From the course: NIST 800-53r5: Introduction to Security and Privacy Controls
Join today to access over 25,300 courses taught by industry experts.
Control assessment
From the course: NIST 800-53r5: Introduction to Security and Privacy Controls
Control assessment
- Okay, so for lesson 2.8 we're going to talk about control assessment and really looking at how to map weaknesses to the NIST controls. So, in this lesson you'll learn how to state how a weakness is discovered, explain the benefits of the security benchmarks. We've talked about those before. I'll try to go in a little bit more in depth what they actually mean. Examine some of the compliance scans, this is a chance to actually look at the output from them. And critique some of the automated tool reports and then map, actually map some of the weakness found to an 800-53 control. Let's just take a quick refresher here just to remember where we are. We're in step two of the RMF. Step three and four is where we're kind of going now. So, step three was implementing the control and then actually documenting it in the security plan. Step four is where it's being assessed to make sure you actually did the control correctly, or it's doing exactly what you thought it would. There's an…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
(Locked)
Module two overview1m 48s
-
(Locked)
Control families6m 48s
-
(Locked)
Anatomy of a control4m 57s
-
Control selection5m 22s
-
(Locked)
Common, system, and hybrid controls7m 26s
-
(Locked)
Organization defined variables2m 46s
-
(Locked)
System security plan5m 37s
-
(Locked)
Control assessment8m 11s
-
(Locked)
POA&M6m 48s
-
(Locked)
-
-