Description
Your project manager is dividing this task up into several team members. You need to focus on access control, identification and authentication, incident response and risk assessment family requirements. Extract the basic, derived and enhanced requirements for each of these security families from the NIST documents. You only need to extract the identification number (e.g. 3.1.1) and requirement for each. For example, for the Access Control family, the following basic, derived and enhanced security requirements should be included in your report.Fortunately, you have access to the NIST SP 800-172 Enhanced Security Requirements for Protecting Controlled Unclassified Information document which you can use in conjunction with basic and derived security requirements found in the NIST SP 800-171 r2The risk assessment plan should be two to three pages and discuss the technologies associated cyber threat hunting along with specific tools and processes recommendations to help protect the Python-based application. Discuss the cloud infrastructure where the application will reside and specific tools within the cloud that may help in threat hunting.The risk assessment plan should also discuss the issues and remediation associated with supply chain risks for the Python-based application.
