Solved

HomeWork-Network Security Certification and Accreditation for commercial systems

Posted on 2011-03-20
2
550 Views
Last Modified: 2012-06-27
Hello:
I am interested in learning how does the C&A, DIACAP processes improves commercial systems?
Please refer to assignment question below.

Question:
Do you think a formal process like Certification & Accreditation is appropriate to use for commercial systems in private industry (Why or Why Not)? What are the important parts of C&A to carry over to the commercial sector? Alternatively, what are some examples of  security review processes used in companies before putting a system into use. What are the pros and cons of this in contrast to Department of Defense Information Assurance Certification and Accreditation Process (DIACAP)?
0
Comment
Question by:Sundayy
2 Comments
 
LVL 31

Accepted Solution

by:
DrUltima earned 500 total points
ID: 35182711
I would never, never run a DIACAP scan on a commercial network.  It would fail utterly.  DIACAP already knows that the DoD network would fail that same scan, thus the STIG Waiver process is in existance.  While there is certainly advantages to having your network independtly tested for networthiness, I would not use a DoD level scan as the benchmark to use.  First, your network would fail the test.  Second, if it passed, it would be unusable (DIACAP without Waiver doesn't allow for Exchange, SQL, AD, or most communications server to server).  

It has been a while since I have worked on a non-DoD network, so I am not certain what would be a good source for certification of networthiness on the private (commercial) sector.

DrUltima
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Suddenly lost internet connection on network 44 108
Backup UPS - email alert 3 114
Palo Alto Networks Global Protect 2 102
gns3 - switchport trunk allow vlan error 4 48
AWS has developed and created its highly available global infrastructure allowing users to deploy and manage their estates all across the world through the use of the following geographical components   RegionsAvailability ZonesEdge Locations  Wh…
Introduction This article is the last of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers our test design approach and then goes through a simple test case example, how …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now