The successful student in CIS 4414, 5514, 6614 demonstrates intermediate-level competency by directing, explaining, developing, discussing, summarizing, enforcing, monitoring, presenting, verifying, planning, recommending, proposing, specifying, identifying, implementing, using, reviewing, describing, preparing, conducting, demonstrating, selecting, or writing the following concepts in case study workshops and hands-on exercises. |
Student Checklist |
1. I - Analyze the constituent components of the certification and accreditation process |
|
2. I - Assess effectiveness of contingency plan |
|
3. I - Assist in evidence collection |
|
4. I - Assist users and managers with reporting |
|
5. I - Compile information from various sources for compilation into status report |
|
6. I - Comply with agency specific security policies when reporting security status to SSM, viz., CIO, DAA, CTO, etc. |
|
7. I - Conduct business impact analysis |
|
8. I - Conduct cost/benefit analysis procedures |
|
9. I - Conduct/perform vulnerability analysis |
|
10. I - Coordinate risk assessment process |
|
11. I - Demonstrate compliance with certification plan |
|
12. I - Demonstrate how to use NIAP Validated Products |
|
13. I - Demonstrate professional ethics |
|
14. I - Describe cost of the system life cycle and security |
|
15. I - Describe EKMS methodology |
|
16. I - Describe PKI methodology |
|
17. I - Describe risk acceptance process |
|
18. I - Design specific EKMS procedures for system in line with policies |
|
19. I - Design specific PKI procedures for system IAW national/local policies |
|
20. I - Determine if re-certification is warranted |
|
21. I - Develop a security policy |
|
22. I - Develop access authorization processes plan |
|
23. I - Develop access control software management plan |
|
24. I - Develop access management plan |
|
25. I - Develop account management plan |
|
26. I - Develop alternatives - cold, warm, hot and mobile sites, electronic vaulting, etc |
|
27. I - Develop assessments for purpose of certifying information systems |
|
28. I - Develop asset criticality measures |
|
29. I - Develop audit policy |
|
30. I - Develop audit trails and logging policy and procedures in compliance with legal requirements |
|
31. I - Develop auditing and logging management plan |
|
32. I - Develop authentication plan |
|
33. I - Develop authentication schema |
|
34. I - Develop backups and off-site storage plan |
|
35. I - Develop biometric access management plan |
|
36. I - Develop business resumption plan |
|
37. I - Develop clearance policy |
|
38. I - Develop communications plan |
|
39. I - Develop CONOP |
|
40. I - Develop CONOP policy |
|
41. I - Develop contingency plan |
|
42. I - Develop continuity plan |
|
43. I - Develop disposition plan |
|
44. I - Develop documentation plan |
|
45. I - Develop EDP |
|
46. I - Develop education, training, and awareness plan |
|
47. I - Develop electronic monitoring policy |
|
48. I - Develop e-mail monitoring management plan |
|
49. I - Develop emergency response plan |
|
50. I - Develop ETA policy |
|
51. I - Develop fire and water protection plan |
|
52. I - Develop intrusion detection management plan |
|
53. I - Develop local policies and procedures governing password sharing |
|
54. I - Develop logistics and supplies plan |
|
55. I - Develop monitoring management plan |
|
56. I - Develop monitoring techniques and methods |
|
57. I - Develop need to understand policy |
|
58. I - Develop non-repudiation schema |
|
59. I - Develop organizational policies and procedures for password use/selection |
|
60. I - Develop personnel notification plan |
|
61. I - Develop policy and procedures for conducting a risk assessment |
|
62. I - Develop policy and procedures on use of audit trails and logging |
|
63. I - Develop policy and procedures on use of error logs/system logs |
|
64. I - Develop policy for completing and maintaining certification and accreditation |
|
65. I - Develop policy for criminal activity |
|
66. I - Develop policy for integrating protective technology |
|
67. I - Develop policy for monitoring and auditing information systems |
|
68. I - Develop policy for need-to-know controls implementation |
|
69. I - Develop policy governing intrusion detection |
|
70. I - Develop policy governing use of information systems |
|
71. I - Develop processing agreements - reciprocal, mutual, etc |
|
72. I - Develop reconstitution plan |
|
73. I - Develop recovery plan |
|
74. I - Develop recovery strategy |
|
75. I - Develop risk policy |
|
