RMF POA&M Creation and Management (Hands-On Approach)

Подписаться 9 тыс.

Просмотров 26 тыс.

50% 1

In this video we discussed POA&M creation and management process. This is based on our previous video, "Nessus Vulnerability Scan Results Analysis". If you have not seen that video, you might wanna watch that video first before you continue with this video. Please LIKE, SHARE, and SUBSCRIBE to help grow the channel.
Computer Security Resource Center
csrc.nist.gov/publications
The free way to help the channel grow is by subscribing using the link below:
ru-vid.com?su...
************Patreon & Channel Support******************
www.patreon.com/kamilSec?fan_...
*******Order your KamilSec (KS) Designs Merch:*********
kamilsec.creator-spring.com/
**************************************************************
CashApp: $Kamilzak
Zelle: kaamilzak@gmail.com
Paypal: paypal.me/MZakari
Thank You!!!
*************************************************************
**You can download the Raw Nessus Vulnerability Scan results, Admin response spreadsheet and POA&M template for your practice if need be from my Patreon Page, link below.**
www.patreon.com/kamilSec?fan_...
*I ALSO CONDUCT INDIVIDUALIZED RESUME AND INTERVIEW PREP SESSION*
Udemy Affliate link:
track.flexlinkspro.com/g.ashx...
VeeFLY Referral Link:
veefly.com?referrer=318243
Connect with me on Social Media:
Twitter: / kamilzak_1
Instagram: @Kamilzak1
E-Mail: Kaamilzak@gmail.com

Опубликовано:

11 фев 2022

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 91

@stephenbrown2985 2 года назад

Kamil you and your household will forever be blessed for what you do even with your busy schedule.

@KamilSec 2 года назад

Thank you so much bro. I appreciate all the prayers and kind words!!!

@ALLISONFolks 9 месяцев назад

I am watching this video for the second time, and I have gained so much knowledge again. I thank you so much, maybe God continue to bless you, sir.

@KamilSec 9 месяцев назад

You are so welcome, Ameen!

@lonjay 2 года назад

Great video, hopefully when I get a job, I could place your video side by side because they are very detailed. This is really hands on the job training.

@florenceakintunde9752 2 года назад

Thank you for this excellent video, so detailed and well explained. More grease to your elbow.

@KamilSec 2 года назад

You are so welcome!

@Oladitikomolafe Год назад

Kamil, God bless you!!!

@KamilSec Год назад

Ameen

@absolute3112 Год назад

Thank you brother... this was excellent

@KamilSec Год назад

Very welcome

@mohamedsesay9865 Год назад

I have been learning from your videos. You have great content!

@KamilSec Год назад

I appreciate that, thanks!

@SuperWinning111 2 года назад

Another excellent video on POA&M. Can't get anything more precise and well articulated. Thank you for the work you do.

@SuperWinning111 2 года назад

I have a question. Where can I pick the control code like you did?

@KamilSec 2 года назад

My pleasure bro!

@KamilSec 2 года назад

All the controls codes will be in appendix D of SP 800 53

@megatron98 2 года назад

Great video, thanks!

@medianetwork7972 2 года назад

Thanks Kamil… great post as usual 👍

@KamilSec 2 года назад

Glad you enjoyed it!

@opeolutola1532 Год назад

God bless you for this great job

@KamilSec Год назад

Thanks Man!

@akoudousse4722 Год назад

Great video , Thank you

@KamilSec Год назад

Glad you enjoyed it

@toluomoba4223 2 года назад

Good video 👍🏿

@samueltoler3240 2 года назад

Excellent presentation.

@KamilSec 2 года назад

Thank you kindly!

@lawrenceaikins9845 2 года назад

Thank you Kamil

@KamilSec 2 года назад

You’re very welcome Lawrence!

@christianihendu7438 2 года назад

Thank you fir the video. It was helpful. Thank you

@KamilSec 2 года назад

You are welcome!

@mcbelescony8642 Год назад

Excellent post

@KamilSec Год назад

Thanks for watching, I hope you will help share the videos to promote the channel!

