https://nvd.nist.gov
The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-147B.pdf
This NIST Special Publication is designed to provide guidelines for BIOS protections in server-class systems.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-209.pdf
This NIST Special Publication is designed to provide a comprehensive set of security recommendations for the current landscape of the storage infrastructure.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-40r4.pdf
This NIST Special Publication is designed to assist organizations in understanding the basics of enterprise patch management technologies.
https://nvd.nist.gov/800-53/Rev4/control/SI-3
NIST resource that defines the requirements for malicious code protection.
https://nvd.nist.gov/800-53/Rev4/control/SI-4
This publication from NIST provides an overview of the SI-4 Information System Monitoring control.
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-58.pdf
This publication describes VOIP, its security challenges, and potential countermeasures for related vulnerabilities.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-83r1.pdf
This NIST Special Publication provides recommendations for improving an organization’s malware incident prevention measures.
https://www.nsu.edu/getattachment/About/Administrative-Offices-Services/its/Policies/32-8-1703-Malicious-Code-Protection-pdf.pdf.aspx
This sample policy from Norfolk State University is an example of how to establish a policy and procedure for protection from malicious code.
https://policies.ncsu.edu/rule/rul-08-00-14/
The link below is an example from North Carolina State University of a Security Patching Standard.