Time
1 hour 27 minutes
Difficulty
Intermediate
CEU/CPE
2

Video Description

This lesson covers Domain 15; system and communication protection. The basic security requirements are 3.13.1 and 3.13.2.

Video Transcription

00:04
as we move forward into domain 15. We're looking at the requirement for system and communications protection. So here we're looking at how we communicate usually cross network, whether it's wireless communication or wire communication. Internal, external.
00:22
Ah, and we have a couple of basic security requirements. Now, we have a lot of derived requirements, but the two basic security requirements
00:30
we're gonna monitor, control and protect organizational communications
00:35
at the external boundaries and key internal boundaries. So, for instance, what we're gonna do is look to isolate, trusted from untrusted. Usually we assume the internal networks your trusted, the external or under our untrusted, or perhaps even semi trusted.
00:52
So we're gonna we're gonna certainly monitor and protect
00:57
the communications as it passes across those untrusted or semi trusted channels. The second basic requirement is we're gonna implement architectural design, software development and systems engineering principles that promote effective information security within the systems. Okay, so
01:17
architectural design goes right down to the elements of the trusted computer base. Those those elements like your processor in your memory.
01:26
Ah, the system designed of the operating system kernel reference monitor, security, Colonel, all of those very, very basic essential elements to enforce that security policy of a system
01:38
Software development techniques. If you take a look at NIST Special Publication 800-53 a on and we will have will be presenting a classroom that, uh, that dictates how we're going to implement security throughout the software development life cycle.
01:57
Now this special publication 800-1 60 talks about implementing security through the system security engineering process. So certainly otherness documents and other cyber classes to help you implement Basic Requirement $3.13 too.

Up Next

NIST 800-171 Controlled Unclassified Information Course

The Cybrary NIST 800-171 course covers the 14 domains of safeguarding controlled unclassified information in non-federal agencies. Basic and derived requirements are presented for each security domain as defined in the NIST 800-171 special publication.

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor