Guide to NIST Security Documents Families

From FISMApedia
Revision as of 00:55, 18 March 2008 by Wikitick (talk)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Families

The Family categories are identical to the control families found in FIPS 200, SP 800-53, and other related documents. These Family lists mirror the document crosswalk from SP 800-53, Revision 1.


ACCESS CONTROL

FIPS 201-1 Personal Identity Verification for Federal Employees and Contractors
FIPS 200 Security Controls for Federal Information Systems
FIPS 188 Standard Security Labels for Information Transfer
SP 800-100 Information Security Handbook for Managers
SP 800-97 Guide to IEEE 802.11i: Robust Security Networks
SP 800-96 PIV Card / Reader Interoperability Guidelines
SP 800-87 Codes for the Identification of Federal and Federally Assisted Organizations
SP 800-83 Guide to Malware Incident Prevention and Handling
SP 800-81 Secure Domain Name System (DNS) Deployment Guide
SP 800-78 Cryptographic Algorithms and Key Sizes for Personal Identity Verification
SP 800-77 Guide to IPSec VPNs
SP 800-76 Biometric Data Specification for Personal Identity Verification
SP 800-73 Rev 1 Integrated Circuit Card for Personal Identification Verification
SP 800-68 Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-58 Security Considerations for Voice Over IP Systems
SP 800-57 Recommendation on Key Management
SP 800-48 Wireless Network Security: 802.11, Bluetooth, and Handheld Devices
SP 800-46 Security for Telecommuting and Broadband Communications
SP 800-45 Guidelines on Electronic Mail Security
SP 800-44 Guidelines on Securing Public Web Servers
SP 800-43 Systems Administration Guidance for Securing Microsoft Windows 2000 Professional System
SP 800-41 Guidelines on Firewalls and Firewall Policy
SP 800-36 Guide to Selecting Information Technology Security Products
SP 800-28 Guidelines on Active Content and Mobile Code
SP 800-24 PBX Vulnerability Analysis: Finding Holes in Your PBX Before Someone Else Does
SP 800-19 Mobile Agent Security
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook Families


AWARENESS & TRAINING

FIPS 200 Security Controls for Federal Information Systems
SP 800-100 Information Security Handbook for Managers
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-50 Building an Information Technology Security Awareness and Training Program
SP 800-40 Procedures for Handling Security Patches
SP 800-31 Intrusion Detection Systems (IDSs)
SP 800-16 Information Technology Security Training Requirements: A Role- and Performance-Based Model
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook


AUDIT & ACCOUNTABILITY

FIPS 200 Security Controls for Federal Information Systems
FIPS 198 The Keyed-Hash Message Authentication Code (HMAC)
SP 800-100 Information Security Handbook for Managers
SP 800-92 Guide to Computer Security Log Management
SP 800-89 Recommendation for Obtaining Assurances for Digital Signature Applications
SP 800-86 Guide to Integrating Forensic Techniques into Incident Response
SP 800-83 Guide to Malware Incident Prevention and Handling
SP 800-72 Guidelines on PDA Forensics
SP 800-68 Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-57 Recommendation on Key Management
SP 800-52 Guidelines on the Selection and Use of Transport Layer Security
SP 800-49 Federal S/MIME V3 Client Profile
SP 800-45 Guidelines on Electronic Mail Security
SP 800-44 Guidelines on Securing Public Web Servers
SP 800-42 Guideline on Network Security Testing
SP 800-19 Mobile Agent Security
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook


CERTIFICATION, ACCREDITATION & SECURITY ASSESSMENTS

FIPS 200 Security Controls for Federal Information Systems
SP 800-100 Information Security Handbook for Managers
SP 800-85 PIV Middleware and PIV Card Application Conformance Test Guidelines
SP 800-79 Guidelines for the Certification and Accreditation of PIV Card Issuing Organizations
SP 800-76 Biometric Data Specification for Personal Identity Verification
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-65 Integrating Security into the Capital Planning and Investment Control Process
SP 800-55 Security Metrics Guide for Information Technology Systems
SP 800-53A Guide for Assessing the Security Controls in Federal Information Systems
SP 800-47 Security Guide for Interconnecting Information Technology Systems
SP 800-42 Guideline on Network Security Testing
SP 800-37 Guidelines for the Security Certification and Accreditation of Federal Information Technology Systems
SP 800-36 Guide to Selecting Information Technology Security Products
SP 800-35 Guide to Information Technology Security Services
SP 800-30 Risk Management Guide for Information Technology Systems
SP 800-26 Security Self-Assessment Guide for Information Technology Systems
SP 800-23 Guideline to Federal Organizations on Security Assurance and Acquisition/Use of Tested/Evaluated Products
SP 800-22 A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications
SP 800-20 Modes of Operation Validation System for the Triple Data Encryption Algorithm (TMOVS): Requirements and Procedures
SP 800-18 Guide for Developing Security Plans for Information Technology Systems
SP 800-17 Modes of Operation Validation System (MOVS): Requirements and Procedures
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook


CONFIGURATION MANAGEMENT

FIPS 200 Security Controls for Federal Information Systems
SP 800-100 Information Security Handbook for Managers
SP 800-86 Guide to Integrating Forensic Techniques into Incident Response
SP 800-83 Guide to Malware Incident Prevention and Handling
SP 800-81 Secure Domain Name System (DNS) Deployment Guide
SP 800-70 Security Configuration Checklists Program for IT Products
SP 800-68 Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist
SP 800-48 Wireless Network Security: 802.11, Bluetooth, and Handheld Devices
SP 800-46 Security for Telecommuting and Broadband Communications
SP 800-45 Guidelines on Electronic Mail Security
SP 800-44 Guidelines on Securing Public Web Servers
SP 800-43 Systems Administration Guidance for Securing Microsoft Windows 2000 Professional System
SP 800-40 Procedures for Handling Security Patches
SP 800-37 Guidelines for the Security Certification and Accreditation of Federal Information Technology Systems
SP 800-35 Guide to Information Technology Security Services
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook


CONTINGENCY PLANNING

FIPS 200 Security Controls for Federal Information Systems
SP 800-100 Information Security Handbook for Managers
SP 800-86 Guide to Integrating Forensic Techniques into Incident Response
SP 800-83 Guide to Malware Incident Prevention and Handling
SP 800-81 Secure Domain Name System (DNS) Deployment Guide
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-57 Recommendation on Key Management
SP 800-56A Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography
SP 800-50 Building an Information Technology Security Awareness and Training Program
SP 800-45 Guidelines on Electronic Mail Security
SP 800-44 Guidelines on Securing Public Web Servers
SP 800-43 Systems Administration Guidance for Securing Microsoft Windows 2000 Professional System
SP 800-41 Guidelines on Firewalls and Firewall Policy
SP 800-34 Contingency Planning Guide for Information Technology Systems
SP 800-25 Federal Agency Use of Public Key Technology for Digital Signatures and Authentication
SP 800-24 PBX Vulnerability Analysis: Finding Holes in Your PBX Before Someone Else Does
SP 800-21 Rev 1 Guideline for Implementing Cryptography in the Federal Government
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-13 Telecommunications Security Guidelines for Telecommunications Management Network
SP 800-12 An Introduction to Computer Security: The NIST Handbook


IDENTIFICATION AND AUTHENTICATION

FIPS 201-1 Personal Identity Verification for Federal Employees and Contractors
FIPS 200 Security Controls for Federal Information Systems
FIPS 190 Guideline for the Use of Advanced Authentication Technology Alternatives
FIPS 140-2 Security Requirements for Cryptographic Modules
SP 800-100 Information Security Handbook for Managers
SP 800-97 Guide to IEEE 802.11i: Robust Security Networks
SP 800-96 PIV Card / Reader Interoperability Guidelines
SP 800-87 Codes for the Identification of Federal and Federally Assisted Organizations
SP 800-86 Guide to Integrating Forensic Techniques into Incident Response
SP 800-81 Secure Domain Name System (DNS) Deployment Guide
SP 800-78 Cryptographic Algorithms and Key Sizes for Personal Identity Verification
SP 800-77 Guide to IPSec VPNs
SP 800-76 Biometric Data Specification for Personal Identity Verification
SP 800-73 Rev 1 Integrated Circuit Card for Personal Identification Verification
SP 800-72 Guidelines on PDA Forensics
SP 800-68 Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-63 Recommendation for Electronic Authentication
SP 800-52 Guidelines on the Selection and Use of Transport Layer Security
SP 800-48 Wireless Network Security: 802.11, Bluetooth, and Handheld Devices
SP 800-46 Security for Telecommuting and Broadband Communications
SP 800-45 Guidelines on Electronic Mail Security
SP 800-44 Guidelines on Securing Public Web Servers
SP 800-36 Guide to Selecting Information Technology Security Products
SP 800-32 Introduction to Public Key Technology and the Federal PKI Infrastructure
SP 800-25 Federal Agency Use of Public Key Technology for Digital Signatures and Authentication
SP 800-24 PBX Vulnerability Analysis: Finding Holes in Your PBX Before Someone Else Does
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook


INCIDENT RESPONSE

FIPS 200 Security Controls for Federal Information Systems
SP 800-100 Information Security Handbook for Managers
SP 800-92 Guide to Computer Security Log Management
SP 800-83 Guide to Malware Incident Prevention and Handling
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-61 Computer Security Incident Handling Guide
SP 800-50 Building an Information Technology Security Awareness and Training Program
SP 800-36 Guide to Selecting Information Technology Security Products
SP 800-31 Intrusion Detection Systems (IDSs)
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook


MAINTENANCE

FIPS 200 Security Controls for Federal Information Systems
SP 800-100 Information Security Handbook for Managers
SP 800-88 Media Sanitization Guide
SP 800-77 Guide to IPSec VPNs
SP 800-34 Contingency Planning Guide for Information Technology Systems
SP 800-24 PBX Vulnerability Analysis: Finding Holes in Your PBX Before Someone Else Does
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook


MEDIA PROTECTION

FIPS 200 Security Controls for Federal Information Systems
SP 800-100 Information Security Handbook for Managers
SP 800-92 Guide to Computer Security Log Management
SP 800-88 Media Sanitization Guide
SP 800-86 Guide to Integrating Forensic Techniques into Incident Response
SP 800-72 Guidelines on PDA Forensics
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-57 Recommendation on Key Management
SP 800-36 Guide to Selecting Information Technology Security Products
SP 800-24 PBX Vulnerability Analysis: Finding Holes in Your PBX Before Someone Else Does
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook


PHYSICAL & ENVIRONMENTAL PROTECTION

FIPS 200 Security Controls for Federal Information Systems
SP 800-100 Information Security Handbook for Managers
SP 800-96 PIV Card / Reader Interoperability Guidelines
SP 800-92 Guide to Computer Security Log Management
SP 800-86 Guide to Integrating Forensic Techniques into Incident Response
SP 800-78 Cryptographic Algorithms and Key Sizes for Personal Identity Verification
SP 800-76 Biometric Data Specification for Personal Identity Verification
SP 800-73 Rev 1 Integrated Circuit Card for Personal Identification Verification
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-58 Security Considerations for Voice Over IP Systems
SP 800-24 PBX Vulnerability Analysis: Finding Holes in Your PBX Before Someone Else Does
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook


PLANNING

FIPS 201-1 Personal Identity Verification for Federal Employees and Contractors
FIPS 200 Security Controls for Federal Information Systems
FIPS 199 Standards for Security Categorization of Federal Information and Information Systems
SP 800-100 Information Security Handbook for Managers
SP 800-89 Recommendation for Obtaining Assurances for Digital Signature Applications
SP 800-81 Secure Domain Name System (DNS) Deployment Guide
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-65 Integrating Security into the Capital Planning and Investment Control Process
SP 800-64 Security Considerations in the Information System Development Life Cycle
SP 800-58 Security Considerations for Voice Over IP Systems
SP 800-57 Recommendation on Key Management
SP 800-48 Wireless Network Security: 802.11, Bluetooth, and Handheld Devices
SP 800-46 Security for Telecommuting and Broadband Communications
SP 800-45 Guidelines on Electronic Mail Security
SP 800-44 Guidelines on Securing Public Web Servers
SP 800-42 Guideline on Network Security Testing
SP 800-41 Guidelines on Firewalls and Firewall Policy
SP 800-40, Ver 2 Creating a Patch and Vulnerability Management Program
SP 800-40 Procedures for Handling Security Patches
SP 800-37 Guidelines for the Security Certification and Accreditation of Federal Information Technology Systems
SP 800-34 Contingency Planning Guide for Information Technology Systems
SP 800-33 Underlying Technical Models for Information Technology Security
SP 800-32 Introduction to Public Key Technology and the Federal PKI Infrastructure
SP 800-31 Intrusion Detection Systems (IDSs)
SP 800-30 Risk Management Guide for Information Technology Systems
SP 800-27 Engineering Principles for Information Technology Security (A Baseline for Achieving Security)
SP 800-26 Security Self-Assessment Guide for Information Technology Systems
SP 800-25 Federal Agency Use of Public Key Technology for Digital Signatures and Authentication
SP 800-21 Rev 1 Guideline for Implementing Cryptography in the Federal Government
SP 800-19 Mobile Agent Security
SP 800-18 Guide for Developing Security Plans for Information Technology Systems
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook


PERSONNEL SECURITY

FIPS 200 Security Controls for Federal Information Systems
SP 800-100 Information Security Handbook for Managers
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook


RISK ASSESSMENT

FIPS 200 Security Controls for Federal Information Systems
FIPS 199 Standards for Security Categorization of Federal Information and Information Systems
SP 800-100 Information Security Handbook for Managers
SP 800-83 Guide to Malware Incident Prevention and Handling
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-65 Integrating Security into the Capital Planning and Investment Control Process
SP 800-63 Recommendation for Electronic Authentication
SP 800-60 Guide for Mapping Types of Information and Information Systems to Security Categories
SP 800-59 Guideline for Identifying an Information System as a National Security System
SP 800-53A Guide for Assessing the Security Controls in Federal Information Systems
SP 800-51 Use of the Common Vulnerabilities and Exposures (CVE) Vulnerability Naming Scheme
SP 800-48 Wireless Network Security: 802.11, Bluetooth, and Handheld Devices
SP 800-46 Security for Telecommuting and Broadband Communications
SP 800-45 Guidelines on Electronic Mail Security
SP 800-44 Guidelines on Securing Public Web Servers
SP 800-42 Guideline on Network Security Testing
SP 800-40, Ver 2 Creating a Patch and Vulnerability Management Program
SP 800-40 Procedures for Handling Security Patches
SP 800-37 Guidelines for the Security Certification and Accreditation of Federal Information Technology Systems
SP 800-36 Guide to Selecting Information Technology Security Products
SP 800-34 Contingency Planning Guide for Information Technology Systems
SP 800-32 Introduction to Public Key Technology and the Federal PKI Infrastructure
SP 800-31 Intrusion Detection Systems (IDSs)
SP 800-30 Risk Management Guide for Information Technology Systems
SP 800-28 Guidelines on Active Content and Mobile Code
SP 800-26 Security Self-Assessment Guide for Information Technology Systems
SP 800-25 Federal Agency Use of Public Key Technology for Digital Signatures and Authentication
SP 800-24 PBX Vulnerability Analysis: Finding Holes in Your PBX Before Someone Else Does
SP 800-23 Guideline to Federal Organizations on Security Assurance and Acquisition/Use of Tested/Evaluated Products
SP 800-19 Mobile Agent Security
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-13 Telecommunications Security Guidelines for Telecommunications Management Network
SP 800-12 An Introduction to Computer Security: The NIST Handbook


SYSTEM & SERVICES ACQUISITION

FIPS 200 Security Controls for Federal Information Systems
SP 800-100 Information Security Handbook for Managers
SP 800-97 Guide to IEEE 802.11i: Robust Security Networks
SP 800-85 PIV Middleware and PIV Card Application Conformance Test Guidelines
SP 800-83 Guide to Malware Incident Prevention and Handling
SP 800-76 Biometric Data Specification for Personal Identity Verification
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-65 Integrating Security into the Capital Planning and Investment Control Process
SP 800-64 Security Considerations in the Information System Development Life Cycle
SP 800-36 Guide to Selecting Information Technology Security Products
SP 800-35 Guide to Information Technology Security Services
SP 800-34 Contingency Planning Guide for Information Technology Systems
SP 800-33 Underlying Technical Models for Information Technology Security
SP 800-31 Intrusion Detection Systems (IDSs)
SP 800-30 Risk Management Guide for Information Technology Systems
SP 800-27 Engineering Principles for Information Technology Security (A Baseline for Achieving Security)
SP 800-23 Guideline to Federal Organizations on Security Assurance and Acquisition/Use of Tested/Evaluated Products
SP 800-21 Rev 1 Guideline for Implementing Cryptography in the Federal Government
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook


SYSTEM & COMMUNICATION PROTECTION

FIPS 201-1 Personal Identity Verification for Federal Employees and Contractors
FIPS 200 Security Controls for Federal Information Systems
FIPS 198 The Keyed-Hash Message Authentication Code (HMAC)
FIPS 197 Advanced Encryption Standard
FIPS 190 Guideline for the Use of Advanced Authentication Technology Alternatives
FIPS 186-3 Digital Signature Standard (DSS)
FIPS 180-2 Secure Hash Standard (SHS)
FIPS 140-2 Security Requirements for Cryptographic Modules
SP 800-100 Information Security Handbook for Managers
SP 800-97 Guide to IEEE 802.11i: Robust Security Networks
SP 800-90 Recommendation for Random Number Generation Using Deterministic Random Bit Generators
SP 800-89 Recommendation for Obtaining Assurances for Digital Signature Applications
SP 800-83 Guide to Malware Incident Prevention and Handling
SP 800-81 Secure Domain Name System (DNS) Deployment Guide
SP 800-78 Cryptographic Algorithms and Key Sizes for Personal Identity Verification
SP 800-77 Guide to IPSec VPNs
SP 800-73 Rev 1 Integrated Circuit Card for Personal Identification Verification
SP 800-70 Security Configuration Checklists Program for IT Products
SP 800-68 Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist
SP 800-67 Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-58 Security Considerations for Voice Over IP Systems
SP 800-57 Recommendation on Key Management
SP 800-56A Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography
SP 800-52 Guidelines on the Selection and Use of Transport Layer Security
SP 800-49 Federal S/MIME V3 Client Profile
SP 800-46 Security for Telecommuting and Broadband Communications
SP 800-45 Guidelines on Electronic Mail Security
SP 800-44 Guidelines on Securing Public Web Servers
SP 800-41 Guidelines on Firewalls and Firewall Policy
SP 800-38D Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) for Confidentiality and Authentication
SP 800-38C Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality
SP 800-38B Recommendation for Block Cipher Modes of Operation: The RMAC Authentication Mode
SP 800-38A Recommendation for Block Cipher Modes of Operation - Methods and Techniques
SP 800-36 Guide to Selecting Information Technology Security Products
SP 800-32 Introduction to Public Key Technology and the Federal PKI Infrastructure
SP 800-29 A Comparison of the Security Requirements for Cryptographic Modules in FIPS 140-1 and FIPS 140-2
SP 800-28 Guidelines on Active Content and Mobile Code
SP 800-25 Federal Agency Use of Public Key Technology for Digital Signatures and Authentication
SP 800-22 A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications
SP 800-21 Rev 1 Guideline for Implementing Cryptography in the Federal Government
SP 800-20 Modes of Operation Validation System for the Triple Data Encryption Algorithm (TMOVS): Requirements and Procedures
SP 800-19 Mobile Agent Security
SP 800-17 Modes of Operation Validation System (MOVS): Requirements and Procedures
SP 800-15 Minimum Interoperability Specification for PKI Components (MISPC), Version 1
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook


SYSTEM & INFORMATION INTEGRITY

FIPS 200 Security Controls for Federal Information Systems
SP 800-100 Information Security Handbook for Managers
SP 800-92 Guide to Computer Security Log Management
SP 800-86 Guide to Integrating Forensic Techniques into Incident Response
SP 800-85 PIV Middleware and PIV Card Application Conformance Test Guidelines
SP 800-83 Guide to Malware Incident Prevention and Handling
SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
SP 800-61 Computer Security Incident Handling Guide
SP 800-57 Recommendation on Key Management
SP 800-51 Use of the Common Vulnerabilities and Exposures (CVE) Vulnerability Naming Scheme
SP 800-48 Wireless Network Security: 802.11, Bluetooth, and Handheld Devices
SP 800-45 Guidelines on Electronic Mail Security
SP 800-44 Guidelines on Securing Public Web Servers
SP 800-43 Systems Administration Guidance for Securing Microsoft Windows 2000 Professional System
SP 800-42 Guideline on Network Security Testing
SP 800-36 Guide to Selecting Information Technology Security Products
SP 800-31 Intrusion Detection Systems (IDSs)
SP 800-28 Guidelines on Active Content and Mobile Code
SP 800-19 Mobile Agent Security
SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
SP 800-12 An Introduction to Computer Security: The NIST Handbook