Trackr.Live The landing site for Trackr Services
§ Author
Author

Robert Weber

AT

AT-6: Training Feedback

RMF Control AT-6: Training Feedback requires organizations to solicit and incorporate feedback from personnel to continually improve the effectiveness of information security and privacy training. Supplemental Guidance The Risk Management Framework (RMF) is a cybersecurity framework that provides a process for managing cybersecurity risk to systems and organizations. RMF Control AT-6: Training Feedback is one …

·
AT

AT-5: Contacts with Security Groups and Associations

RMF Control AT-5: Contacts with Security Groups and Associations requires organizations to establish and institutionalize contact with selected groups and associations within the security community to facilitate ongoing security education and training for organizational personnel; maintain currency with recommended security practices, techniques, and technologies; and share current security-related information including threats, vulnerabilities, and incidents. Supplemental …

·
AT

AT-4: Training Records

RMF Control AT-4: Training Records requires organizations to document and monitor individual information security and privacy training activities, including security and privacy awareness training and specific role-based security and privacy training; and retain individual training records for [Assignment: organization-defined time period]. Supplemental Guidance The Risk Management Framework (RMF) is a cybersecurity framework that provides a …

·
AT

AT-3: Role-based Training

RMF Control AT-3: Role-based training requires organizations to provide training and awareness to personnel on information security and the protection of Controlled Unclassified Information (CUI), based on their roles and responsibilities. The training should include: Supplemental Guidance The Risk Management Framework (RMF) is a cybersecurity framework that provides a process for managing cybersecurity risk to …

·
AT

AT-2: Literacy Training and Awareness

RMF Control AT-2: Literacy Training and Awareness requires organizations to provide training and awareness to personnel on information security and the protection of Controlled Unclassified Information (CUI), including: Supplemental Guidance The Risk Management Framework (RMF) is a cybersecurity framework that provides a process for managing cybersecurity risk to systems and organizations. RMF Control AT-2: Literacy …

·
AT

AT-1: Policy and Procedures

RMF Control AT-1: Policy and Procedures requires organizations to develop, document, and disseminate to organization-defined personnel or roles: Supplemental Guidance The Risk Management Framework (RMF) is a cybersecurity framework that provides a process for managing cybersecurity risk to systems and organizations. RMF Control AT-1: Policy and Procedures is one of the controls in the AT …

·
Cryptography

Data Obfuscation

Data obfuscation is the process of modifying data to make it unreadable or incomprehensible to unauthorized users, while still retaining its value for authorized users. It is a technique that can be used to protect sensitive data from being accessed or stolen by unauthorized individuals. There are a number of different data obfuscation techniques that …

·
Policies

Software Assurance

Software assurance (SwA) is a process of ensuring that software meets its security and quality requirements throughout its lifecycle. It is a critical part of any software development process, and it can help to protect organizations from a variety of risks, including: Software Assurance Requirements The requirements for software assurance vary depending on the organization …

·
Virtualization

Docker Containers

Docker containers are a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries and settings. Containers are isolated from each other and share the underlying operating system kernel, which makes them very efficient in terms of resource usage. Benefits of using Docker containers Docker …

·
Policies

Ansible Configuration Management

Ansible is a powerful open-source automation platform that can be used to manage and configure enterprise systems at scale. It is a popular choice for enterprise configuration management because it is easy to use, scalable, and extensible. Ansible uses a simple YAML-based language to define configurations and playbooks. Playbooks are scripts that define the steps …

·