Scribd Logo
Upload

Welcome to Scribd!

  • Module2 Lab Application of RMF Steps 1 and 2

    Uploaded by

    Mohammad H. Lawand
    22 views2 pages

    Original Title

    Module2_Lab_Application_of_RMF_Steps_1_and_2

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    22 views2 pages

    Module2 Lab Application of RMF Steps 1 and 2

    Uploaded by

    Mohammad H. Lawand

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    MODULE 2 – APPLIED STANDARDS AND

    CYBERSECURITY RISK MANAGEMENT


    CYBERSECURITY FRAMEWORK AND DOD RISK
    MANAGEMENT FRAMEWORK

    APPLICATION OF RMF STEPS 1 AND 2


    Lab Description: In this lab, students will employ RMF steps 1 and 2
    according to a hypothetical case study. The student will select appropriate
    information types for step 1, and security controls for step 2.

    Lab Environment: The students should have accessed the documents of


    NIST SP 800-60 volume 1 and NIST SP 800-53 which are covered in the
    micro module.

    Lab Files that are Needed: Student will need security controls from NIST
    SP 800-53, and mission areas and information types from NIST SP 800-60.

    LAB EXERCISE: A HYPOTHETICAL CASE


    5 days ago, a hurricane hit the southern part of the country, and
    thousands of people left without adequate sanitary water, power, medicine,
    and communication means. There is also low likely but potential vandalism
    threat due to lack of food. Salty ocean water washed down the freshwater
    resources which substantially affected the amount of local fresh water in
    the area. Storm damage leaves roads closed: 90% percent of the houses
    are now accessible, but limited resources are available to remove the trees
    that block the roads. Power restoring efforts started, but there is a
    potential risk of electric shock to humans due to damaged wires.

    A task force from several federal agencies and local organizations has been
    deployed for disaster relief and humanitarian aid. A response and recovery
    control center (RRCC) is set up, and a mobile emergency response support
    unit is established. Voice and data communications network is provided
    through truck-based mobile communication hubs and personal mobile
    devices. Trucks also provide drone support to the personnel to access and
    Page | 1

    This document is licensed with a Creative Commons Attribution 4.0 International License ©2017
    evaluate the environment. As the Chief Information Officer of the Mobile
    Emergency Response Support Unit, you report to Head of RRCC, and you
    are responsible for establishing, maintaining and sustaining the task force
    network.

    Apply Risk Management Framework step 1 and 2 to identify the information


    types and select security controls. Select 6 appropriate information types
    from the list and 4 security controls.

    WHAT TO SUBMIT

    Submit your answers with a PDF or Word document.

    Page | 2

    This document is licensed with a Creative Commons Attribution 4.0 International License ©2017 Catalyzing Computing and Cybersecurity in
    Community Colleges (C5).

    You might also like