76. I - Develop roles, responsibilities, and access controls policy |
|
77. I - Develop security awareness plan and materials for information system users |
|
78. I - Develop security plan |
|
79. I - Develop security policy for account administration |
|
80. I - Develop security policy for administration of access controls |
|
81. I - Develop security training plan and materials for information system users |
|
82. I - Develop unauthorized access incident reporting plan |
|
83. I - Develop unit priorities |
|
84. I - Develop utilities plan |
|
85. I - Develop/write policy for criminal activity |
|
86. I - Direct account administration tests |
|
87. I - Direct automated security tools tests |
|
88. I - Direct C&A effort for information systems |
|
89. I - Direct C&A effort leading to Certification Statement |
|
90. I - Direct change control |
|
91. I - Direct configuration management tests |
|
92. I - Direct contracting officers to incorporate security services as required |
|
93. I - Direct efforts of Managers in accreditation process |
|
94. I - Direct efforts of SA in accreditation process |
|
95. I - Direct efforts of users in accreditation process |
|
96. I - Direct environmental control testing as required |
|
97. I - Direct filtered power testing as required |
|
98. I - Direct fire prevention testing as required |
|
99. I - Direct grounding testing as required |
|
100. I - Direct implementation of access management plan |
|
101. I - Direct implementation of e-mail monitoring management plan |
|
102. I - Direct implementation of intrusion detection management plan |
|
103. I - Direct implementation of unauthorized access incident reporting plan |
|
104. I - Direct intrusion detection be implemented |
|
105. I - Direct intrusion detection enforced |
|
106. I - Direct life cycle system security planning |
|
107. I - Direct need-to-know tests |
|
108. I - Direct network boundaries and perimeters security tests |
|
109. I - Direct network monitoring |
|
110. I - Direct network security tests |
|
111. I - Direct operation of access management plan |
|
112. I - Direct operation of e-mail monitoring management plan |
|
113. I - Direct operation of incident reporting plan |
|
114. I - Direct operation of intrusion detection management plan |
|
115. I - Direct protective technology tests |
|
116. I - Direct re-certification effort |
|
117. I - Direct risk assessment of information systems |
|
118. I - Direct risk assessment to support granting an ATO |
|
119. I - Direct risk assessment to support granting an IATO |
|
120. I - Direct SA to follow proper access control software management procedures |
|
121. I - Direct SA to follow proper access management procedures |
|
122. I - Direct SA to follow proper account management procedures |
|
123. I - Direct SA to follow proper auditing and logging management procedures |
|
124. I - Direct SA to follow proper authentication procedures |
|
125. I - Direct SA to follow proper configuration management procedures |
|
126. I - Direct SA to follow proper e-mail monitoring management procedures |
|
127. I - Direct SA to help work force with access control software management procedures |
|
128. I - Direct SA to help work force with access management procedures |
|
129. I - Direct SA to help work force with account management procedures |
|
130. I - Direct SA to help work force with authentication procedures |
|
131. I - Direct SA to help work force with configuration management procedures |
|
132. I - Direct SA to help work force with e-mail monitoring management procedures |
|
133. I - Direct SA to implement auditing and logging management procedures |
|
134. I - Direct SA to incorporate life cycle security planning as required |
|
135. I - Direct SA to incorporate system security architecture study as required |
|
136. I - Direct SA/staff to follow access control access procedures |
|
137. I - Direct SA/staff to follow access control procedures |
|
138. I - Direct SA/staff to follow appropriate laws and policies |
|
139. I - Direct SA/staff to follow appropriate laws and policies for access control software |
|
140. I - Direct SA/staff to follow appropriate laws and policies for configuration |
|
141. I - Direct SA/staff to follow appropriate laws and policies for e-mail monitoring |
|
142. I - Direct SA/staff to follow appropriate laws and policies for monitoring |
|
143. I - Direct SA/staff to follow configuration control software procedures |
|
144. I - Direct SA/staff to follow proper access control software procedures |
|
145. I - Direct SA/staff to follow proper access procedures |
