Security controls evaluation, testing, and assessment handbook / (Record no. 247248)
[ view plain ]
| 000 -LEADER | |
|---|---|
| fixed length control field | 05201cam a2200565Ii 4500 |
| 001 - CONTROL NUMBER | |
| control field | ocn932016626 |
| 003 - CONTROL NUMBER IDENTIFIER | |
| control field | OCoLC |
| 005 - DATE AND TIME OF LATEST TRANSACTION | |
| control field | 20190328114813.0 |
| 006 - FIXED-LENGTH DATA ELEMENTS--ADDITIONAL MATERIAL CHARACTERISTICS | |
| fixed length control field | m o d |
| 007 - PHYSICAL DESCRIPTION FIXED FIELD--GENERAL INFORMATION | |
| fixed length control field | cr cnu|||unuuu |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION | |
| fixed length control field | 151210t20152016mau o 001 0 eng d |
| 040 ## - CATALOGING SOURCE | |
| Original cataloging agency | N$T |
| Language of cataloging | eng |
| Description conventions | rda |
| -- | pn |
| Transcribing agency | N$T |
| Modifying agency | YDXCP |
| -- | OPELS |
| -- | N$T |
| -- | OCLCF |
| -- | CDX |
| -- | EBLCP |
| -- | IDEBK |
| -- | MERUC |
| -- | DEBSZ |
| -- | IDB |
| -- | OCLCQ |
| -- | WRM |
| -- | U3W |
| -- | D6H |
| -- | OCLCQ |
| -- | CUY |
| -- | ZCU |
| -- | ICG |
| -- | DKC |
| 019 ## - | |
| -- | 932049488 |
| -- | 935249504 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| International Standard Book Number | 9780128025642 |
| Qualifying information | (electronic bk.) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| International Standard Book Number | 0128025646 |
| Qualifying information | (electronic bk.) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| Canceled/invalid ISBN | 9780128023242 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| Canceled/invalid ISBN | 0128023244 |
| 035 ## - SYSTEM CONTROL NUMBER | |
| System control number | (OCoLC)932016626 |
| Canceled/invalid control number | (OCoLC)932049488 |
| -- | (OCoLC)935249504 |
| 050 #4 - LIBRARY OF CONGRESS CALL NUMBER | |
| Classification number | HD61 |
| 072 #7 - SUBJECT CATEGORY CODE | |
| Subject category code | BUS |
| Subject category code subdivision | 082000 |
| Source | bisacsh |
| 072 #7 - SUBJECT CATEGORY CODE | |
| Subject category code | BUS |
| Subject category code subdivision | 041000 |
| Source | bisacsh |
| 072 #7 - SUBJECT CATEGORY CODE | |
| Subject category code | BUS |
| Subject category code subdivision | 042000 |
| Source | bisacsh |
| 072 #7 - SUBJECT CATEGORY CODE | |
| Subject category code | BUS |
| Subject category code subdivision | 085000 |
| Source | bisacsh |
| 082 04 - DEWEY DECIMAL CLASSIFICATION NUMBER | |
| Classification number | 658.15/5 |
| Edition number | 23 |
| 100 1# - MAIN ENTRY--PERSONAL NAME | |
| Personal name | Johnson, Leighton, |
| Relator term | author. |
| 245 10 - TITLE STATEMENT | |
| Title | Security controls evaluation, testing, and assessment handbook / |
| Medium | [electronic resource] |
| Statement of responsibility, etc. | Leighton Johnson. |
| 264 #1 - PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE, AND COPYRIGHT NOTICE | |
| Place of production, publication, distribution, manufacture | Waltham, MA : |
| Name of producer, publisher, distributor, manufacturer | Syngress is an imprint of Elsevier, |
| Date of production, publication, distribution, manufacture, or copyright notice | 2015. |
| 300 ## - PHYSICAL DESCRIPTION | |
| Extent | 1 online resource |
| 336 ## - CONTENT TYPE | |
| Content type term | text |
| Content type code | txt |
| Source | rdacontent |
| 337 ## - MEDIA TYPE | |
| Media type term | computer |
| Media type code | c |
| Source | rdamedia |
| 338 ## - CARRIER TYPE | |
| Carrier type term | online resource |
| Carrier type code | cr |
| Source | rdacarrier |
| 500 ## - GENERAL NOTE | |
| General note | Includes index. |
| 588 0# - SOURCE OF DESCRIPTION NOTE | |
| Source of description note | Online resource; title from PDF title page (ScienceDirect, viewed December 16, 2015). |
