Please enable JavaScript.
Coggle requires JavaScript to display documents.
SECURITY ORGANIZATION ROLES (CERT/CC (Reporting center for Internet…
SECURITY ORGANIZATION ROLES
CERT/CC
Reporting center for Internet security issues.
plays a major role in coordinating responses to Internet security threats.
located at the Software Engineering Institute (SEI)
Operated by Carnegie Mellon University.
SANS Institute
Established in 1989
A cooperative research and education organization.
Develops and maintains research documents no cost about it.
Operates the Internet Storm Center
(ISC)2
Maintains a collection of industry best practices for information security.
create the five certifications that align to these best practices, SSCP and CISSP
There are two Focus certifications and new CAP certification
ICSA
Tests firewalls against a standard set of functional and assurance criteria elements.
Presently testing firewalls and VPN devices on security measures.
Certification exists to provide a set of measurable and public-domain standards
US-CERT
A partnership between the Department of Homeland Security and the public and private sectors.
Established in 2003
Protect the nation’s Internet infrastructure by coordinating defense against and responses to Internet security threats.
Responsible for:
• Analyzing and reducing cyber threats and vulnerabilities
• Disseminating cyber threat warning information
• Coordinating incident-response activities
FIPS
specifies security requirements for cryptographic modules.
four levels of assurance: Level 1 is the lowest, and Level 4 is the most stringent.
Each level builds upon the one below it
Common criteria
An international standard for evaluating IT security.
Developed by a consortium of 14 countries to replace a number of existing country-specific security assessments
Establish a single high-quality standard for international
There are seven security levels defined for the Common Criteria evaluation process