800-171
Description: Vulnerabilities discovered, for example, via the scanning conducted in response to 3..2, are remediated with consideration of the related a...
Sat, 8 Jul, 2023 at 2:54 PM
Description: Organizations assess security controls in organizational systems and the environments in which those systems operate as part of the system d...
Tue, 11 Jul, 2023 at 6:54 AM
Description: The plan of action is a key document in the information security program. Organizations develop plans of action that describe how any unimpl...
Tue, 11 Jul, 2023 at 6:50 AM
Description: Continuous monitoring programs facilitate ongoing awareness of threats, vulnerabilities, and information security to support organizational...
Sat, 8 Jul, 2023 at 3:10 PM
Description: System security plans relate security requirements to a set of security controls. System security plans also describe, at a high level, how...
Sat, 8 Jul, 2023 at 3:14 PM
Description: Communications can be monitored, controlled, and protected at boundary components and by restricting or prohibiting interfaces in organizat...
Tue, 11 Jul, 2023 at 6:03 AM
Description: Organizations apply systems security engineering principles to new development systems or systems undergoing major upgrades. For legacy sys...
Sat, 8 Jul, 2023 at 3:26 PM
Description: System management functionality includes functions necessary to administer databases, network components, workstations, or servers, and typ...
Tue, 11 Jul, 2023 at 5:50 AM
Description: The control of information in shared system resources (e.g., registers, cache memory, main memory, hard disks) is also commonly referred to...
Sat, 8 Jul, 2023 at 3:35 PM
Description: Subnetworks that are physically or logically separated from internal networks are referred to as demilitarized zones (DMZs). DMZs are typic...
Sat, 8 Jul, 2023 at 3:41 PM