Lecture 9_Revised - NATIONAL TRAINING STANDARD FOR...

Info iconThis preview shows pages 1–12. Sign up to view the full content.

View Full Document Right Arrow Icon
Comp 6370 – NSTISS Basics – Awareness Level 1 NATIONAL TRAINING STANDARD FOR INFORMATION SYSTEMS SECURITY (INFOSEC) PROFESSIONALS NSTISSI No. 4011 20 June 1994
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Comp 6370 – NSTISS Basics – Awareness Level 2 Performance Levels Awareness Level. Creates a sensitivity to the threats and vulnerabilities of national security information systems, and a recognition of the need to protect data, information and the means of processing them; and builds a working knowledge of principles and practices in INFOSEC. Performance Level. Provides the employee with the skill or ability to design, execute, or evaluate agency INFOSEC security procedures and practices. This level of understanding will ensure that employees are able to apply security concepts while performing their tasks.
Background image of page 2
Comp 6370 – NSTISS Basics – Awareness Level 3 Legal Elements evidence collection and preservation intrusion detection and monitoring case study, NSA fraud, waste and abuse hotlines signs of computer intrusion case study, Lawrence Livermore break-in investigative authorities Federal DOJ DOD State
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Comp 6370 – NSTISS Basics – Awareness Level 4 Countermeasures Cover and deception Technical surveillance countermeasures Threat and Vulnerability Assessment
Background image of page 4
Comp 6370 – NSTISS Basics – Awareness Level 5 Concepts of Trust Assurance Policy
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Comp 6370 – NSTISS Basics – Awareness Level 6 Modes of Operation Compartmented/Partitioned Dedicated System-high
Background image of page 6
Comp 6370 – NSTISS Basics – Awareness Level 7 Roles of Various Organizational Personnel Audit office * COMSEC custodian end users information resources management staff INFOSEC Officer OPSEC managers program or functional managers security office senior management system manager system staff telecommunications office and staff
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Comp 6370 – NSTISS Basics – Awareness Level 8 What is OPSEC? Operations security (OPSEC) is an analytic process used to deny an adversary information - generally unclassified Trains people on the handling of information We can apply OPSEC in our daily lives “What could an adversary glean from the knowledge of this activity?”
Background image of page 8
Comp 6370 – NSTISS Basics – Awareness Level 9 Facets of NSTISS protection of areas protection of data communications protection of equipment protection of keying material protection of magnetic storage media protection of voice communications reporting security violations transmission security countermeasures (e.g., callsigns, frequency, and pattern forewarning protection)
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Comp 6370 – NSTISS Basics – Awareness Level 10 Agency Specific Security Policies guidance points of contact roles and responsibilities
Background image of page 10
Comp 6370 – NSTISS Basics – Awareness Level 11 Risk Management information identification risk analysis and/or vulnerability assessment components risk analysis results evaluation roles and responsibilities of all the players in the risk analysis process
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 12
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 11/14/2011 for the course COMP 6370 taught by Professor Staff during the Fall '08 term at Auburn University.

Page1 / 38

Lecture 9_Revised - NATIONAL TRAINING STANDARD FOR...

This preview shows document pages 1 - 12. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online