Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Is there any acquisition guidance for COTS products under NSTISSP #11?

acquisition COTS guidance nstissp products
0
Posted

Is there any acquisition guidance for COTS products under NSTISSP #11?

0 CommentsAdd a Comment

1 Answer

0

Acquisition guidance for COTS products that contain cryptographic modules used by the U.S. Government to protect UNCLASSIFIED information within computer and telecommunications systems has not changed. NSTISSAM INFOSEC/1-00, dated 8 FEB 2000, is the Advisory Memorandum for the Use of FIPS 140 Validated Cryptographic Modules in Protecting Unclassified National Security Systems. FIPS 140 is applicable to all Federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems) as defined in Section 5131 of the Information Technology Management Reform Act of 1996, Public Law 104-106. This standard shall be used in designing and implementing cryptographic modules that Federal departments and agencies operate or are operated for them under contract. Cryptographic modules that have been approved for classified use may be used in lieu of modules that have been validated against this standard. For FIP

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.