Information Technology Reference
In-Depth Information
Control
Reference
Description of
Applicability
a
Category/Document
CM
SP 800-35:
Guide to Information
Technology Security Services
CM
SP 800-14:
Generally Accepted Principles
and Practices for Securing Information
Technology Systems
CM
SP 800-12:
An Introduction to Computer
Security: The NIST Handbook
Cp
Contingency planning
CP
FIPS 200:
Security Controls for Federal
Information Systems
CP
SP 800-100:
Information Security
Handbook for Managers
CP
SP 800-86:
Guide to Integrating Forensic
Techniques into Incident Response
CP
SP 800-83:
Guide to Malware Incident
Prevention and Handling
CP
SP 800-81:
Secure Domain Name System
(DNS) Deployment Guide
CP
SP 800-66:
An Introductory Resource
Guide for Implementing the Health
Insurance Portability and Accountability
Act (HIPAA) Security Rule
CP
SP 800-57
Recommendation on Key
Management
CP
SP 800-56A:
Recommendation for Pair-
Wise Key Establishment Schemes Using
Discrete Logarithm Cryptography
CP
SP 800-50:
Building an Information
Technology Security Awareness and
Training Program
CP
SP 800-45:
Guidelines on Electronic Mail
Security
CP
SP 800-44:
Guidelines on Securing Public
Web Servers