Security Controls Evaluation, Testing, and Assessment Handbook

A current and well-developed approach to the evaluation and testing of security controls to prove they are functioning correctly in today’s IT systems

Leighton Johnson (Author)

9780128184271, Elsevier Science

Paperback, published 21 November 2019

788 pages
27.6 x 21.5 x 4.8 cm, 1.72 kg

Security Controls Evaluation, Testing, and Assessment Handbook, Second Edition, provides a current and well-developed approach to evaluate and test IT security controls to prove they are functioning correctly. This handbook discusses the world of threats and potential breach actions surrounding all industries and systems. Sections cover how to take FISMA, NIST Guidance, and DOD actions, while also providing a detailed, hands-on guide to performing assessment events for information security professionals in US federal agencies. This handbook uses the DOD Knowledge Service and the NIST Families assessment guides as the basis for needs assessment, requirements and evaluation efforts.

1. Introduction to Assessments2. Risk and Security3. Statutory & Regulatory GRC4. Federal RMF Requirements5. Risk Management Framework – SP 800-37, rev.16. Roles and Responsibilities7. Assessment Process8. Assessment Methods9. Assessment Techniques for each kind of control10. System and Network Assessments11. Security Components Fundamentals12. Cybersecurity Controls13. CUI Controls14. Evidence of Assessment15. Reporting16. Conclusion

Subject Areas: Computer security [UR], Forensic science [JKVF1]