وب سایت تخصصی شرکت فرین
دسته بندی دوره ها

Mastering NIST Risk Management Framework (RMF)

سرفصل های دوره

Navigating Federal Standards, Control Implementation, and Continuous Monitoring


1. Foundations of Risk Management
  • 1. Introduction to Organizational Security Risk Management
  • 2. Strategic Governance and Risk Management
  • 3. Risk Types and Risk Handling Strategies
  • 4. Overview of the Risk Management Process
  • 5. Identifying and Categorizing the Risk Environment
  • 6. Risk Assessment
  • 7. Designing for Effective Risk Management
  • 8. Evaluating Candidates for Control
  • 9. Implementing Risk Management Controls
  • 10. Assessment and Effectiveness of Risk Controls
  • 11. Sustainment
  • 12. Evaluation of the Risk Management Function

  • 2. Exploring Risk Management Frameworks
  • 1. Survey of Existing Risk Management Frameworks
  • 2. Making Risk Management Tangible
  • 3. Formal Architectures
  • 4. General Shape of the RMF Process
  • 5. RMF Implementation
  • 6. International Organization Standarts
  • 7. OSI 31000 Implementation Process
  • 8. COSO Enterprise Risk Management Framework
  • 9. Health Information Trust Alliance Common Security Framework
  • 10. NIST SP 800-30 and NIST SP 800-39 Standarts

  • 3. Security Categorization and Frameworks
  • 1. Step 1 - Categorize Information and Information Systems
  • 2. Security Impact Analysis
  • 3. FIPS 199, Standards for Security Categorization of Federal Information + Systems
  • 4. FIPS 199, Standards for Security Categorization of Information Types
  • 5. CNSSI No. 1253, Security Categorization and Control Selection for NSS
  • 6. Implementation of Step 1 Security Categorization
  • 7. Security Categorization from the Organizational Perspective
  • 8. Establish Relationships with Organizational Entities
  • 9. Prepare an Organization-Wide Guidance Program
  • 10. Security Categorization from Management Prospective
  • 11. Preparing for System Security Categorization
  • 12. System Security Categorization Step2 , Step 3 and Step 4
  • 13. Obtain Approval for the System Security Category and Impact Level

  • 4. Security Control Selection and Implementation
  • 1. Step 2 - Select Security Controls
  • 2. Understanding Control Selections
  • 3. Federal Information Processing Standarts
  • 4. Implementation of Step 2 - Select Security Controls
  • 5. Select Initial Security Control Baselines and Minimum Assurance Requirements
  • 6. Apply Scoping Guidance to Initial Baselines
  • 7. Determine Need for Compensating Controls
  • 8. Supplement Security Controls
  • 9. Complete Security Plan
  • 10. Other Control Libraries

  • 5. Security Control Implementation Strategies
  • 1. Step 3 - Implementing Security Controls
  • 2. Implementation of the Security Controls Specified by the Security Plan
  • 3. A System Perspective to Implementation
  • 4. A Management Perspective to Implementation
  • 5. Establishing Effective Security Implementation Through Infrastructure Management
  • 6. Security Implementation Projects and Organization Portfolios
  • 7. Document the Security Control Implementation in the Security Plan

  • 6. Security Control Assessment and Remediation
  • 1. Step 4 - Assess Security Controls
  • 2. Components of Security Control Assessment
  • 3. Control Assessment and the SDLC
  • 4. Ensuring Adequate Control Implementation
  • 5. Assessment Plan Development, Review and Approval
  • 6. Security Control Assessment Procedures and Methodologies
  • 7. Prepare the Security Assessment Report
  • 8. Initial Remedy Actions of Assessments Findings

  • 7. Security Authorization and System Deployment
  • 1. Step 5 - Authorize Preparing the Information System for Use
  • 2. Elements of Risk Management
  • 3. Certification and Accreditation
  • 4. Application of the RMF
  • 5. Security AuthorizationsApprovals to Operate
  • 6. Certification of the Correctness of Security Controls
  • 7. Particular Role of Requirements
  • 8. Preparing the Action Plan
  • 9. Preparing the Security Authorization Package

  • 8. Continuous Security Monitoring and Control Maintenance
  • 1. Step 6 - Monitor Security State
  • 2. Sustaining Effective Risk Monitoring
  • 3. Structuring the Risk-Monitoring Process
  • 4. Sustaining an Ongoing Control-Monitoring Process
  • 5. Establishing a Continuous Control Assessment Process
  • 6. Conducting Continuous Monitoring
  • 7. Quantitative Measurement Considerations
  • 8. Keeping the Control Set Correct over Time

  • 9. Applied NIST Risk Management Framework and Control Evaluation
  • 1. Practical Applications of the NIST Risk Management Framework
  • 2. Certification and Accreditation in the Federal Space
  • 3. The E-Government Act
  • 4. Implementing Information Security Controls and Evaluating the Control Set
  • 139,000 تومان
    بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
    افزودن به سبد خرید
    خرید دانلودی فوری

    در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

    ایمیل شما:
    تولید کننده:
    شناسه: 24167
    حجم: 4852 مگابایت
    مدت زمان: 568 دقیقه
    تاریخ انتشار: ۱۲ آذر ۱۴۰۲
    دسته بندی محصول
    طراحی سایت و خدمات سئو

    139,000 تومان
    افزودن به سبد خرید