Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] Guide for Assessing Security Controls (NIST)

from [Dan Swanson] Network Security [Permanent Link]
Subject: [CISSP-D] Guide for Assessing Security Controls (NIST)
Date: Tue, 25 Apr 2006 04:03:45 -0700 (PDT) 
  "When people are highly motivated, it's easy to accomplish the impossible. 
And when they're not, it's impossible to accomplish the easy." ? Bob Collings. 

"If you tell people where to go, but not how to get there, you'll be amazed at 
the results." ? Gen. George Patton.

"Praise does wonders for the sense of hearing." ? Unknown.
_______________________________________________________________

1. NIST is pleased to announce the release of Draft Special Publication 
  800-53A, "Guide for Assessing the Security Controls in Federal Information 
Systems". 
_______________________________________________________________

The second public draft of NIST Special Publication 800-53A, Guide for 
Assessing the Security Controls in Federal Information Systems is now available 
for public comment at the draft publications page. The document provides a 
comprehensive listing of methods and procedures to assess the effectiveness of 
security controls in federal information systems. Assessment procedures have 
been developed for each security control and control enhancement in NIST 
Special Publication 800-53 with the rigor and intensity of assessments aligned 
with the impact levels in FIPS 199.  

To learn more about this draft document and others visit the CSRC Drafts page 
-- (the link is provided below):

http://csrc.nist.gov/publications/drafts.html#sp800-53A

2. Competency Framework and Map for the CMA Profession.

A very interesting paper - do you know your competencies?

www.cma-
canada.org/multimedia/CMA_Canada/Document_Library/Attachments/Compete
ncyMap05.pdf

Enjoy,

Dan
________________________________________________

www.securitybenchmark.com
http://finance.groups.yahoo.com/group/Dans_SECemails/
http://finance.groups.yahoo.com/group/Dans_CCCemails/

The 2006 Mid Canada Information Technology Conference
www.midcanitc.com

The Vital Need For Quality Internal Auditing
www.complianceweek.com/index.cfm?
fuseaction=article.viewArticle&article_ID=2447
_______________________________________________

                
---------------------------------
Blab-away for as little as 1¢/min. Make  PC-to-Phone Calls using Yahoo! 
Messenger with Voice.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] Guide for Assessing Security Controls (NIST), Dan Swanson <=
Previous by Date:  [CISSP-D] CISSP - How to fill form, Gunjan Saurabh
Next by Date:  AW: [CISSP-D] Computer Forensics Textbook Recommendations, ALI.MABROUK
Previous by Thread:  [CISSP-D] CISSP - How to fill form, Gunjan Saurabh
Next by Thread:  AW: [CISSP-D] Computer Forensics Textbook Recommendations, ALI.MABROUK
Indexes:  [Date] [Thread] [Top] [All Lists]