Strategic Security Intelligence


NSTSSI Security Education Standards


Standards

Top - Help

Copyright(c), 1995 - Management Analytics and Others - All Rights Reserved


7.    Initiate protective or corrective measures
      
               
      a.    Intrusion Deterrents
               
      
            E      - list local and command security policies and safeguards;
            I      - enforce security policies and safeguards; and
            A      - develop local security policies and safeguards.
             
               
            (1)     Alarms, Signals, & Reports
      
  
                    I    - choose balance between hardware, software, and/or procedural indicator
                           schema; and
                    I    - use analysis of intrusion indicators, when appropriate, and generate
                           reports.
            
                    
            (2)     Intrusion Detection
            
  
                    E    - define intrusion detection system;                     
                    I    - use appropriate intrusion detection system; and
                  I    - select appropriate intrusion detection deterrents.
      
                   
      b.    Network Security
            

            E      - describe national level policy for a specific network;
            E      - explain the need for security on the system and interconnected networks; and
            A      - explore vulnerabilities of leading edge emerging technologies.

(1) Lines (Fiber, Copper, Wireless)
             
            
       E      - describe the types of lines used in networks; and
       E      - explain appropriate security measure for each type of line.
            
  
       (a)     Leased
                    
                    
               E    - describe the security implications of leased lines; and
               E    - identify the security needs for leased lines.

            
       (b)     Owned
            
      
               E    - describe the security implications of owned lines; and
               E    - identify the security needs for owned lines.
               
      
(2)    Off-site Security
                                                                                           
            
       I      - assist in determining the off-site security requirements as they impact on
               the local system or network (need to ensure the other unit does not
               degrade yours);
       E      - describe the meaning of off-site security;
       I      - provide inputs to the design of any features needed to maintain security at
               an off-site location;
       I      - determine the off-site security requirements as they impact on the local
               system or network (need to ensure the other unit does not degrade yours);
               and
       I      - write status reports on off-site security to management.
       
      
(3)    FAX Security
  
       E      - describe what is entailed by FAX security and its vulnerabilities;
       E      - explain difference between stand-alone FAX machines and FAX boards on
               computers; and
       I      - develop procedures governing FAX security.

            
(4)    Network Firewalls
            
      
       E      - describe network firewall and its uses;
       E      - use/make sure the firewall is used; and
       I      - recommend appropriate firewall technology based upon network
               connections and vulnerabilities.

                                                                                           
(5)    Switch
       
               
       E      - describe a switch and its uses; and
       I      - ensure protection measures are used for switches.
  
      
(6)    Phone Mail
               
                  
       E      - describe phone mail and its uses; and
       E      - identify potential vulnerabilities on single lines used by many people.
      

(7)    Modems
      
              E    - describe function of a modem and its uses;
              E    - identify potential vulnerabilities with modems when shared among
                    systems; and
              I    - develop policy and practices regarding modem security.

                                                                                           
c.    Marking of Media/Information Systems Oversight Office (ISOO) Rules
       
               
      E      - describe the ISOO rules as published in the Federal registry and its
              implementation in the system; and
      I      - develop local implementing policy.
      

      (1)     Labeling
                  
       
              E    - describe the marking and release rules to users and managers.
      

      (2)     Marking of Sensitive Information

              E    - describe the policy to mark all sensitive information and how to do it.
                                         
       
d.    Environmental Controls
            

      E      - identify controls that are needed;
      E      - describe what is meant by environmental controls; list potential benefits and
              hazards of some;
      E      - provide examples of controls; and
      I      - assure controls are used and maintained.
      

      (1)     Fire Prevention                                                              

       
              E    - describe the requirement and identify measures in place.
      
              
      (2)     Safety
      

              E    - describe the requirement and identify measures in place.
                  
       
      (3)     Filtered Power
      

              E    - describe the requirements and identify measures in place.


      (4)     Grounding
                                         
       
              E    - describe what is meant, the requirement, and identify measures in place.
            

e.    Assessments (e.g., surveys, inspections)   
      
              
      E      - assist customers on how to best use resources;
      I      - perform surveys or inspections;
      I      - report findings and recommendations; and
      A      - prioritize findings and recommendations.
  

      (1)     Validation Testing
                    I    - report findings and recommendations;
                    A    - defend findings among the participating components; and
                    E    - define what is meant and encompassed by validation testing.
                                         
       
            (2)     Traffic Analysis
            

                    E    - define traffic analysis;
                    I    - summarize the information inferred from observations and provide
                           reports; and
                    I    - use the information to our advantage and the other party's detriment.
      
      
            (3)     Evidence Collection
  

                    I    - answer questions from management about potential vulnerabilities;
                    I    - assist in making recommendations on the findings based on evidence
                           collection;
                    E    - describe what is meant by evidence collection and its importance to
                           assessment and management;
                    I    - provide examples relating to various criminal situations in IS; and
                    I    - identify potential problems.
                                             
                  
      f.    Handling Media
                                                                             
      
            E      - list national and command policies, procedures, and rules regarding media
                    handling;
            E      - assist users and managers in complying with rules, regulations, etc.; and
            I      - relate current policy to new situations.
                    
                                         
            (1)     Remanence
            
            
                    E    - describe the phenomenon and its implication to various types of media;
                           and
                    E    - describe the command/agency remanence program to users and
                           managers.   
                    
      
            (2)     Physical Controls & Accounting
            
  
                    E    - list policies and procedures; and
                    E    - describe the policies and procedures to users.
              
      
            (3)     Transportation
  
      
                    E    - list policies and procedures; and
                    E    - describe the policies and procedures to users.