- CCNA Security 210-260 Certification Guide
- Glen D. Singh Michael Vinod Vijay Anandh
- 100字
- 2025-02-22 12:45:07
Federal Information Security Management Act (FISMA)
This act was implemented to protect government information, operations and assets against natural or man-made threats.
FISMA defines nine steps for ensuring compliance:
- Define the information under a class that needs to be protected
- Define the baseline controls
- Define a risk-assessment procedure and use it to manipulate the controls if needed
- Create a system security plan and define the controls for it
- Implement the controls on the systems
- Verify the efficiency of the security controls
- Find the level of risk for business process
- Author the systems
- Monitor the controls on a periodic basis