Difference between revisions of "References"

From Cooey.Wiki
Jump to navigation Jump to search
(Created page with "The below links point to Reference documentation outside of this Wiki. These references are the underlying detail behind much of what is described here. These links are linked throughout the Wiki, but also captured here for convenience. === NIST Special Publications === * NIST SP 800-171 * NIST SP 800-171A * NIST SP 800-53 * NIST SP 800-53A * NIST SP 800-172 * NIST SP 800-172A * NIST SP 800-88 * NIST SP 800-162 === Cybersecurity Maturity Model Certification (CMMC) ===...")
 
Line 3: Line 3:
=== NIST Special Publications ===
=== NIST Special Publications ===


* NIST SP 800-171
* [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171r2.pdf NIST SP 800-171 Rev. 2] - Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
* NIST SP 800-171A
* [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171a.pdf NIST SP 800-171A] - Assessing Security Requirements for Controlled Unclassified Information
* NIST SP 800-53
* [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf NIST SP 800-53 Rev. 5] - Security and Privacy Controls for Information Systems and Organizations
* NIST SP 800-53A
* [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53Ar5.pdf NIST SP 800-53A Rev. 5] - Assessing Security and Privacy Controls in Information Systems and Organizations
* NIST SP 800-172
* [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-172.pdf NIST SP 800-172] - Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171
* NIST SP 800-172A
* [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-172A.pdf NIST SP 800-172A] - Assessing Enhanced Security Requirements for Controlled Unclassified Information
* NIST SP 800-88
* [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf NIST SP 800-88 Rev. 1] - Guidelines for Media Sanitization
* NIST SP 800-162
* [https://nvlpubs.nist.gov/nistpubs/specialpublications/NIST.SP.800-162.pdf NIST SP 800-162] - Guide to Attribute Based Access Control (ABAC) Definition and Considerations
*[https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf NIST SP 800-207] - Zero Trust Architecture


=== Cybersecurity Maturity Model Certification (CMMC) ===
=== Cybersecurity Maturity Model Certification (CMMC) ===


* CMMC 2.0 Model
* [https://www.acq.osd.mil/cmmc/docs/ModelOverview_V2.0_FINAL2_20211202_508.pdf CMMC 2.0 Model]
* CMMC 2.0 Level 1 Assessment Guide
* [https://www.acq.osd.mil/cmmc/docs/AG_Level1_V2.0_FinalDraft_20211210_508.pdf CMMC 2.0 Level 1 Self-Assessment Guide]
* CMMC 2.0 Level 2 Assessment Guide
* [[CMMC 2.0 Level 2 Assessment Guide]]


=== Federal Acquisition Register (FAR) ===
=== Federal Acquisition Register (FAR) ===


* [https://www.acquisition.gov/far/52.204-21 FAR 52.204-21]
* [https://www.acquisition.gov/far/52.204-21 FAR 52.204-21] - Basic Safeguarding of Covered Contractor Information Systems.


=== Defense Federal Acquisition Regulation Supplement (DFARS) ===
=== Defense Federal Acquisition Regulation Supplement (DFARS) ===


* [https://www.acquisition.gov/dfars/252.204-7012-safeguarding-covered-defense-information-and-cyber-incident-reporting. DFARS 252.204-7012]
* [https://www.acquisition.gov/dfars/252.204-7012-safeguarding-covered-defense-information-and-cyber-incident-reporting. DFARS 252.204-7012] - Safeguarding Covered Defense Information and Cyber Incident Reporting.
* DFARS 252.204-7019
* [https://www.acquisition.gov/dfars/252.204-7019-notice-nist-sp-800-171-dod-assessment-requirements. DFARS 252.204-7019] - Notice of NIST SP 800-171 DoD Assessment Requirements.
* DFARS 252.204-7020
* [https://www.acquisition.gov/dfars/252.204-7020-nist-sp-800-171-dod-assessment-requirements. DFARS 252.204-7020] - NIST SP 800-171 DoD Assessment Requirements.
* DFARS 252.204-7021
* [https://www.acquisition.gov/dfars/252.204-7021-cybersecurity-maturity-model-certification-requirements. DFARS 252.204-7021] - Cybersecurity Maturity Model Certification Requirements.

Revision as of 08:58, 20 June 2022

The below links point to Reference documentation outside of this Wiki. These references are the underlying detail behind much of what is described here. These links are linked throughout the Wiki, but also captured here for convenience.

NIST Special Publications

  • NIST SP 800-171 Rev. 2 - Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
  • NIST SP 800-171A - Assessing Security Requirements for Controlled Unclassified Information
  • NIST SP 800-53 Rev. 5 - Security and Privacy Controls for Information Systems and Organizations
  • NIST SP 800-53A Rev. 5 - Assessing Security and Privacy Controls in Information Systems and Organizations
  • NIST SP 800-172 - Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171
  • NIST SP 800-172A - Assessing Enhanced Security Requirements for Controlled Unclassified Information
  • NIST SP 800-88 Rev. 1 - Guidelines for Media Sanitization
  • NIST SP 800-162 - Guide to Attribute Based Access Control (ABAC) Definition and Considerations
  • NIST SP 800-207 - Zero Trust Architecture

Cybersecurity Maturity Model Certification (CMMC)

Federal Acquisition Register (FAR)

  • FAR 52.204-21 - Basic Safeguarding of Covered Contractor Information Systems.

Defense Federal Acquisition Regulation Supplement (DFARS)