response (3)
Fox School of Business

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in