Strategic Security Intelligence

NSTSSI Security Education Standards


Top - Help

Copyright(c), 1995 - Management Analytics and Others - All Rights Reserved

      a.    Definitions

            (1)       define the term "adversary"; and
            (2)       define the term "threat."

      b.    Compromise

            (1)       discuss the impact of a compromise by these definitions:  the disclosure of classified data to a$
                      unauthorized person; an unauthorized disclosure, modification, destruction, or loss of sensitive
                      information; disclosure of a password, or part of a password, to someone not authorized to know,
                      have, or use the password; authorized disclosure or loss of sensitive data; and

            (2)       describe why the common thread among compromise definitions is "an unauthorized disclosure."

      c.    Computer Crime

            (1)       summarize how computer crime can involve either the computer as a tool or the computer as a
                      target; and
            (2)       outline the methods of computer crime:  fraud, embezzlement, and unauthorized access.
      d.    Security Incident                                                           

            outline the categories of security incidents:  compromise, possible compromise, inadvertent disclosure,
            deviation, and any adverse event associated with a computer system that is a failure to comply with
            departmental security regulations or directives.
      e.    Malicious Code

            (1)       define the term "malicious code";
            (2)       define the term "malicious logic"; and
            (3)    give examples of effects of the following malicious code or logic:  logic bomb, time bomb, trap
                   door, trojan horse, virus, worm, back-door, maintenance hook, and spoofing.

      f.    Malicious Actions

            give example of the effects of the following malicious actions:  active attack, wire tapping, browsing,
            covert channel, jamming, software piracy, passive attack, traffic analysis, and monitoring.
      g.    Non-Specific Concerns

            discuss the following types of non-specific threats to systems and information:  contamination, data
            contamination, data corruption, and cascading.

      h.    Protection Techniques
            discuss the effects of the following protection techniques:  anti-virus program, audit analysis tools,
            electronic monitoring, intrusion detection, monitoring (e.g., dataline, sniffer), and traffic analysis.

      i.    Incident Handling
            (1)    explain the role of the DAA in criminal prosecution;
            (2)    explain the importance of evidence acceptability in incident handling;
            (3)    explain the impact of evidence collection and preservation in incident handling;
            (4)    identify responsibilities associated with evidence collection and preservation in incident handling;
            (5)    discuss responsibilities for investigation of security breaches; and
            (6)    explain the DAA role in security violations reporting.