-- RETURN TO TOP --
Strategies and Plans
- Policy Documents at the Computer Security Resource Center (CSRC), NIST - including
- OMB Memo: E-authentication Guidance for Federal Agencies
- Cyber Security R&D Act
- Critical Infrastructure Protection in the Information Age, Executive Order, October 16, 2001
- Computer Security Act of 1987, P.L. 100-235
- OMB Circular No. A-130 - Management of Federal Information Resources
- Appendix III to OMB Circular No. A-130 - Security of Federal Automated Information Resources "establishes a minimum set of controls to be included in Federal automated information security programs; assigns Federal agency responsibilities for the security of automated information; and links agency automated information security programs and agency management control systems established in accordance with OMB Circular No. A-123"
- Executive Guide, Information Security Management -
Learning From Leading Organizations, US General Accounting Office guide
- United States Computer Emergency Readiness Team (US-CERT) "is the central coordination and analysis facility dealing with computer security related issues affecting the civilian agencies and departments of the Federal Government"
- CERT Coordination Center, Carnegie Mellon University, "a federally funded research and development center" ... "We study Internet security vulnerabilities, handle computer security incidents, publish security alerts, research long-term changes in networked systems, and develop information and training to help you improve security at your site."
- Denial of Service Attacks, CERT Coordination Center, Carnegie Mellon University, explains DoS attacks and various modes used, as well as prevention and response actions to be taken
- WWW.CYBERCRIME.GOV, Computer Crime and Intellectual Property Section (CCIPS) of the Criminal Division of the US Dept of Justice
- Computer Security Resource Center (CSRC), National Institute of Standards and Technology (NIST) -- includes resources for crytology, security testing, emerging technologies, security management, education and training
- NSA's Information Assurance Directorate "provides the Solutions, Products and Services, and conducts Defensive Information Operations, to achieve Information Assurance for information infrastructures critical to U.S. National Security interests."