Essay about The Handbook

93565 Words Apr 25th, 2015 375 Pages
National Institute of Standards and Technology
Technology Administration
U.S. Department of Commerce

An Introduction to Computer Security:
The NIST Handbook

Special Publication 800-12

User
Issues

Assurance

Contingency
Planning

I&A

Training

Personnel

Access
Controls

Audit

Planning

Risk
Management

Crypto

Physical
Security

Policy

Support
&
Operations

Program
Management

Threats

Table of Contents

I. INTRODUCTION AND OVERVIEW
Chapter 1
INTRODUCTION
1.1
1.2
1.3
1.4
1.5

Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Intended Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
…show more content…
. . . . . . 14
Chapter 3
ROLES AND RESPONSIBILITIES iii 3.1
3.2
3.3
3.4
3.5
3.6

Senior Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Computer Security Management . . . . . . . . . . . . . . . . . . . . . . . . . . .
Program and Functional Managers/Application Owners . . . .
Technology Providers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Supporting Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

16
16
16
16
18
20

Chapter 4
COMMON THREATS: A BRIEF OVERVIEW
4.1
4.2
4.3
4.4
4.5
4.6
4.7
4.8
4.9

Errors and Omissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Fraud and Theft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Employee Sabotage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Loss of Physical and Infrastructure Support . . . . . . . . . . . . . . . .
Malicious Hackers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Industrial Espionage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Malicious Code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Related Documents