CYB_300_4-4_Milestone_Joshua_Minnick
.docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
300
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
5
Uploaded by CommodoreWombatMaster597
CA Server Root Certificate Requirements Checklist (CA-1)
Requirements
A.
Identify information systems that support organizational missions/business functions
B.
Identify and select the following types of information system accounts that support organizational missions/business functions: [
administrative, service
]
C.
Identify authorities from each department for root certificate assignment approval
D.
Secure protocols used, TLS v1.2
E.
Client renegotiation disabled
F.
Account notification to CA authorities:
a.
When user or system accounts are terminated
b.
When individual information system usage changes
c.
When account inactivity is for a period of 90 days
G.
Authorize root certificate assignment for information systems based on:
a.
A valid access authorization
b.
Other attributes as required by the organization or associated missions/business functions
H.
Automatic Certificate Revocation will occur when:
a.
The user’s employment is terminated.
b.
There are significant changes to the user’s job duties.
c.
The certificate is associated with any attempt to access unauthorized data.
d.
Upon the third failed logon attempt.
I.
Encryption will be completed by PKI infrastructure using the AE 256 algorithm.
J.
Certificates will have a validity period of 12 months from the date of issuance. 1
CA-1 Root Certificate Requirements
Requirements
Support organizational missions: Will create the ability to encrypt and decrypt data as needed to ensure the security of propriety information as well as user data and personal information of employees. Will allow users within the organization to securely pass information without fear of interception or detection by anyone outside of the organization or within the organization not holding the proper authorization to view such data.
Parameter CA-1(D): Transport Layer Security will be TLS version 1.3
Parameter CA-1(E): Renegotiation will not be required with the use of TLS version 1.3
Implementation Status (check all that apply):
Implemented
☒
Partially implemented
☐
Planned
☐
Alternative implementation
☐
Not applicable
☐
Control Origination (check all that apply):
Organization
☐
IT system specific
☒
☐
Hybrid (organization and IT system specific)
2
Control Overview
3
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help