NIST, RCMP, CSE, CERT & Other Guidance Documents

Title: FIPS PUB 180-4 Secure Hash Standard (SHS)
Vendor: NIST
Date of Publication: March 2012
Type: NIST, RCMP, CSE, CERT & Other Guidance Documents
Tags: FIPS
Summary:

This Standard specifies secure hash algorithms, SHA-1, SHA-224, SHA-256, SHA-384, SHA- 512,...

More Details
Title: NIST: Computer Security Incident Handling Guide (Draft)
Vendor: NIST
Date of Publication: February 2012
Type: NIST, RCMP, CSE, CERT & Other Guidance Documents
Tags: Incident Response
Summary:

 

Computer security incident response has become an important component of...

More Details
Title: US Gov't Accountability Office IT Security Report: Weaknesses Continue Amid New Federal Efforts to Implement Requirements
Vendor: United States Government Accountability Office
Date of Publication: October 2011
Type: NIST, RCMP, CSE, CERT & Other Guidance Documents
Tags: FISMA
Summary:

What GAO Found

Weaknesses in information security policies and practices at 24 major...

More Details
Title: NIST DRAFT Guide for Conducting Risk Assessments
Vendor: NIST
Date of Publication: September 2011
Type: NIST, RCMP, CSE, CERT & Other Guidance Documents
Tags: NIST, Risk Assessments
Summary:

The National Institute of Standards and Technology (NIST) announces the initial public draft...

More Details
Title: ITL Bulletin: Full Virtualization Technologies: Guidelines for Secure Implementation and Management
Vendor: NIST
Date of Publication: April 2011
Type: NIST, RCMP, CSE, CERT & Other Guidance Documents
Tags: NIST, Virtualization Security
Summary:

Virtualization is a technique for simulating the software and the hardware upon which other...

More Details
Title: NIST Guide for Security-Focused Configuration Management of Information Systems
Vendor: NIST
Date of Publication: August 2011
Type: NIST, RCMP, CSE, CERT & Other Guidance Documents
Tags: NIST, Configuration Management
Summary:

Introduction

An information system is composed of many components4 that can be...

More Details
Title: PCI DSS Tokenization Guidance Supplement
Vendor: PCI Security Standards Council
Date of Publication: August 2011
Type: NIST, RCMP, CSE, CERT & Other Guidance Documents
Tags: PCI-DSS, Tokenization
Summary:

Objective

The purpose of this Information Supplement is to provide guidance for...

More Details
Title: FFIEC Updated Guidance on "Authentication in an Internet Banking Environment"
Vendor: FFIEC - Federal Financial Institutions Examination Council
Date of Publication: June 2011
Type: NIST, RCMP, CSE, CERT & Other Guidance Documents
Tags: FFIEC, Compliance
Summary:

On October 12, 2005, the FFIEC agencies1 (Agencies) issued guidance entitled Authentication in...

More Details
Title: A Preliminary Model of Insider Theft of Intellectual Property
Vendor: Software Engineering Institute, Carnegie Mellon (CERT)
Date of Publication: June 2011
Type: NIST, RCMP, CSE, CERT & Other Guidance Documents
Tags: CERT, Insider Threat
Summary:

A study conducted by the CERT® Program at Carnegie Mellon University’’s Software Engineering...

More Details
Title: Network Monitoring for Web-Based Threats
Vendor: Software Engineering Institute, Carnegie Mellon (CERT)
Date of Publication: February 2011
Type: NIST, RCMP, CSE, CERT & Other Guidance Documents
Tags: CERT
Summary:

This report models the approach a focused attacker would take in order to breach an...

More Details

Pages