Which organization promotes technology issues as an agency of the united nations? quizlet

National Institute of Standards and Technology (NIST)*must know the ones with stars, otherwise just know general info about it.

Federal agency within the U.S. Federal standards. (Department of Commerce)
(NATIONAL STANDARDS WITHIN THE UNITED STATES, NOT INTERNATIONAL)
*Note that standards are not enough, you must go above and beyond & keep it all private, do not tell anyone.

Nist 1000
Nist 834 - deals with contingency planning
Nist 27 - provides principles
Nist 61 - Deals with incident handling
Nist 73 - Deals with personal identification verification(AUTHENTIFICATION)
Nist 800 - 146: MEMORIZE THIS. Deals with cloud computing.

Mission is to "promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life"

Provides standards for measurement and technology on which nearly all computing devices rely

Maintains the atomic clock that keeps the United States' official time
Maintains a list of standards and publications

International Organization for Standardization (ISO)**must know

Nongovernmental international organization
**NOTE THIS IS INTERNATIONAL.
ISO 17799 - OLD STANDARD AND WAS REPLACED BY ISO/IEC 27002. REMEMBER THE NEW ONE.

Created the OSI Reference model and deals with networks. ISO Gives us OSI. Top layers deal with applications like webbrowsers, 5,4,3 deal with operating system like windows 10. Layer 1/2 deals with hardware

Two international standards I must know:
ISO 27001:
ISO 27002:

Two international standards I must know ! ^
Its goal is to develop and publish international standards for nearly all industries

Is a network of 161 national standards institutes

Best-known ISO standard is the Open Systems Interconnection (OSI) Reference Model

International Electrotechnical Commission (IEC)

Works with the ISO

Deals with electronic standards and electronics. All you need to know.

Is the preeminent organization for developing and publishing international standards for technologies related to electrical and electronic devices and processes

Standards address a wide variety of areas:
•Power generation
•Semiconductors
•Telecommunications
•Physical computer and networking hardware

Internet Engineering Task Force (IETF)

Develops and promotes Internet standards

Organization that oversees the internet with standards.
Focuses on the engineering aspects of Internet communication

Works closely with the W3C and ISO/IECIs a collection of working groups (WGs), with each group addressing a specific topic

World Wide Web Consortium (W3C)

Is the main international standards organization for the World Wide Web
Develops protocols and guidelines that unify the Web and ensure its long-term growth. Just know it is for webpages.

Provides standards for webpages, such as HTML, XML, ETC.
Standards developed or endorsed include:
•Cascading Style Sheets (CSS)
•HyperText Markup Language (HTML)
•Simple Object Access Protocol (SOAP)
•Extensible Markup Language (XML)

Request for Comments (RFC)*MUST MEMORIZE

A document that ranges from a simple memo to several standards documents

Basically a document requesting for comments on things, what's your comment about html, etc.
Get comments for the standards/organizations.

RFC model allows input from many sources; encourages collaboration and peer review

Only some RFCs specify standards

RFCs never change

RFCs may originate with other organizations

RFCs that define formal standards have four stages:
1. Proposed Standard (PS),
2. Draft Standard (DS),
3. Standard (STD), and
4. Best Current Practice (BCP)

Institute of Electrical and Electronics Engineers (IEEE) *MUST KNOW 2 STANDARDS

Is an international nonprofit organization that focuses on developing and distributing standards that relate to electricity and electronics

Must memorize these two:
802.3: Deals with the ethernet (The general wire you use to connect to the internet, ya know the internet port. The hardware to computer. )
802.11: Wireless LAN.
Has the largest number of members of any technical professional organization in the world

Supports 39 societies that focus activities on specific technical areas, including magnetics, photonics, and computers

Provides training and educational opportunities covering a wide number of engineering topics

Standards are managed by the IEEE Standards Association (IEEE-SA)

International Telecommunication Union Telecommunication Sector (ITU-T)

Is a United Nations agency responsible for managing and promoting information and technology issues(HARDWARE!!!!)