|
146. I - Direct SA/staff to follow proper auditing and logging procedures |
|
147. I - Direct SA/staff to follow proper configuration procedures |
|
148. I - Direct SA/staff to follow proper e-mail monitoring procedures |
|
149. I - Direct SA/staff to follow proper intrusion detection management procedures |
|
150. I - Direct SA/staff to follow proper monitoring and auditing procedures |
|
151. I - Direct SA/staff to follow proper monitoring management procedures |
|
152. I - Direct SA/staff to follow proper monitoring procedures |
|
153. I - Direct SA/staff to help work force with monitoring management procedures |
|
154. I - Direct SA/staff to implement intrusion detection management procedures |
|
155. I - Direct SA/staff to restrict access control software to access control software system and collected information |
|
156. I - Direct SA/staff to restrict access control software to access control software functions and collected log files |
|
157. I - Direct SA/staff to restrict access to access functions and collected log files |
|
158. I - Direct SA/staff to restrict access to access system and collected information |
|
159. I - Direct SA/staff to restrict access to auditing and logging functions and collected log files |
|
160. I - Direct SA/staff to restrict access to auditing and logging system and collected information |
|
161. I - Direct SA/staff to restrict access to configuration functions and collected log files |
|
162. I - Direct SA/staff to restrict access to configuration system and collected information |
|
163. I - Direct SA/staff to restrict access to e-mail monitoring functions and collected log files |
|
164. I - Direct SA/staff to restrict access to e-mail monitoring system and collected information |
|
165. I - Direct SA/staff to restrict access to intrusion detection system and collected information |
|
166. I - Direct SA/staff to restrict access to monitoring functions and collected log files |
|
167. I - Direct SA/staff to restrict access to monitoring system and collected information |
|
168. I - Direct SA/staff to review policy and procedures for auditing and logging management |
|
169. I - Direct SA/staff to review policy and procedures for authentication |
|
170. I - Direct SA/staff to review policy and procedures for password |
|
171. I - Direct SA/staff to review relevant policy and procedures for access management |
|
172. I - Direct SA/staff to review relevant policy and procedures for access control software management |
|
173. I - Direct SA/staff to review relevant policy and procedures for account management |
|
174. I - Direct SA/staff to review relevant policy and procedures for auditing and logging management |
|
175. I - Direct SA/staff to review relevant policy and procedures for biometric access |
|
176. I - Direct SA/staff to review relevant policy and procedures for configuration management |
|
177. I - Direct SA/staff to review relevant policy and procedures for disposition of classified material |
|
178. I - Direct SA/staff to review relevant policy and procedures for e-mail monitoring management |
|
179. I - Direct SA/staff to review relevant policy and procedures for intrusion detection management |
|
180. I - Direct SA/staff to review relevant policy and procedures for monitoring |
|
181. I - Direct SA/staff to review relevant policy and procedures for passwords |
|
182. I - Direct SA/staff to review relevant policy and procedures for unauthorized access |
|
183. I - Direct SA/staff to review relevant policy and procedures for unauthorized access incident reporting |
|
184. I - Direct SA/staff to use access control software management procedures |
|
185. I - Direct SA/staff to use access management procedures |
|
186. I - Direct SA/staff to use account management |
|
187. I - Direct SA/staff to use auditing and logging management |
|
188. I - Direct SA/staff to use authentication |
|
189. I - Direct SA/staff to use biometric access management techniques |
|
190. I - Direct SA/staff to use configuration management procedures |
|
191. I - Direct SA/staff to use disposition plan |
|
192. I - Direct SA/staff to use e-mail monitoring management procedures |
|
193. I - Direct SA/staff to use incident reporting |
|
194. I - Direct SA/staff to use intrusion detection management |
|
195. I - Direct SA/staff to use monitoring management procedures |
|
196. I - Direct SA/staff to use password management |
|
197. I - Direct SA/staff to use recovery plan during recovery |
|
198. I - Direct safety testing as required |
|
