Download Free Smadav 2010 Rev. 8.0
Smadav Free and Smadav Prof is one of Indonesian Anti Virus software that have good reputation to remove the local (Indonesian) made antivirus. The latest version is 12 Januari 2010. For more information visit the official Smadav Antivirus website located at http://www.smadav.net/
Click here to download the file
smadav80.zip size 421KB
The NSA Certified Information Security Assessment Methodology (NSA IAM) is an information security assessment methodology that baselines assessment activities. It breaks information security assessments into three phases: pre-assessment, on-site activities, and post-assessment. Each of these phases contains mandatory activities to ensure information security assessment consistency. It is important to note, however, that NSA IAM assessments consist of only documentation review, interviews, and observation. There is no testing done during an NSA IAM assessment. The NSA released the INFOSEC Evaluation Methodology to baseline testing activities.
I. Pre-assessment Phase
The purpose of the pre-assessment phase is to define customer requirements, set the assessment scope and determine assessment boundaries, gain an understanding of the criticality of the customer's information, and create the assessment plan. The NSA IAM measures both organizational information criticality and system information criticality. Organizational information consists of the information required to perform major business functions. System information then is identified by analyzing the information that is processed by the systems that support the major business functions.
On-Site Activities Phase
FISMA is the US Government Federal Information Security Management Act. It was passed by congress and signed into law in December of 2002 as part of the E-Government Act in order to address the issue of the information security of all US Government agencies. The US Government agency NIST, the National Institute of Standards and Technology, provides a framework to aid agencies in implementing the programs for compliance with FISMA in the form of several standards, requirements, guidelines and recommendations documents.
Data Loss Prevention (DLP) is series of concept which also known as:
- Data Loss Prevention/Protection
- Data Leak Prevention/Protection
- Information Loss Prevention/Protection
- Information Leak Prevention/Protection
- Extrusion Prevention
- Content Monitoring and Filtering
- Content Monitoring and Protection
1. IT Security Risk Identification
- What IT services are being provided to the organization related to cyber security or FISMA compliance (e.g., externally facing Internet systems, systems that have personally identifiable information (PII), etc.)?
- What are the organizational and IT units, and how are they managed (e.g., the centralized IT services group, an IT outsourcer, etc.)?
- What are the other relevant regulatory and contractual requirements for the organization process (e.g., HIPAA, NERC, interagency agreements, contractual service level agreements, the Freedom of Information Act (FOIA), etc.)?
- What technologies and IT processes are being used for an in-scope asset (e.g., Microsoft Windows Server, Sun Solaris, Oracle, Microsoft SQL Server, etc.)?
- Are there any high-level risk indicators from the past to be aware of (e.g., repeat audit findings, frequent outages, etc.)