U.S. Government Publications
The U.S. government offers many of its publications on the web. The U.S. Department of Homeland Security (https://www.us-cert.gov/security-publications) publishes security information. Also, the National Institute of Standards and Technology (NIST) publishes articles on computer security. The following are a sample of the publications that can be accessed on the NIST Special Publications site (https://csrc.nist.gov/publications/sp).
-
An Introduction to Computer Security: The NIST Handbook . SP 800-12, October 1995.
-
Computer Security Incident Handling Guide . SP 800-61 Rev 2, August 2012.
-
(Draft) Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations . SP 800-52 Rev 2, November 2017.
-
Guidelines on Electronic Mail Security . SP 800-45 Version 2, February 2007.
-
Guidelines on Securing Public Web Servers . SP 800-44 Version 2, September 2007.
-
Guidelines on Firewalls and Firewall Policy . SP 800-41 Rev 1, September 2009.
-
Building an Information Technology Security Awareness and Training Program . SP 800-61, October 2003. Includes a useful glossary.
-
Guide to General Server Security . SP 800-123, July 2008.
-
National Checklist Program for IT Products: Guidelines for Checklist Users and Developers . SP 800-70 Rev 4, February 2018.
-
Usability and Security Considerations for Public Safety Mobile Authentication . NISTIR 8080, July 2016.
-
Security of Interactive and Automated Access Management Using Secure Shell (SSH) . NISTIR 7966, October 2015.