199. I - Direct support of system security architecture |
|
200. I - Direct system security architecture study |
|
201. I - Direct technical certification of information systems |
|
202. I - Direct use of certification tools |
|
203. I - Direct verification and validation process as part of certification of information systems |
|
204. I - Direct writing of SSP |
|
205. I - Discuss access control models |
|
206. I - Discuss access management policies, laws and penalties with personnel |
|
207. I - Discuss access management policies, laws, and penalties with personnel |
|
208. I - Discuss account management |
|
209. I - Discuss account management policies, laws, and penalties with personnel |
|
210. I - Discuss audit collection requirements |
|
211. I - Discuss audit policy and procedures |
|
212. I - Discuss auditing reports |
|
213. I - Discuss authentication principles |
|
214. I - Discuss change controls |
|
215. I - Discuss common criteria |
|
216. I - Discuss computer network attack threat |
|
217. I - Discuss configuration CCB |
|
218. I - Discuss configuration management policies, laws and penalties with personnel |
|
219. I - Discuss consequences of security breaches |
|
220. I - Discuss current access management with necessary parties |
|
221. I - Discuss current account management with necessary parties |
|
222. I - Discuss current configuration management with necessary parties |
|
223. I - Discuss current contingency plan with necessary parties |
|
224. I - Discuss current disposition plan with necessary parties |
|
225. I - Discuss current e-mail monitoring management with necessary parties |
|
226. I - Discuss current incident reporting plan with necessary parties |
|
227. I - Discuss current intrusion detection management plans, policies, and procedures with necessary parties |
|
228. I - Discuss current monitoring management with necessary parties |
|
229. I - Discuss current reconstitution plan with necessary parties to ensure they understand their respective reconstitution roles and responsibilities. |
|
230. I - Discuss current recovery plan with necessary parties |
|
231. I - Discuss data aggregation policy |
|
232. I - Discuss defense in depth |
|
233. I - Discuss EKMS |
|
234. I - Discuss electronic monitoring |
|
235. I - Discuss e-mail monitoring management policies, laws, and penalties with personnel |
|
236. I - Discuss Evaluation Assurance Levels (EALs) |
|
237. I - Discuss importance of privacy |
|
238. I - Discuss information covered by CONOP |
|
239. I - Discuss intrusion detection management policies, laws, and penalties with personnel |
|
240. I - Discuss intrusion detection policy |
|
241. I - Discuss ITSEC/Common Criteria |
|
242. I - Discuss KMI |
|
243. I - Discuss legal liability issues |
|
244. I - Discuss methods of encryption |
|
245. I - Discuss monitoring |
|
246. I - Discuss monitoring management policies, laws, and penalties with personnel |
|
247. I - Discuss notification requirements to use entrapment techniques |
|
248. I - Discuss peer-to-peer |
|
249. I - Discuss PKI |
|
250. I - Discuss policy and procedures |
|
251. I - Discuss privacy policy |
|
252. I - Discuss problems associated with evidence collection |
|
253. I - Discuss Protection Profiles and Security Target |
|
254. I - Discuss protective technologies implementation |
|
255. I - Discuss requirements for security awareness |
|
256. I - Discuss requirements for security training |
|
257. I - Discuss security breaches |
|
258. I - Discuss security education |
|
259. I - Discuss technical surveillance vulnerabilities |
|
260. I - Discuss technical surveillance vulnerabilities policy |
|
261. I - Discuss what reporting is required for unauthorized access |
|
262. I - Enforce account administration policy |
|
263. I - Enforce alarms, signals, and reports requirements |
|
264. I - Enforce appropriate security measures for each type of media |
|
265. I - Enforce change control |
|
266. I - Enforce configuration management policy |
|
267. I - Enforce contingency plan |
|
268. I - Enforce continuity plan |
|
269. I - Enforce criminal prosecution requirements |
|
270. I - Enforce disposition of classified material & EDP |
|
271. I - Enforce evidence collection and preservation security requirements |
|
272. I - Enforce information remanence requirements |
|
273. I - Enforce intrusion detection requirements |
|
274. I - Enforce keystroke monitoring policy |
|
275. I - Enforce legal and liability security requirements |
|
276. I - Enforce media/information handling requirements |
|
277. I - Enforce need-to-know policy |
