SDLC Flashcards

1
Q

RMF and SDLC

A

SDLC Phases:

1) Initiation (RMF Steps 1 and 2)
2) Development and Acquisition (RMF Step 2)
3) Implementation (RMF Steps 3-5)
4) Operations and Maintenance (RMF Step 6)
5) Disposition (RMF Step 6)

RMF -

1) Categorize
2) Select
3) Implement
4) Assess
5) Authorize
6) Monitor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

SDLC - Step 1

A

INITIATION

  • Why do we need it?
  • How does it support the mission
  • Investment review and budget

Security Considerations

  • conduct initial risk assessment
  • identify ISSO
  • FIPs 199
  • FIPs 200
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SDLC - Step 2

A

DEVELOPMENT AND ACQUISITION

  • Functional statement of need
  • Feasibility Study
  • Cost Benefit Analysis

Security Considerations

  • Risk Assessment
  • Security Planning
  • Security Control Development
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SDLC - Step 3

A

IMPLEMENTATION

  • Installation
  • Inspection
  • Acceptance Ttesting
  • initial user training
  • documentation

Security Considerations

  • Inspection and Acceptance
  • System integration
  • Security Certification Executed
  • Security Accreditation Decision
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SDLC - Step 4

A

OPERATION AND MAINTENANCE

  • Performance Measurement
  • Contract Modification
  • Operations
  • Maintenance

Security Considerations

  • Configuration mgmt and control
  • Continuous Monitoring
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

SDLC - Step 5

A

DISPOSITION

  • Appropriateness of Disposal
  • Exchange & Sale
  • Internal Organizational Screening
  • Transfer - Donation
  • Contract Closeout

Security Considerations

  • Information Preservation
  • Media Sanitization
  • HW and SW Disposal
How well did you know this?
1
Not at all
2
3
4
5
Perfectly