Vulnerability Scanning Standard

Student Name:

Date:

Part 1: Vulnerability Scanning Standard

Locate and read the Vulnerability Scanning Standard in the NIST Cybersecurity Framework Policy Template Guide. Research online for a real-world implementation example of the standard/policy and compare it with the NIST policy template side by side.

Answer the following questions clearly and systemically in this Word document. Make sure to include a References section toward the end of the document.

  1. The Vulnerability Scanning Standard is implemented for which NIST function and sub-categories? [5 points]

Answer:

  1. Which organization is the implementation example you identified for? Which industry sector (e.g., education, government, etc.) is the organization in? [5 points]

Answer:

  1. What is the purpose of the example standard/policy? Which party (parties) does the standard/policy apply to? Who is/are responsible for implementing this policy? [5 points]

Answer:

  1. As compared to the NIST policy template, how is the example standard/policy customized to fit the needs of the organization? Describe two occurrences of customization in detail. [10 points]

Answer:

  1. If specified in the example standard/policy, what criteria are defined to verify the organization’s compliance to the policy? If not specified in the example standard/policy, what are your recommendations? [5 points]

Answer:

 

 

 

 

 

Part 2: Encryption Standard

 

Locate and read the Encryption Standard in the NIST Cybersecurity Framework Policy Template Guide. Research online (e.g., security policy encryption standard) for a real-world implementation example. Research online for a real-world implementation example of the standard/policy and compare it with the NIST policy template side by side.

 

Answer the following questions clearly and systemically in the Word document. Make sure to include a References section toward the end of the document.

 

  1. The Encryption Standard is implemented for which NIST function and sub-categories? [5 points]

 

Answer:

 

  1. Which organization is the implementation example you identified for? Which industry sector (e.g., education, government, etc.) is the organization in? [5 points]

 

Answer:

 

  1. What is the purpose of the example standard/policy? Which party (parties) does the standard/policy apply to? Who is/are responsible for implementing this standard/policy? [5 points]

 

Answer:

 

  1. As compared to the NIST policy template, how is the example policy customized to fit the needs of the organization? Describe two occurrences of customization in detail. [10 points]

 

Answer:

 

  1. If specified in the example standard/policy, what criteria are defined to verify the organization’s compliance to the policy? If not specified in the example standard/policy, what are your recommendations? [5 points]

 

Answer:

 

 

References

 

1.

2.