 NSTSSI Security Education Standards |
| NSTSSI Security Education Standards |
2. ACCESS CONTROL
a. Policies/Administration
(1) use network access controls as designed;
(2) explain compartmented/partitioned mode;
(3) describe data access;
(4) identify the dedicated mode of operation;
(5) explain electronic records management;
(6) define information ownership;
(7) identify information resource owner/custodian;
(8) describe separation of duties; and
(9) define the system high mode.
b. Countermeasures
(1) describe use of caller ID;
(2) give five examples of countermeasures;
(3) define internal controls and security;
(4) identify methods of intrusion detection;
(5) define network firewalls; and
(6) describe network security software.
c. Safeguards
(1) demonstrate the ability to use alarms, signals, and reports;
(2) identify network security software;
(3) describe operating system security features;
(4) define protected distribution systems; and
(5) describe system security safeguards.
d. Mechanisms
(1) discuss authentication mechanisms;
(2) describe discretionary access controls;
(3) describe mandatory access controls;
(4) describe one-time passwords;
(5) discuss privileges; and
(6) define single sign-on.