The University of SydneyPage 61NIST Security Documents
www.nist.govwww.nist.orghttp://csrc.nist.gov/publications/PubsSPs.htmlStandard/Guideline name • SP 800-12, Computer Security Handbook • SP 800-14, Generally Accepted [Security] Principles & Practices • SP 800-16, Information Technology Security Training Requirements: A Role- and Performance-Based Model • SP 800-18, Guide for Developing Security Plans • SP 800-23, Guideline to Federal Organizations on Security Assurance and Acquisition/Use of Tested/Evaluated Products • SP 800-24, PBX Vulnerability Analysis: Finding Holes in your PBX Before Someone Else Does • SP 800-26, Security Self-Assessment Guide for Information Technology Systems • SP 800-27, Engineering Principles for Information Technology Security (A Baseline for Achieving Security) • SP 800-30, Risk Management Guide for information Technology Systems • SP 800-34, Contingency Plan Guide for Information Technology Systems • SP 800 –37, Draft Guidelines for the Security Certification and Accreditation of Federal Information Technology Systems • SP 800-40, Procedures for Handling Security Patches • SP 800-41, Guidelines and Firewalls and Firewall Policy 4