NIST SP Flashcards
NISTIRs
NIST Interagency Reports
ITL
Information Technology Laboratory Bulletins
FIPs 199
Security Categorization
FIPs 200
Minimum Security Requirements
- Promotes secure IS
- Establish minimum levels
- Selecting and specifying controls
NIST SP 800-18 rev 1
Security Planning
steps of developing SSP
NIST SP 800-30 Rev 1
Risk Assessment
Guidance on conducting Risk Assessment
NIST SP 800-37
Guide for applying RMF
NIST SP 800-39
Risk Mgmt
NIST SP 800-53
Recommended Security Controls
NIST SP 800-53A
Security Control Assessment
*Building SAP, procedures
NIST SP 800-59
National Security Systems
Guideline to identify IS as national security system
NIST SP 800-60
Security Category Mapping
Helps mapping impact level of the types of information and information systems
NIST SP 800-70
Guidelines for Checklists
*Configuration checklists
NIST SP 800-137
Continuous Monitoring
RMF Guidance Review
Phase 1 (Categorize) - FIPs 199 and NIST SP 800-60
Phase 2 (Select) - FIPs 200 and NIST SP 800-53
Phase 3 (Implement) - NIST SP 800-70
Phase 4 (Assess) - NIST SP 800-53A
Phase 5 (Authorize) - NIST SP 800-37
Phase 6 (Monitoring) - NIST 800-37 and NIST SP 800-53A