LJK/Security Reference Manual
Previous Contents Index

Appendix J
Appendix J Security of LJK/Security
Appendix K
Appendix K Creating Policies Based on Examples
     K.1     Example Command Procedures
         K.1.1         POLICY_NULL.COM
         K.1.2         NIST
             K.1.2.1             POLICY_NIST_SP_800_53A_LOW.COM
             K.1.2.2             POLICY_NIST_SP_800_53A_MODERATE.COM
             K.1.2.3             POLICY_NIST_SP_800_53A_HIGH.COM
             K.1.2.4             POLICY_NIST_SP_800_53.COM
             K.1.2.5             POLICY_NIST_SP_800_53A_FULL.COM
         K.1.3         PCI DSS
             K.1.3.1             POLICY_PCI_MERCHANT.COM
             K.1.3.2             POLICY_PCI_SERVICE_PROVIDER.COM
             K.1.3.3             POLICY_PCI_SHARED_HOSTING.COM
         K.1.4         DoD Instruction 8500.2
             K.1.4.1             Mission Assurance Categories
             K.1.4.2             Confidentiality Levels
             K.1.4.3             Command Procedures for Possible Combinations
         K.1.5         CNSS
         K.1.6         Exemptions for the VMS Trusted Computing Base
             K.1.6.1             POLICY_VMS_SHA1_AXP_%%_*.COM
             K.1.6.2             POLICY_VMS_SHA1_VAX_%%_*.COM
             K.1.6.3             POLICY_VMS_SIMPLE_AXP_%%_*.COM
             K.1.6.4             POLICY_VMS_SIMPLE_VAX_%%_*.COM
     K.2     Choice of Checksum Algorithms
     K.3     Creating Your Own Command Procedures
Appendix L
Appendix L Sending LJK/Security Data Directly over TCP/IP
     L.1     Basic Approach to Transmission over TCP/IP
     L.2     LJK/Security Command Examples
     L.3     Example TCP/IP Command Procedure for Each Tributary Node
     L.4     Example TCP/IP Command Procedure for the Master Node
Appendix M
Appendix M Quick Start Guide to NIST SP 800-53/800-53a Security Assessments
     M.1     An Easy Start for NIST Assessments
         M.1.1         Setting Up the Environment
         M.1.2         Running Your First Assessments
         M.1.3         Choosing a User Interface
         M.1.4         Adding Exemptions for Acceptable Deviations
     M.2     Saving Time on Annual NIST Security Assessments
         M.2.1         The Role of LJK/Security in NIST Assessments
             M.2.1.1             Common Controls
         M.2.2         The Multi-faceted Nature of NIST Assessment
             M.2.2.1             800-53 CA-2 Security Assessments
             M.2.2.2             800-53 CA-7 Continuous Monitoring
             M.2.2.3             Are CA-7 Assessments Adequate For CA-2 ?
         M.2.3         LJK/Security Document Naming for CA-2 and CA-7
         M.2.4         What is a "System" ?
         M.2.5         Using CA-7 Exemptions for CA-2 Assessments
             M.2.5.1             Example of an Exemption Based on Node
             M.2.5.2             Example of an Exemption Based on Node/Filename pair
             M.2.5.3             Example of an Exemption Based on Node/Terminal pair
             M.2.5.4             Example of an Exemption Based on Node/Username pair
Appendix N
Appendix N Quick Start Guide to PCI DSS Security Assessments
     N.1     An Easy Start for PCI DSS Assessments
         N.1.1         Setting Up the Environment
         N.1.2         Running Your First Assessments
         N.1.3         Choosing a User Interface
         N.1.4         Adding Exemptions for Acceptable Deviations
Appendix O
Appendix O Quick Start Guide to DoD Instruction 8500.2 Vulnerability Assessments
     O.1     The Role of LJK/Security in 8500.2 Assessments
     O.2     An Easy Start for DoD Instruction 8500.2 Assessments
         O.2.1         Setting Up the Environment
         O.2.2         Running Your First Assessments
         O.2.3         Choosing a User Interface
         O.2.4         Adding Exemptions for Acceptable Deviations
     O.3     Saving Time on ECMT Conformance Monitoring and Testing
         O.3.1         ECMT-* Conformance Monitoring and Testing
             O.3.1.1             VIVM-1 Vulnerability Management
         O.3.2         LJK/Security Document Naming for ECMT-* and VIVM-1
         O.3.3         Using VIVM-1 Exemptions for ECMT-* Assessments
             O.3.3.1             Example of an Exemption Based on Node
             O.3.3.2             Example of an Exemption Based on Node/Filename pair
             O.3.3.3             Example of an Exemption Based on Node/Terminal pair
             O.3.3.4             Example of an Exemption Based on Node/Username pair
Appendix P
Appendix P Quick Start Guide to CNSS Security Assessments
     P.1     An Easy Start for CNSS Assessments
         P.1.1         Setting Up the Environment
         P.1.2         Running Your First Assessments
         P.1.3         Choosing a User Interface
         P.1.4         Adding Exemptions for Acceptable Deviations
     P.2     Saving Time on Annual CNSS Security Assessments
         P.2.1         The Role of LJK/Security in CNSS Assessments
             P.2.1.1             Common Controls
         P.2.2         The Multi-faceted Nature of CNSS Assessment
             P.2.2.1             800-53 CA-2 Security Assessments
             P.2.2.2             800-53 CA-7 Continuous Monitoring
             P.2.2.3             Are CA-7 Assessments Adequate For CA-2 ?
         P.2.3         LJK/Security Document Naming for CA-2 and CA-7
         P.2.4         What is a "System" ?
         P.2.5         Using CA-7 Exemptions for CA-2 Assessments
             P.2.5.1             Example of an Exemption Based on Node
             P.2.5.2             Example of an Exemption Based on Node/Filename pair
             P.2.5.3             Example of an Exemption Based on Node/Terminal pair
             P.2.5.4             Example of an Exemption Based on Node/Username pair

Previous Next Contents Index