Cybrary's open source learning community and hands on marketplace enables you to
earn new skills and collaborate in an engaging and rewarding way. Join the other 1,563,876 IT professionals today
to get free access to
Unlimited Free and Open Source Cyber Security Learning
CEU/CPE Certificates of Completion
Innovative Micro-Certifications
Over 200 Certification-based Practice Labs and Practice Tests
In this lesson, Subject Matter Expert (SME) Kelly Handerhan discusses NIST Special Publication (SP) 800-37, “Guide for the Security Certification and Accreditation of Federal Information Systems”, that was created as part of NIST’s responsibility under FISMA to develop standards and guidelines for the requirements and process steps for the certification, accreditation, and monitoring of information systems.
Handerhan explains the use and usefulness of other NIST SP documents in the RMF process.
You will learn:
the six Risk Management Framework (RMF) phases
the role of the Information System Owner
when and how to create and update the System Security Plan (SSP)
how to develop a Plan of Actions and Milestones (POAM) to document weaknesses and vulnerabilities and to set mitigation milestones
how to develop a Minimum Security Baseline (MSB)
how to select and implement security control activities
documentation requirements and methods
contingency planning for federal agency systems’ continuity (“systems” goes beyond just computer systems)
how to develop a Business Impact Analysis
the three phases of continuity
the differences between recovery and reconstitution
rules and responsibilities of the incident response team in a contingency environment
incident analysis and returning to an operational state
understanding and using the “plan, do, check, act” model
THE DISCUSSION OF IMPORTANT RMF DOCUMENTS AND USING THE RMF CONTINUES IN LESSON 2.
Watch the Course Intro Video
Learn on the go.
The app designed for the modern cyber security professional.
Use your Cybytes to earn Course Badges and Certifications
You've completed the course and now it's time to show it off to the world. Earn a Certificate of Completion with CEU/CPE credit hours;
and, a Course Badge, attached to your profile, that shows the community you have taken steps to improve your own knowledge and grow
your career. Join cyber security's largest community and start learning today.
Congratulations! You're taking the first step to getting certified. Get some hands on experience with available practice labs OR save some money, support Cybrary, and purchase discounted exam vouchers. Ready to earn your next industry certification? Join cyber security's largest community and start learning today.
We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.