|
1.
|
Clear description of the referenced document:
|
|
|
|
|
2.
|
Status of approval:
|
|
|
Approved; Published in October 2016
|
|
3.
|
Justification for the specific reference:
|
|
|
The referenced document is the text on which draft Recommendation X.fstiscv is based
|
|
4.
|
Current information, if any, about IPR issues:
|
|
|
Some information may be available in the NIST Patents Database that can be accessed through https://www.nist.gov/tpo/patents.
|
|
5.
|
Other useful information describing the "Quality" of the document:
|
|
|
This referenced document is an approved and published NIST standard. It has been publicly and internally reviewed before publication.
|
|
6.
|
The degree of stability or maturity of the document:
|
|
|
Stable document since 2016.
|
|
7.
|
Relationship with other existing or emerging documents:
|
|
|
None
|
|
8.
|
Any explicit references within that referenced document should also be listed:
|
|
|
[SP 800-61r2] NIST Special Publication (SP) 800-61, Revision 2, Computer Security Incident Handling Guide, August 2012./
[SP 800-30r1] NIST Special Publication (SP) 800-30, Revision 1, Guide for Conducting Risk Assessments, September 2012./
[SP 800-122] NIST Special Publication (SP) 800-122, Guide to Protecting the Confidentiality of Personally Identifiable Information(PII), April 2010/
[SP 800-53r4] NIST Special Publication (SP) 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, April 2013 (updated 01-22-2015)./
[TLP] FIRST, Traffic Light Protocol (TLP): FIRST Standards Definitions and Usage Guidance –Version 1.0, September 2016./
[APWG] Anti-Phishing Working Group. https://github.com/patcain/ecrisp/tree/master/schemas/apwg [accessed 9/30/2016]/
[IR 7435] NIST Interagency or Internal Report (IR) 7435, The Common Vulnerability Scoring System (CVSS) and Its Applicability to Federal Agency Systems, August 2007./
[SP 800-86] NIST Special Publication (SP) 800-86, Guide to Integrating Forensic Techniques into Incident Response, August 2006./
[SP 800-88r1] NIST Special Publication (SP) 800-88, Revision 1, Guidelines for Media Sanitization, December 2014./
[SP 800-94] NIST Special Publication (SP) 800-94, Guide to Intrusion Detection and Prevention Systems (IDPS) February 2007./
[SP 800-137] NIST Special Publication (SP) 800-137, Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations, September 2011./
[SP 800-171] NIST Special Publication (SP) 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, June 2015 (updated 01-14-2016)./
[ISAO] ISAO Standards Organization, Information Sharing and Analysis Organization Standards Organization Product Outline v0.2, May 2, 2016./
[IR 7298r2] NIST Interagency or Internal Report (IR) 7298, Revision 2, Glossary of Key Information Security Terms, May 2013./
[SP 800-83r1] NIST Special Publication (SP) 800-83, Revision 1, Guide to Malware Incident Prevention and Handling for Desktops and Laptops, July 2013.
|
|
9.
|
Qualification of
NIST:
|
|
|
Qualification of NIST: NIST is recognized under the provisions of ITU-T Recommendation A.5. Qualifying information is on file in TSB.
|
|
10.
|
Other (for any supplementary information):
|
|
|
None
|
|
