Part 1: Vulnerability Scanning Standard

Locate and read the Vulnerability Scanning Standard in the NIST Cybersecurity Framework Policy

1. The Vulnerability Scanning Standard is implemented for which NIST function and sub-categories?

Answer:

2. Which organization is the implementation example you identified for? Which industry sector (e.g., education, government, etc.) is the organization in?

Answer:

3. What is the purpose of the example standard/policy? Which party (parties) does the standard/policy apply to? Who is/are responsible for implementing this policy?

Answer:

4. As compared to the NIST policy template, how is the example standard/policy customized to fit the needs of the organization? Describe two occurrences of customization in detail.

Answer:

5. If specified in the example standard/policy, what criteria are defined to verify the organizations compliance to the policy? If not specified in the example standard/policy, what are your recommendations?

Answer:

Part 2: Encryption Standard

Locate and read the Encryption Standard in the NIST Cybersecurity Framework Policy

1. The Encryption Standard is implemented for which NIST function and sub-categories?

Answer:

2. Which organization is the implementation example you identified for? Which industry sector (e.g., education, government, etc.) is the organization in?

Answer:

3. What is the purpose of the example standard/policy? Which party (parties) does the standard/policy apply to? Who is/are responsible for implementing this standard/policy?

Answer:

4. As compared to the NIST policy template, how is the example policy customized to fit the needs of the organization? Describe two occurrences of customization in detail.

Answer:

5. If specified in the example standard/policy, what criteria are defined to verify the organizations compliance to the policy? If not specified in the example standard/policy, what are your recommendations?

Answer:

References

1.

2.

3.