I am watching this video for the second time, and I have gained so much knowledge again. I thank you so much, maybe God continue to bless you, sir.
Great video, thanks!
Great video, hopefully when I get a job, I could place your video side by side because they are very detailed. This is really hands on the job training.
Thank you for this excellent video, so detailed and well explained. More grease to your elbow.
Another excellent video on POA&M. Can't get anything more precise and well articulated. Thank you for the work you do.
Good video 👍🏿
Excellent post
Thanks for watching, I hope you will help share the videos to promote the channel!
Zakari!! you too much
Great hands on tutoria, keep it up. Please will it be possible to get the excel template of the POA&M?
Hi. At my workplace one big change we have to doing the poam is the mitigation column in which we have to explain what we have currently in our environment thats in place currently while we work on a remediation of the vulnerability. The mitigation has to be specific to the vulnerability
Cool, I guess this is as a results the nature of your system. It could be that your system is public/internet facing or not behind any firewall or bastion host.
THANKS VERY MUCH. PLEASE DO YOU HAVE A VIDEO ON POA&M WITH SECURITY CONTROL SINCE THIS WAS WITH THE NESSUS SCAN VULNERABILITY
can't see the previous video about the Nessus vulnerability scan result analysis
See the link below for the Nessus Vulnerability Scan Analysis Video:
ua-cam.com/video/lNH_4o5XSlE/v-deo.htmlsi=okbFctPiKRgOX1_t
Great video! Can you do a video about CSAM?
ZBeauty, unfortunately I cannot do a video in CSAM, there is no community version of the tool, and hence I cannot use the one for the government for UA-cam tutorial.
Thanks for taking the time to explain this often tedious process. I do have a question. What if the plug-ins are updated for the next scan, will the old plug-ins still show up when you do a search if it hasnt been remediated yet?
The plugins will be the same for a vulnerability, never changes except the vulnerability is fix and it wont show up in the next scan.
I am a new ISSO and will like to understand the contain of the Authorization Package and how these contains are made. In the POA&M, under Planned Milestone column, Where does the ISSO get all remediations to point them out under the planned milestone column?? Thank You 🙏🏽
Contents of the Authorization Package are SSP, SAR and POA&M and ATO Memo. Watch this video for more ua-cam.com/video/adxnNStDskA/v-deo.html
The Remediation milestones for the technical controls are mostly from the system admins.
I thought it is highly recommended we remediate
critical vulnerability 15days,
High Vulnerability 30days,
Moderate Vulnerability 60 days,
Low Vulnerability 90days.
If the above is true and the information system overall water mark is Moderate.
1) What scheduled completion date will be assigned to a critical Vulnerability even if the POC said it will take 3months to remediate?
2) Are we going to base our time frame on POC suggested time frame?
3) Do we put into consideration overall water mark of the information system during our POAM creation and remediation process?
4) What is the best approach in creating our scheduled completion date?
I really appreciate your time and clarification.
Thank you.
Good questions Christian, So first of all if the system teams have the resources to remediate within (15 days or 30 days), they would have done that and we will not worry creating the POA&M. But there are instances even if the agency is asking the team to fix a critical vulnerability with days, the system team simply cannot do that, for instance if the issue is related to a vendor releasing a patch that are not yet available. In that case a POA&M is created to track the remediation efforts until the vendor release the patch. Hope that makes sense.
Would a format for POAM ID 220001 be used (22 being the year and 0001 being it ID), So any new vulnerability needed can be added based on the year. And would 9999 POAM ID be sufficient units to be in the POA&M per year?
@@KamilSec Understood! Thank you, Been following your content for a few weeks and I must say it brilliant the way you explain. Brings more interest to learn.
Also our security manager instructed us that our last milestone date match the scheduled completion date. Does that vary by workplace?
Yes, that varies from workplace to workplace. However having the last milestone completion date same as the POA&M schedule completion date can be a bit risking an overdue POA&M. This is because, if evidence of completion of the last milestone need to be reviewed and approved before the POA&M gets submitted for closure, that can be a stretch for the same date.
Thank you so much you are awesome! I have a question! I have an interview scheduled for next week! What type of technical questions do you think will come up? I already had the first interview and it was the RMF process and they have scheduled a second one for technical! Am so nervous!
Thats a tough call, however based on the JD you can deduce where their minds are. Nonetheless, you can make sure you know your OSI Model and TCP/IP Model, Security protocols and common ports, vulnerability management and so on...Good luck!
I was expecting the control to be RA-5 SI-2
Yes generally you can refer to RA-5 (Vulnerability Scan) or SI-2 (Flaw Remediation) however, if the control involves say configuration or Cryptographic findings you can refer to CM-6 or SC-13 controls respectively.
Thank You Sir, this is so helpful. Quick question 🙋♀️, what if you read the description of the Vulnerability and can’t determine the exact control? Is the another way to determine the exact control???
WHAT do you do when you are not sure about the name of the control to be remediated?
Good question, you can also refer to some old POA&Ms with the same or similar findings to get an idea.
I’m a new ISSO, so for the planned milestones how would I know what to put or is there some type of reference I can go off of?
Hi - are you able to provide a link to the videos you advise we review prior to this? I'll also send an email request for the template to practice against - are you able to add that in the more section also?
ua-cam.com/video/lNH_4o5XSlE/v-deo.html
So, the excel files are bit large and uploading them on AWS S3 bucket and sharing the link here for easy download will incur some significant monthly bill, hence the need for people to request via e-mail.
Chaii!. excellent video bro, God bless you and increase your knowledge. if you don't mind how can i contact you, i need you to be my mentor in this field. thank you
Hello Bro, I have contacted several times but no response, Pls try and make some time for me, lol, thank you.
Kamil you and your household will forever be blessed for what you do even with your busy schedule.
Thank you so much bro. I appreciate all the prayers and kind words!!!