@steveayodele5387 4 месяца назад

Great hands on tutoria, keep it up. Please will it be possible to get the excel template of the POA&M?

@KamilSec 3 месяца назад

You can get access to the spreadsheet from my Patreon page

@jleaven2707 2 года назад

Hi. At my workplace one big change we have to doing the poam is the mitigation column in which we have to explain what we have currently in our environment thats in place currently while we work on a remediation of the vulnerability. The mitigation has to be specific to the vulnerability

@KamilSec 2 года назад

Cool, I guess this is as a results the nature of your system. It could be that your system is public/internet facing or not behind any firewall or bastion host.

@spdadon15 2 года назад

Great video boss !!

@KamilSec 2 года назад

Thanks!

@spdadon15 2 года назад

Looking for Splunk configuration video hope u do one one day

@kafagodwill9185 Год назад

THANKS VERY MUCH. PLEASE DO YOU HAVE A VIDEO ON POA&M WITH SECURITY CONTROL SINCE THIS WAS WITH THE NESSUS SCAN VULNERABILITY

@KamilSec Год назад

Sorry, I do not.

@zbeauty9975 2 года назад

Great video! Can you do a video about CSAM?

@KamilSec 2 года назад

ZBeauty, unfortunately I cannot do a video in CSAM, there is no community version of the tool, and hence I cannot use the one for the government for RU-vid tutorial.

@Techdeeni Год назад

Thanks for taking the time to explain this often tedious process. I do have a question. What if the plug-ins are updated for the next scan, will the old plug-ins still show up when you do a search if it hasnt been remediated yet?

@KamilSec Год назад

The plugins will be the same for a vulnerability, never changes except the vulnerability is fix and it wont show up in the next scan.

@Techdeeni Год назад

@KamilSec Thank you Sir!

@opoku-agyemangisaac336 2 года назад

Zakari!! you too much

@oliviangwa3473 Год назад

Thank You Sir, this is so helpful. Quick question 🙋‍♀️, what if you read the description of the Vulnerability and can’t determine the exact control? Is the another way to determine the exact control???

@KamilSec Год назад

Unfortunately, that comes with experience working with these controls.

@wilfrednkondock4918 11 месяцев назад

can't see the previous video about the Nessus vulnerability scan result analysis

@KamilSec 11 месяцев назад

See the link below for the Nessus Vulnerability Scan Analysis Video: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-lNH_4o5XSlE.htmlsi=okbFctPiKRgOX1_t

@jleaven2707 2 года назад

Also our security manager instructed us that our last milestone date match the scheduled completion date. Does that vary by workplace?

@KamilSec 2 года назад

Yes, that varies from workplace to workplace. However having the last milestone completion date same as the POA&M schedule completion date can be a bit risking an overdue POA&M. This is because, if evidence of completion of the last milestone need to be reviewed and approved before the POA&M gets submitted for closure, that can be a stretch for the same date.

@joycefynn8496 2 года назад

Thank you so much you are awesome! I have a question! I have an interview scheduled for next week! What type of technical questions do you think will come up? I already had the first interview and it was the RMF process and they have scheduled a second one for technical! Am so nervous!

@KamilSec 2 года назад

Thats a tough call, however based on the JD you can deduce where their minds are. Nonetheless, you can make sure you know your OSI Model and TCP/IP Model, Security protocols and common ports, vulnerability management and so on...Good luck!

@joycefynn8496 2 года назад

@@KamilSec Thank you so much !

@bradonchenue4801 2 года назад

Good morning sir

@KamilSec 2 года назад

Good morning Bradon

@oliviangwa3473 Год назад

I am a new ISSO and will like to understand the contain of the Authorization Package and how these contains are made. In the POA&M, under Planned Milestone column, Where does the ISSO get all remediations to point them out under the planned milestone column?? Thank You 🙏🏽

@KamilSec Год назад

Contents of the Authorization Package are SSP, SAR and POA&M and ATO Memo. Watch this video for more ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-adxnNStDskA.html The Remediation milestones for the technical controls are mostly from the system admins.

