My Account Log in

2 options

Guide for security-focused configuration management of information systems / Arnold Johnson [and others].

Connect to full text Available online

View online

U.S. Government Documents Available online

View online
Format:
Book
Government document
Contributor:
Johnson, Arnold.
National Institute of Standards and Technology (U.S.)
Series:
NIST special publication ; 800-128.
NIST special publication. Information security
NIST special publication ; 800-128. Information security
Language:
English
Subjects (All):
Software configuration management--Standards.
Software configuration management.
Computer security--Standards--Government policy--United States.
Computer security.
Data protection--Standards--Government policy--United States.
Data protection.
Federal government--Computer networks--Security measures--Standards--Government policy--United States.
Federal government.
Information technology--Security measures--Standards--Government policy--United States.
Information technology.
Information storage and retrieval systems--Security measures--Standards--Government policy--United States.
Information storage and retrieval systems.
United States.
Genre:
technical reports.
Technical reports
Technical reports.
Physical Description:
1 online resource ([88] pages) : charts.
Place of Publication:
Gaithersburg, MD : U.S. Dept. of Commerce, National Institute of Standards and Technology, [2011]
Summary:
The purpose of Special Publication 800-128, Guide for Security-Focused Configuration Management of Information Systems, is to provide guidelines for organizations responsible for managing and administering the security of federal information systems and associated environments of operation. Configuration management concepts and principles described in NIST SP 800-128, provide supporting information for NIST SP 800-53, Recommended Security Controls for Federal Information Systems and Organizations. NIST SP 800-128 assumes that information security is an integral part of an organization⁰₉s overall configuration management. The focus of this document is on implementation of the information system security aspects of configuration management, and as such the term security-focused configuration management (SecCM) is used to emphasize the concentration on information security. In addition to the fundamental concepts associated with SecCM, the process of applying SecCM practices to information systems is described. The goal of SecCM activities is to manage and monitor the configurations of information systems to achieve adequate security and minimize organizational risk while supporting the desired business functionality and services.
Notes:
Title from PDF title screen (viewed Sept. 27, 2012).
"August 2011."
Includes bibliographical references.
OCLC:
811563837

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account