Network Vulnerability Assessment Methodology 51
17799
1
addresses as a minimum of concern for the area of technical network
security. The Generally Accepted System Security Principles (GASSP), NIST
Special Publication 800-14, do not specifically address network security. Addi-
tional information and guidelines can be obtained by accessing the NIST Web
site (csrc.nist.gov/publications/nistpubs/) and reviewing the 800 Series (refer
to Appendix D for a list of NIST 800 Series publications).
Network Vulnerability Assessment Methodology
The NVA methodology outlines the steps that security professionals should
follow when performing an NVA. This methodology demonstrates a commit-
ment to the requirements of the International Standards for Information Secu- ...