@christianihendu7438 2 года назад

I thought it is highly recommended we remediate critical vulnerability 15days, High Vulnerability 30days, Moderate Vulnerability 60 days, Low Vulnerability 90days. If the above is true and the information system overall water mark is Moderate. 1) What scheduled completion date will be assigned to a critical Vulnerability even if the POC said it will take 3months to remediate? 2) Are we going to base our time frame on POC suggested time frame? 3) Do we put into consideration overall water mark of the information system during our POAM creation and remediation process? 4) What is the best approach in creating our scheduled completion date? I really appreciate your time and clarification. Thank you.

@KamilSec 2 года назад

Good questions Christian, So first of all if the system teams have the resources to remediate within (15 days or 30 days), they would have done that and we will not worry creating the POA&M. But there are instances even if the agency is asking the team to fix a critical vulnerability with days, the system team simply cannot do that, for instance if the issue is related to a vendor releasing a patch that are not yet available. In that case a POA&M is created to track the remediation efforts until the vendor release the patch. Hope that makes sense.

@cu9747 10 месяцев назад

which roles would do these kind of tasks? such as creating POAMs, SSPs, etc?

@KamilSec 10 месяцев назад

IT Security Analyst, ISSO, POA&M Manager, Alternate ISSO....

@Zanein1 2 года назад

I’m a new ISSO, so for the planned milestones how would I know what to put or is there some type of reference I can go off of?

@KamilSec 2 года назад

Prate, for the planned milestones, you really have to coordinate with the people who are actually going to do the remediations (Admins) to get the timeframe they think they can complete the remediation.

@Zanein1 Год назад

@@KamilSec thank you 🙏🏾

@jvicks_hair Год назад

WHAT do you do when you are not sure about the name of the control to be remediated?

@KamilSec Год назад

Good question, you can also refer to some old POA&Ms with the same or similar findings to get an idea.

@shivendumenon878 11 месяцев назад

Would a format for POAM ID 220001 be used (22 being the year and 0001 being it ID), So any new vulnerability needed can be added based on the year. And would 9999 POAM ID be sufficient units to be in the POA&M per year?

@KamilSec 11 месяцев назад

yes, that works. However way the organization decides on is fine.

@shivendumenon878 11 месяцев назад

@@KamilSec Understood! Thank you, Been following your content for a few weeks and I must say it brilliant the way you explain. Brings more interest to learn.

@jackieo7113 2 года назад

Hi - are you able to provide a link to the videos you advise we review prior to this? I'll also send an email request for the template to practice against - are you able to add that in the more section also?

@KamilSec 2 года назад

ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-lNH_4o5XSlE.html So, the excel files are bit large and uploading them on AWS S3 bucket and sharing the link here for easy download will incur some significant monthly bill, hence the need for people to request via e-mail.

@huyilanalana8393 Год назад

@@KamilSec can i get a copy of the excel for practice. Thank you

@Teesamp86 Год назад

I was expecting the control to be RA-5 SI-2

@KamilSec Год назад

Yes generally you can refer to RA-5 (Vulnerability Scan) or SI-2 (Flaw Remediation) however, if the control involves say configuration or Cryptographic findings you can refer to CM-6 or SC-13 controls respectively.

@bradonchenue4801 Год назад

Who does the scan analysis?

@KamilSec Год назад

IT Security Analyst or the ISSO

@sylviaboateng1411 2 года назад

Hello, how can I reach out please?

@KamilSec 2 года назад

kaamilzak@gmail.com

@joseskobena6250 Год назад

Chaii!. excellent video bro, God bless you and increase your knowledge. if you don't mind how can i contact you, i need you to be my mentor in this field. thank you

@KamilSec Год назад

kaamilzak@gmail.com

@joseskobena6250 Год назад

@@KamilSec Thank you for your response bro.

@joseskobena6250 Год назад

Hello Bro, I have contacted several times but no response, Pls try and make some time for me, lol, thank you.