Question

In: Operations Management

FIPS Publication 200 is a mandatory federal standard developed by NIST in response to FISMA. To...

FIPS Publication 200 is a mandatory federal standard developed by NIST in response to FISMA. To comply with the federal standard, organizations first determine the security category of their information system in accordance with FIPS Publication 199. Thales e-Security can help you meet the FIPS 200 and FIPS 199 data security compliance standards. Identify the relevance of the FIPS 199 and FIPS 200 documents to non-government entities.

Does the FIPS 199 document contain information relevant to non-government entities? Justify your position.

Does the FIPS 200 document contain information relevant to non-government entities? Justify your position

Solutions

Expert Solution

Identify the relevance of the FIPS 199 and FIPS 200 documents to non-government entities.

  • Encryption and Key Management: They have centrally managed files so that it can easily locate out. It has very strong encryption which is very simple to understand. Transparent to processes so that easy to keep track. Transparent to users as well.
  • Access Policies and Privileged User Controls: It has very strong restricted access to encrypted daya, the use who has access to it only can access it. The It operation can be performed with ability to see protected information.
  • Security Intelligence: If there is case where logs to protected data is too much than it create security alert, and high security is provided which can be used with SIME(Security Information and Event Management).

Does the FIPS 199 document contain information relevant to non-government entities? Justify your position.

  • Federal Information Processing Standards (FIPS) are standards published by NIST for use by the United States federal government and government contractors in relation to computer systems.
  • FIPS-199 is security authorization developed for submission to the Federal Risk and Authorization Management Program (FedRAMP) authorizing officials. It determine the security level of cloud environment that may host any service model. As now a day's most protected information is stored on cloud only for safety reasons. so it is very necessary protect cloud environment. Main goal is CSP should implement security control to its environment.
  • To keep your protected data secured your CSP should be strong. So it will be beneficial for non governing entity.

Does the FIPS 200 document contain information relevant to non-government entities? Justify your position

  • FIPS-200 basically says that there are 17 security related are which federal agency must meet certain requirements.

    These security areas are:

  • Access Control;
  • Awareness and Training;
  • Audit and Accountability;
  • Certification, Accreditation, and Security Assessments;
  • Configuration Management;
  • Contingency Planning;
  • Identification and Authentication;
  • Incident Response;
  • Maintenance;
  • Media Protection;
  • Physical and Environmental Protection;
  • Planning;
  • Personnel Security;
  • Risk Assessment;
  • Systems and Services Acquisition;
  • System and Communications Protection; and
  • System and Information Integrity

FIPS-200 states that when secured information system is developing, implementing the security emphasis should be at highest priority.

As we can see from 17 criteria each criteria has significant value if some criteria is imposed while developing the security system it will secure the protected data.


Related Solutions

NIST SP 800-30 is a National Institute of Standards and Technology publication that includes the following...
NIST SP 800-30 is a National Institute of Standards and Technology publication that includes the following terms, which relate to the potential harm an organization might sustain when threats exploit vulnerabilities: very high, high, moderate, low, and very low. The terms are defined in the course textbook in section “Threats, Vulnerabilities, and Impact.” Research a well-known company, and identify at least one example for each term.  
NIST cybersecurity framework. Summarize the purpose, approach, goals, and scope of this topic publication.( cite references)
NIST cybersecurity framework. Summarize the purpose, approach, goals, and scope of this topic publication.( cite references)
Part II: What is security and security in the NIST standard (HD tasks) The importance of...
Part II: What is security and security in the NIST standard (HD tasks) The importance of defining security is that, if you don’t know what security means, then you never know whether you have achieved your security goal or not in real applications. Let’s work through the strict definitions of security under different attack assumptions gradually and then see how the NIST standard applies the definitions (implicitly). From a high-level-point of view, any private key cryptosystem Π (for example, AES)...
i. NIST-traceable standard metal ion solutions are provided. The standard metal ion solutions are each 1000...
i. NIST-traceable standard metal ion solutions are provided. The standard metal ion solutions are each 1000 ppm. Compute how much of the NIST-traceable solution you will use to prepare 100 mL of a
What is mandatory spending also known as discretionary spending by the federal government? Define and give...
What is mandatory spending also known as discretionary spending by the federal government? Define and give examples.
Acquisition planning is mandatory when procuring goods and services for the federal government. At what point...
Acquisition planning is mandatory when procuring goods and services for the federal government. At what point in the acquisition process should acquisition planning begin? What information should be included in a written acquisition plan? At what point should the planner coordinate the acquisition plan or strategy with the small business specialist?
Mandatory spending is spending that: A) includes all federal government spending. B) supports programs that do...
Mandatory spending is spending that: A) includes all federal government spending. B) supports programs that do not get determined annually but instead are set in law. C) includes all state and local government spending. D) is appropriated by Congress annually. Suppose that the Federal Reserve has a 2% target on inflation. If actual inflation is 1%, then the Fed will want the new real interest rate to be: A) lower than the neutral interest rate. B) higher than the neutral...
Response must: be in the form of a 100 to 250-word well-developed paragraph contain well-developed sentences,...
Response must: be in the form of a 100 to 250-word well-developed paragraph contain well-developed sentences, correct spelling, and proper grammar demonstrate your achievement of lesson objectives in your response include data, facts, key terminology, specific examples and direct quotations from the textbook and at least 1 other resource to support your main point include appropriate citation and a resource list for all sources used. Case Scenario: Your patient, a 70-year-old male recently admitted to the hospital, has a pCO2...
14. Describe the role of the federal government in the COVID-19 response.
14. Describe the role of the federal government in the COVID-19 response.
In response to the coronavirus the federal government is borrowing HUGE amounts of money. By the...
In response to the coronavirus the federal government is borrowing HUGE amounts of money. By the time you read this they will borrow an additional 1 trillion dollars this year. According to the Ricardian Equivalence, how will this affect household's choice of consumption? please give a 100-words answer
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT