National Institute of Standards and Technology (NIST)*must know the ones with stars, otherwise just know general info about it. Show
Federal agency within the U.S. Federal standards. (Department of Commerce) Nist 1000 Mission is to "promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life" Provides standards for measurement and technology on which nearly all computing devices rely Maintains the atomic clock that keeps the United States' official time International Organization for Standardization (ISO)**must know Nongovernmental international organization Created the OSI Reference model and deals with networks. ISO Gives us OSI. Top layers deal with applications like webbrowsers, 5,4,3 deal with operating system like windows 10. Layer 1/2 deals with hardware Two international standards I must know: Two international standards I must know ! ^ Is a network of 161 national standards institutes Best-known ISO standard is the Open Systems Interconnection (OSI) Reference Model International Electrotechnical Commission (IEC) Works with the ISO Deals with electronic standards and electronics. All you need to know. Is the preeminent organization for developing and publishing international standards for technologies related to electrical and electronic devices and processes Standards address a wide variety of
areas: Internet Engineering Task Force (IETF) Develops and promotes Internet standards Organization that oversees the internet with standards. Works closely with the W3C and ISO/IECIs a collection of working groups (WGs), with each group addressing a specific topic World Wide Web Consortium (W3C) Is the main international standards organization for the World Wide Web Provides standards for webpages, such as HTML, XML, ETC. Request for Comments (RFC)*MUST MEMORIZE A document that ranges from a simple memo to several standards documents Basically a document requesting for comments on things, what's your comment about html, etc. RFC model allows input from many sources; encourages collaboration and peer review Only some RFCs specify standards RFCs never change RFCs may originate with other organizations RFCs that define formal standards have four stages: Institute of Electrical and Electronics Engineers (IEEE) *MUST KNOW 2 STANDARDS Is an international nonprofit organization that focuses on developing and distributing standards that relate to electricity and electronics Must memorize these two: Supports 39 societies that focus activities on specific technical areas, including magnetics, photonics, and computers Provides training and educational opportunities covering a wide number of engineering topics Standards are managed by the IEEE Standards Association (IEEE-SA) International Telecommunication Union Telecommunication Sector (ITU-T) Is a United Nations agency responsible for managing and promoting information and technology issues(HARDWARE!!!!) International standards for the internet, United Nations Agency* REMEMBER THAT. Performs all ITU standards work and is responsible for ensuring the efficient and effective production of standards covering all fields of telecommunications for all nations Divides its recommendations into 26 separate series, each bearing a unique letter of the alphabet •For example, switching and signaling recommendations are in the Q series American National Standards Institute (ANSI)** must know on exam Strives to ensure the safety and health of consumers and the protection of the environment. Note this is a national standard **Began the code for computing, they created bits from characters using the English language. It became a problem when globalization happened. ANSI is not sufficient with all these diff languages. Problem: It is designed for America/english language. A new standard replaced this that allows for different languages. Oversees the creation, publication, and management of many standards and guidelines that directly affect businesses in nearly every sector Is composed of government agencies, organizations, educational institutions, and individuals Produces standards that affect nearly all aspects of IT but primarily software development and computer system operation ETSI Cyber Security Technical Committee (TC CYBER) Develops standards for information and communications technologies (ICT) that are commonly adopted by member countries in the European Union (EU) Just Know that we have a special committee with standards for security of the internet. Standards cover both wired and various wireless communication technologies Cyber Security Technical Committee, called TC CYBER, centralizes all cybersecurity standards within ETSI committees Standards focus on security issues related to the Internet and the business communications it transports ISO/IEC 27002** MUST MEMORIZE! Supersedes ISO 17799 - REPLACES IT ! International security standards for almost everything(Crypotgraphy, access control, policies, physical security, human resources security, operational security, compliance.. etc) Directs its recommendations to management and security personnel responsible for information security management systems Expands on its predecessor by adding two new sections and reorganizing several others Payment Card Industry Data Security Standard (PCI DSS) 12 standards for credit card security. Required by credit card industry not by actual law though. Chief Info Sec Officer (CISO) -strategic Security Manager -tactical Security Technician Configure firewalls & IDSs ISC^2 Certifications International Information Systems Security Certification Consortium Certified Information Systems Security Professional (CISSP) •System Security Certified Practitioner (SSCP) SANS Certifications System Administrator, Networking, and Security (SANS) Institute Respected organization in security. One of their
certifications is the: Give out security courses as well. CompTIA Certifications •Computing Technology Industry Association(Comp TIA) This organization has taken over AITP and are industry certifications. For ex: Security+ is something they teach on the how and what.
ISO/IEC 27001 Defines the mandatory requirements for an information security management system Whereas 27002 indicates a suitable information security controls within the ISMS. So 27001 is about Management more so, and 27002 is about details. Certification You have the knowledge (Proficiency) Licensed Permission from the govt to do something. Accreditation It's recognized and approved. Which organization promotes technology issues as an agency of the United Nations?The International Telecommunication Union (ITU) is the United Nations specialized agency for information and communication technologies – ICTs.
What federal agency is charged with the mission of promoting US innovation and industrial?The Department of Commerce is the government agency tasked with improving living standards for all Americans by promoting economic development and technological innovation.
Which Institute of Electrical and Electronics Engineers IEEE standard covers wireless LANs quizlet?Which Institute of Electrical and Electronics Engineers (IEEE) standard covers wireless LANs? Explanation: The IEEE 802.11 series of standards covers wireless LAN technology, including 802.11a, 802.11b, 802.11g, 802.11n, and 802.11ac.
What series of special publications does the National Institute of Standards and Technology?Publications in NIST's Special Publication (SP) 800 series present information of interest to the computer security community. The series comprises guidelines, recommendations, technical specifications, and annual reports of NIST's cybersecurity activities.
|