Office of Operations
21st Century Operations Using 21st Century Technologies
Table of Contents

Transportation Management Center Information Technology Security

APPENDIX C: REFERENCES

Center for Internet Security (CIS), "CIS Controls V7.1 Mapping to NIST CSF." Retrieved from: https://www.cisecurity.org/white-papers/cis-controls-v7-1-mapping-to-nist-csf/

Center for Internet Security (CIS), "CIS Controls Version 7.1," 2019. Retrieved from: https://www.cisecurity.org/controls/

Department of Homeland Security (DHS), "Critical Infrastructure Sectors," 2013. Retrieved from: https://www.dhs.gov/cisa/critical-infrastructure-sectors

Department of Homeland Security (DHS), "Cyber Resilience Review (CRR): NIST Cybersecurity Framework Crosswalks," 2016. Retrieved from: https://www.us-cert.gov/sites/default/files/c3vp/csc-crr-nist-framework-crosswalk.pdf

Department of Homeland Security (DHS), "Cyber Security Procurement Language for Control Systems," 2009. Retrieved from: https://ics-cert.us-cert.gov/sites/default/files/documents/Procurement_Language_Rev4_100809_S508C.pdf

NIST, "FIPS 199 Standards for Security Categorization of Federal Information and Information Systems," 2004. Retrieved from: https://csrc.nist.gov/publications/detail/fips/199/final

NIST, "Risk Management Framework for Information Systems and Organizations," October 2018. Retrieved from: https://csrc.nist.gov/publications/detail/sp/800-37/rev-2/archive/2017-09-28

NIST, "SP 800-37 Rev. 2 Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach," 2018. Retrieved from: https://csrc.nist.gov/publications/detail/sp/800-37/rev-1/final

NIST, "SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations," 2015. Retrieved from: https://csrc.nist.gov/publications/detail/sp/800-53/rev-4/final

NIST, "SP 800-53A Rev. 4 Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans," 2014. Retrieved from: https://csrc.nist.gov/publications/detail/sp/800-53a/rev-4/final

NIST, "SP 800-82 Rev. 2 Guide to Industrial Control Systems (ICS) Security," 2015. Retrieved from: https://csrc.nist.gov/publications/detail/sp/800-82/rev-2/final

NIST, "SP 800-144 Guidelines on Security and Privacy in Public Cloud Computing," 2011. Retrieved from: https://csrc.nist.gov/publications/detail/sp/800-144/final

Steven VanRoekel, Executive Office of the President "Security Authorization of Information Systems in Cloud Computing Environments Memorandum," 2011. Retrieved from: https://www.fedramp.gov/assets/resources/documents/FedRAMP_Policy_Memo.pdf

TWiki, "NIST Cloud Computing Collaboration Site." Retrieved from: https://collaborate.nist.gov/twiki-cloud-computing/bin/view/CloudComputing/CloudSecurity

Wiki, "List of TCP and UDP port numbers." Retrieved from: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

You may need the Adobe® Reader® to view the PDFs on this page.

Office of Operations