|
278. I - Enforce network boundaries and perimeters security requirements |
|
279. I - Enforce network monitoring requirements |
|
280. I - Enforce network security requirements |
|
281. I - Enforce policies and procedures |
|
282. I - Enforce policy and practices for modem security |
|
283. I - Enforce procedures governing EMSEC/TEMPEST security |
|
284. I - Enforce procedures governing FAX security |
|
285. I - Enforce procedures governing phone mail security |
|
286. I - Enforce procedures governing voice communications security |
|
287. I - Enforce procedures governing wireless communications security |
|
288. I - Enforce protective or corrective measures |
|
289. I - Enforce protective technology policy |
|
290. I - Enforce reconstitution plan |
|
291. I - Enforce requirements associated with investigations |
|
292. I - Enforce rules on evidence acceptability |
|
293. I - Enforce security clearance, authorization, and need-to-know requirements |
|
294. I - Enforce security media/information marking requirements |
|
295. I - Enforce security needs for leased lines |
|
296. I - Enforce security needs for owned lines |
|
297. I - Enforce security physical controls and accounting requirements |
|
298. I - Enforce transportation security requirements |
|
299. I - Enforce use of automated security tools |
|
300. I - Ensure Information System is installed, operated, used, maintained, and disposed of in accordance with security policy |
|
301. I - Ensure the re-accreditation of the system |
|
302. I - Evaluate significance of security breaches |
|
303. I - Evaluate vulnerability |
|
304. I - Exercise contingency plan |
|
305. I - Explain access authorization processes |
|
306. I - Explain access control requirements |
|
307. I - Explain access control software management plan |
|
308. I - Explain access management plan |
|
309. I - Explain account management plan |
|
310. I - Explain agency policy for access by uncleared individuals and vendors |
|
311. I - Explain agency policy for redeploying classified systems |
|
312. I - Explain agency/vendor cooperation/coordination policy |
|
313. I - Explain alarms, signals, and reports requirements |
|
314. I - Explain alternatives (e.g., steganography, watermarking) |
|
315. I - Explain asset inventory |
|
316. I - Explain auditing and logging management plan |
|
317. I - Explain authentication plan |
|
318. I - Explain authentication policy |
|
319. I - Explain biometric access management plan |
|
320. I - Explain business organization analysis |
|
321. I - Explain careless employee policy |
|
322. I - Explain certification and accreditation policy planning |
|
323. I - Explain certification to SA |
|
324. I - Explain certification to SSM, viz., CIO, DAA, CTO, etc. |
|
325. I - Explain change control |
|
326. I - Explain common criteria |
|
327. I - Explain COMSEC policies and their relevance to SA |
|
328. I - Explain COMSEC policies and their relevance to SSM, viz., CIO, DAA, CTO, etc. |
|
329. I - Explain COMSEC policies and their relevance to users |
|
330. I - Explain configuration management |
|
331. I - Explain configuration management plan |
|
332. I - Explain configuration management requirements |
|
333. I - Explain consequences of unapproved monitoring |
|
334. I - Explain containment/management of evidence |
|
335. I - Explain contingency plan |
|
336. I - Explain continuity plans |
|
337. I - Explain contracts, agreements, and other obligation policy |
|
338. I - Explain criminal activity preparedness planning policy |
|
339. I - Explain cryptanalytic techniques |
|
340. I - Explain cryptographic concepts |
|
341. I - Explain database security feature use policy |
|
342. I - Explain defense in depth |
|
343. I - Explain digital signatures/non-repudiation |
|
344. I - Explain disgruntled employee policy |
|
345. I - Explain disposition of classified material & EDP |
|
346. I - Explain disposition plan |
|
347. I - Explain disposition policy |
|
348. I - Explain EDP |
|
349. I - Explain EKMS |
|
350. I - Explain electronic records management |
|
351. I - Explain email security (e.g., PGP, PEM) |
|
352. I - Explain EMSEC/TEMPEST policy |
|
353. I - Explain environmental control requirements |
|
354. I - Explain evidence collection and handling |
|
355. I - Explain filtered power requirements |
|
356. I - Explain fire prevention requirements |
|
357. I - Explain generally accepted systems security principles (GASSP) |
|
358. I - Explain grounding requirements |
|
359. I - Explain how to use assistance from LEI |
|
360. I - Explain I&A |
