Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

HomeWork-Network Security Certification and Accreditation for commercial systems

Posted on 2011-03-20
2
Medium Priority
?
563 Views
Last Modified: 2012-06-27
Hello:
I am interested in learning how does the C&A, DIACAP processes improves commercial systems?
Please refer to assignment question below.

Question:
Do you think a formal process like Certification & Accreditation is appropriate to use for commercial systems in private industry (Why or Why Not)? What are the important parts of C&A to carry over to the commercial sector? Alternatively, what are some examples of  security review processes used in companies before putting a system into use. What are the pros and cons of this in contrast to Department of Defense Information Assurance Certification and Accreditation Process (DIACAP)?
0
Comment
Question by:Sundayy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 31

Accepted Solution

by:
Justin Owens earned 2000 total points
ID: 35182711
I would never, never run a DIACAP scan on a commercial network.  It would fail utterly.  DIACAP already knows that the DoD network would fail that same scan, thus the STIG Waiver process is in existance.  While there is certainly advantages to having your network independtly tested for networthiness, I would not use a DoD level scan as the benchmark to use.  First, your network would fail the test.  Second, if it passed, it would be unusable (DIACAP without Waiver doesn't allow for Exchange, SQL, AD, or most communications server to server).  

It has been a while since I have worked on a non-DoD network, so I am not certain what would be a good source for certification of networthiness on the private (commercial) sector.

DrUltima
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn how ViaSat reduced average response times for IT incidents from 10 minutes to 30 seconds.
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

598 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question