International standards for the internet, United Nations Agency* REMEMBER THAT.
Two standards you must memorize:
X.509: The international standard by the United Nations for public key infrastructure. Certificiate of authority, public/private keys, digital signatures, etc.
X.25: The
international standard
by the United Nations for packet switching(routing things) it entails layer 3 of the OSI model. The standard for routing of packets thru the internet system.

Performs all ITU standards work and is responsible for ensuring the efficient and effective production of standards covering all fields of telecommunications for all nations

Divides its recommendations into 26 separate series, each bearing a unique letter of the alphabet

•For example, switching and signaling recommendations are in the Q series

American National Standards Institute (ANSI)** must know on exam

Strives to ensure the safety and health of consumers and the protection of the environment. Note this is a national standard

**Began the code for computing, they created bits from characters using the English language. It became a problem when globalization happened. ANSI is not sufficient with all these diff languages.

Problem: It is designed for America/english language. A new standard replaced this that allows for different languages.

Oversees the creation, publication, and management of many standards and guidelines that directly affect businesses in nearly every sector

Is composed of government agencies, organizations, educational institutions, and individuals

Produces standards that affect nearly all aspects of IT but primarily software development and computer system operation

ETSI Cyber Security Technical Committee (TC CYBER)

Develops standards for information and communications technologies (ICT) that are commonly adopted by member countries in the European Union (EU)

Just Know that we have a special committee with standards for security of the internet.

Standards cover both wired and various wireless communication technologies

Cyber Security Technical Committee, called TC CYBER, centralizes all cybersecurity standards within ETSI committees

Standards focus on security issues related to the Internet and the business communications it transports

ISO/IEC 27002** MUST MEMORIZE!

Supersedes ISO 17799 - REPLACES IT !

International security standards for almost everything(Crypotgraphy, access control, policies, physical security, human resources security, operational security, compliance.. etc)

Directs its recommendations to management and security personnel responsible for information security management systems

Expands on its predecessor by adding two new sections and reorganizing several others

Payment Card Industry Data Security Standard (PCI DSS)

12 standards for credit card security. Required by credit card industry not by actual law though.

Chief Info Sec Officer (CISO)

-strategic
Must know technology, planning, policy.
Business engagement
Initiatives
Align, target & time
Service delivery
Credibility
Relationship management
Must have good people skills and communication skills. Always ask WHY.

Security Manager

-tactical
Duties - policy development, risk assessment contingency planning, operational & tactical planning
Liaise -- with other managers from other dept.
Responsible & accountable for tasks.

Security Technician

Configure firewalls & IDSs
Implement security software
Diagnose & troubleshoot problems
Coordinate with sys & net Admin
Entry-levelTechnical knowledge & skills

ISC^2 Certifications

International Information Systems Security Certification Consortium

Certified Information Systems Security Professional (CISSP)
•Pass exam and have 4-5 years of work experience
•Top Management decisions

•System Security Certified Practitioner (SSCP)
•Practices, roles, & responsibilities

SANS Certifications

System Administrator, Networking, and Security (SANS) Institute

Respected organization in security. One of their certifications is the:
Several Global Information AssuranceCertifications (GIAC)

Give out security courses as well.

CompTIA Certifications

•Computing Technology Industry Association(Comp TIA)
•Security+Technical: How and what

This organization has taken over AITP and are industry certifications. For ex: Security+ is something they teach on the how and what.

ISO/IEC 27001

Defines the mandatory requirements for an information security management system
(ISMS).

Whereas 27002 indicates a suitable information security controls within the ISMS.

So 27001 is about Management more so, and 27002 is about details.

Certification

You have the knowledge (Proficiency)

Licensed

Permission from the govt to do something.

Accreditation

It's recognized and approved.

Which organization promotes technology issues as an agency of the United Nations?

What federal agency is charged with the mission of promoting US innovation and industrial?

Which Institute of Electrical and Electronics Engineers IEEE standard covers wireless LANs quizlet?

What series of special publications does the National Institute of Standards and Technology?