Attached below you will find an example of a policy (created by SANS “Creating a Policy.pdf”) for various cybersecurity functions in an organization. Using this policy guide, and your knowledge of the CMMC domains, create a policy for an area SPECIFIC to GBI. Do not give me a generic policy, but look at the CMMC and devise a policy…
The policy should follow the outlined guidance and be approximately 1-2 pages
Create a Policy for the CMMC Framework
Writing a policy is an essential task for any security professional
to know how to generate, update, build, and follow. The below
framework for a policy is broken down into eight parts.
1. Overview
o State the overview of what this policy covers.
2. Purpose
o State why this policy exists and its purpose
3. Scope
o Who and what does this apply to?
4. Policy
o The policy itself.
o Guidelines
o Rules for having the policy
5. Policy Compliance
o How will it be verified that the policy is being meet?
6. Related Standards, Policies, and Processes
o If any
7. Definitions and Terms
o If any
8. Revision History
o The date and summary of what changed since the last
edit.
Consensus Policy Resource Community
Password Protection Policy
Free Use Disclaimer: This policy was created by or for the SANS Institute for the
Internet community. All or parts of this policy can be freely used for your organization.
There is no prior approval required. If you would like to contribute a new policy or
updated version of this policy, please send email to policy-resources@sans.org.
Last Update Status: Updated October, 2017
1. Overview
Passwords are an important aspect of computer security. A poorly chosen password may result
in unauthorized access and/or exploitation of our resources. All staff, including contractors and
vendors with access to
steps, as outlined below, to select and secure their passwords.
2. Purpose
The purpose of this policy is to establish a standard for creation of strong passwords and the
protection of those passwords.
3. Scope
The scope of this policy includes all personnel who have or are responsible for an account (or
any form of access that supports or requires a password) on any system that resides at any
public
4. Policy
4.1 Password Creation
4.1.1 All user-level and system-level passwords must conform to the Password Construction
Guidelines.
4.1.2 Users must use a separate, unique password for each of their work related accounts.
Users may not use any work related passwords for their own, personal accounts.
4.1.3 User accounts that have system-level privileges granted through group memberships or
programs such as sudo must have a unique password from all other accounts held by that
user to access system-level privileges. In addition, it is highly recommend that some
form of multi-factor authentication is used for any privileged accounts
4.2 Password Change
4.2.1 Passwords should be changed only when there is reason to believe a password has been
compromised.
4.2.2 Password cracking or guessing may be performed on a periodic or random basis by the
Infosec Team or its delegates. If a password is guessed or cracke
Why Choose Us
- 100% non-plagiarized Papers
- 24/7 /365 Service Available
- Affordable Prices
- Any Paper, Urgency, and Subject
- Will complete your papers in 6 hours
- On-time Delivery
- Money-back and Privacy guarantees
- Unlimited Amendments upon request
- Satisfaction guarantee
How it Works
- Click on the “Place Order” tab at the top menu or “Order Now” icon at the bottom and a new page will appear with an order form to be filled.
- Fill in your paper’s requirements in the "PAPER DETAILS" section.
- Fill in your paper’s academic level, deadline, and the required number of pages from the drop-down menus.
- Click “CREATE ACCOUNT & SIGN IN” to enter your registration details and get an account with us for record-keeping and then, click on “PROCEED TO CHECKOUT” at the bottom of the page.
- From there, the payment sections will show, follow the guided payment process and your order will be available for our writing team to work on it.