NSTSSI Security Education Standards |
2. ACCESS CONTROL a. Policies/Administration (1) use network access controls as designed; (2) explain compartmented/partitioned mode; (3) describe data access; (4) identify the dedicated mode of operation; (5) explain electronic records management; (6) define information ownership; (7) identify information resource owner/custodian; (8) describe separation of duties; and (9) define the system high mode. b. Countermeasures (1) describe use of caller ID; (2) give five examples of countermeasures; (3) define internal controls and security; (4) identify methods of intrusion detection; (5) define network firewalls; and (6) describe network security software. c. Safeguards (1) demonstrate the ability to use alarms, signals, and reports; (2) identify network security software; (3) describe operating system security features; (4) define protected distribution systems; and (5) describe system security safeguards. d. Mechanisms (1) discuss authentication mechanisms; (2) describe discretionary access controls; (3) describe mandatory access controls; (4) describe one-time passwords; (5) discuss privileges; and (6) define single sign-on.