 NSTSSI Security Education Standards |
| NSTSSI Security Education Standards |
7. Initiate protective or corrective measures
a. Intrusion Deterrents
E - list local and command security policies and safeguards;
I - enforce security policies and safeguards; and
A - develop local security policies and safeguards.
(1) Alarms, Signals, & Reports
I - choose balance between hardware, software, and/or procedural indicator
schema; and
I - use analysis of intrusion indicators, when appropriate, and generate
reports.
(2) Intrusion Detection
E - define intrusion detection system;
I - use appropriate intrusion detection system; and
I - select appropriate intrusion detection deterrents.
b. Network Security
E - describe national level policy for a specific network;
E - explain the need for security on the system and interconnected networks; and
A - explore vulnerabilities of leading edge emerging technologies.
(1) Lines (Fiber, Copper, Wireless)
E - describe the types of lines used in networks; and
E - explain appropriate security measure for each type of line.
(a) Leased
E - describe the security implications of leased lines; and
E - identify the security needs for leased lines.
(b) Owned
E - describe the security implications of owned lines; and
E - identify the security needs for owned lines.
(2) Off-site Security
I - assist in determining the off-site security requirements as they impact on
the local system or network (need to ensure the other unit does not
degrade yours);
E - describe the meaning of off-site security;
I - provide inputs to the design of any features needed to maintain security at
an off-site location;
I - determine the off-site security requirements as they impact on the local
system or network (need to ensure the other unit does not degrade yours);
and
I - write status reports on off-site security to management.
(3) FAX Security
E - describe what is entailed by FAX security and its vulnerabilities;
E - explain difference between stand-alone FAX machines and FAX boards on
computers; and
I - develop procedures governing FAX security.
(4) Network Firewalls
E - describe network firewall and its uses;
E - use/make sure the firewall is used; and
I - recommend appropriate firewall technology based upon network
connections and vulnerabilities.
(5) Switch
E - describe a switch and its uses; and
I - ensure protection measures are used for switches.
(6) Phone Mail
E - describe phone mail and its uses; and
E - identify potential vulnerabilities on single lines used by many people.
(7) Modems
E - describe function of a modem and its uses;
E - identify potential vulnerabilities with modems when shared among
systems; and
I - develop policy and practices regarding modem security.
c. Marking of Media/Information Systems Oversight Office (ISOO) Rules
E - describe the ISOO rules as published in the Federal registry and its
implementation in the system; and
I - develop local implementing policy.
(1) Labeling
E - describe the marking and release rules to users and managers.
(2) Marking of Sensitive Information
E - describe the policy to mark all sensitive information and how to do it.
d. Environmental Controls
E - identify controls that are needed;
E - describe what is meant by environmental controls; list potential benefits and
hazards of some;
E - provide examples of controls; and
I - assure controls are used and maintained.
(1) Fire Prevention
E - describe the requirement and identify measures in place.
(2) Safety
E - describe the requirement and identify measures in place.
(3) Filtered Power
E - describe the requirements and identify measures in place.
(4) Grounding
E - describe what is meant, the requirement, and identify measures in place.
e. Assessments (e.g., surveys, inspections)
E - assist customers on how to best use resources;
I - perform surveys or inspections;
I - report findings and recommendations; and
A - prioritize findings and recommendations.
(1) Validation Testing
I - report findings and recommendations;
A - defend findings among the participating components; and
E - define what is meant and encompassed by validation testing.
(2) Traffic Analysis
E - define traffic analysis;
I - summarize the information inferred from observations and provide
reports; and
I - use the information to our advantage and the other party's detriment.
(3) Evidence Collection
I - answer questions from management about potential vulnerabilities;
I - assist in making recommendations on the findings based on evidence
collection;
E - describe what is meant by evidence collection and its importance to
assessment and management;
I - provide examples relating to various criminal situations in IS; and
I - identify potential problems.
f. Handling Media
E - list national and command policies, procedures, and rules regarding media
handling;
E - assist users and managers in complying with rules, regulations, etc.; and
I - relate current policy to new situations.
(1) Remanence
E - describe the phenomenon and its implication to various types of media;
and
E - describe the command/agency remanence program to users and
managers.
(2) Physical Controls & Accounting
E - list policies and procedures; and
E - describe the policies and procedures to users.
(3) Transportation
E - list policies and procedures; and
E - describe the policies and procedures to users.