| 505 0# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | Cover; Title Page; Copyright Page; Dedication; Contents; Introduction; Section I; Chapter 1 -- Introduction to Assessments; Chapter 2 -- Risk, Security, and Assurance; Risk management; Risk assessments; Security controls; Chapter 3 -- Statutory and Regulatory GRC; Statutory requirements; Privacy Act -- 1974; CFAA -- 1986; ECPA -- 1986; CSA -- 1987; CCA -- 1996; HIPAA -- 1996; EEA -- 1996; GISRA -- 1998; USA PATRIOT Act -- 2001; FISMA -- 2002; Sarbanes-Oxley -- 2002; Health Information Technology for Economic and Clinical Health Act -- 2009; Executive Orders/Presidential Directives. |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | Federal processing standardsFIPS-140 -- Security Requirements for Cryptographic Modules; FIPS-186 -- Digital Signature Standard (DSS); FIPS-190 -- Guideline for the Use of Advanced Authentication Technology Alternatives; FIPS-191 -- Guideline for the Analysis Local Area Network Security; FIPS-199 -- Standards for Security Categorization of Federal Information and Information Systems; FIPS-200 -- Minimum Security Requirements for Federal Information and Information Systems; FIPS-201 -- Personal Identity Verification of Federal Employees and Contractors; Regulatory requirements; DOD; CNSS; HHS. |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | HIPAA Security RuleHIPAA Privacy Rule; HITECH Breach Reporting; OMB requirements for each agency; References; Chapter 4 -- Federal RMF Requirements; Federal civilian agencies; DOD -- DIACAP -- RMF for DOD IT; IC -- ICD 503; FedRAMP; NIST Cybersecurity Framework; References; Chapter 5 -- Risk Management Framework; Step 1 -- categorization; Step 2 -- selection; Step 3 -- implementation; Step 4 -- assessment; Step 5 -- authorization; Step 6 -- monitoring; Continuous Monitoring for Current Systems; Chapter 6 -- Roles and Responsibilities; Organizational roles; White House; Congress; OMB; NIST; CNSS; NSA. |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | NIAPDHS; DOD; Individual roles; System Owner; Authorizing Official; Information System Security Officer; Information System Security Engineer; Security Architect; Common Control Provider; Authorizing Official Designated Representative; Information Owner/Steward; Risk Executive (Function); User Representative; Agency Head; Security Control Assessor; Senior Information Security Officer; Chief Information Officer; DOD roles; Section II ; Introduction; Chapter -- 7 -- Assessment Process; Focus; Guidance; SP 800-53A; RMF Step 4 -- Assess Security Controls; SP 800-115; RMF Knowledge Service. |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | ISO 27001/27002Chapter -- 8 -- Assessment Methods; Evaluation methods and their attributes; Processes; Interviews; Examinations; Observations; Document Reviews; Testing; Automated; Manual; Chapter -- 9 -- Assessment Techniques for Each Kind of Control; Security assessment plan developmental process; Security assessment actions; Security controls by family; Chapter -- 10 -- System and Network Assessments; 800-115 introduction; Assessment techniques; Network testing purpose and scope; ACL Reviews; System-Defined Reviews; Testing roles and responsibilities; Security testing techniques. |
| 504 ## - BIBLIOGRAPHY, ETC. NOTE | |
| Bibliography, etc | Includes bibliographical references and index. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name as entry element | Risk management. |
| 650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name as entry element | BUSINESS & ECONOMICS |
| General subdivision | Industrial Management. |
| Source of heading or term | bisacsh |
| 650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name as entry element | BUSINESS & ECONOMICS |
| General subdivision | Management. |
| Source of heading or term | bisacsh |
| 650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name as entry element | BUSINESS & ECONOMICS |
| General subdivision | Management Science. |
| Source of heading or term | bisacsh |
| 650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name as entry element | BUSINESS & ECONOMICS |
| General subdivision | Organizational Behavior. |
| Source of heading or term | bisacsh |
| 650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name as entry element | Risk management. |
| Source of heading or term | fast |
| Authority record control number | (OCoLC)fst01098164 |
| 655 #4 - INDEX TERM--GENRE/FORM | |
| Genre/form data or focus term | Electronic books. |
| 655 #7 - INDEX TERM--GENRE/FORM | |
| Genre/form data or focus term | Electronic books. |
| Source of term | lcgft |
| 776 08 - ADDITIONAL PHYSICAL FORM ENTRY | |
| Relationship information | Print version: |
| Main entry heading | Johnson, Leighton. |
| Title | Security Controls Evaluation, Testing, and Assessment Handbook. |
| Place, publisher, and date of publication | Saint Louis, MO : Elsevier Science, �2015 |
| International Standard Book Number | 9780128023242 |
| 856 40 - ELECTRONIC LOCATION AND ACCESS | |
| Materials specified | ScienceDirect |
| Uniform Resource Identifier | http://www.sciencedirect.com/science/book/9780128023242 |
No items available.