|
361. I - Explain I&A policy |
|
362. I - Explain incident handling and response |
|
363. I - Explain internet security (e.g., SSL) |
|
364. I - Explain intrusion detection management plan |
|
365. I - Explain intrusion detection policy |
|
366. I - Explain intrusion detection problems |
|
367. I - Explain ITSEC/Common Criteria |
|
368. I - Explain key management |
|
369. I - Explain legal liability issues |
|
370. I - Explain life cycle security plan |
|
371. I - Explain message digests (e.g., MD5, SHA, HMAC) |
|
372. I - Explain monitoring |
|
373. I - Explain monitoring management plan |
|
374. I - Explain need for authentication |
|
375. I - Explain network monitoring problems |
|
376. I - Explain non-repudiation |
|
377. I - Explain NSTISSP 11 |
|
378. I - Explain organization culture |
|
379. I - Explain organization culture policy |
|
380. I - Explain organization’s culture and its affect on security of information systems |
|
381. I - Explain password management plan |
|
382. I - Explain password management/password conventions |
|
383. I - Explain peer-to-peer |
|
384. I - Explain peer-to-peer security policy |
|
385. I - Explain PKI |
|
386. I - Explain privacy policy |
|
387. I - Explain procedures to users and managers, significance of actions, and consequences for variations |
|
388. I - Explain professional ethics |
|
389. I - Explain project scope development and planning |
|
390. I - Explain Protection Profile policy |
|
391. I - Explain protective technology requirements |
|
392. I - Explain public key infrastructure (PKI) (e.g., certification authorities, etc) |
|
393. I - Explain reconstitution plan |
|
394. I - Explain reconstitution plans |
|
395. I - Explain recovery plan |
|
396. I - Explain residual risk |
|
397. I - Explain resource requirements |
|
398. I - Explain restoration |
|
399. I - Explain risk management to access control policy |
|
400. I - Explain risks associated with agency policy for access by uncleared individuals and vendors |
|
401. I - Explain risks associated with agency policy for redeploying classified systems |
|
402. I - Explain roles, responsibilities, and access controls |
|
403. I - Explain safety requirements |
|
404. I - Explain security review policy |
|
405. I - Explain social engineering policy |
|
406. I - Explain system security architecture study |
|
407. I - Explain systems interconnection policy |
|
408. I - Explain the Model for Information Assurance: An Integrated Approach (2nd |
|
409. I - Explain the Model for Information Assurance: An Integrated Approach (2nd Annual IEEE Systems, Man and Cybernetics Information Assurance Workshop, June 2002) |
|
410. I - Explain the parameters of investigations |
|
411. I - Explain the role of vendors and uncleared individuals in defense in depth |
|
412. I - Explain unauthorized access incident reporting plan |
|
413. I - Explain user roles |
|
414. I - Explain Validated Products |
|
415. I - Explain Validated Products policy |
|
416. I - Explain what constitutes an approved service |
|
417. I - Explain what constitutes approved facility |
|
418. I - Explain what constitutes approved service |
|
419. I - Explain what information is reported to which agencies and offices |
|
420. I - Identify asset criticality |
|
421. I - Identify computer network attack threats |
|
422. I - Identify requirements for intrusion detection |
|
423. I - Identify sources of technological threats: hardware, software (operating systems, applications, malicious code), firmware, networks (local area networks, wide area networks, metropolitan area networks, and direct connect) |
|
424. I - Identify standards upon which GASSP are based |
|
425. I - Identify threat from aggregation |
|
426. I - Identify threats from related disciplines |
|
427. I - Identify vulnerabilities with acquisitions |
|
428. I - Implement account management |
|
429. I - Implement audit trail and logging |
|
430. I - Implement biometrics |
|
431. I - Implement electronic monitoring policy |
|
432. I - Implement logging |
|
433. I - Implement monitoring policy |
|
434. I - Implement non-repudiation schema |
|
435. I - Integrate change control into operations |
|
436. I - Know legal rights of disgruntled employees before reporting |
|
437. I - Manage PKI Certificates |
|
438. I - Modify contingency plan reflecting changes |
|
439. I - Monitor access control software management plan training |
|
440. I - Monitor access management plan training |
|
441. I - Monitor account management plan training |
|
442. I - Monitor acquisition of approved facility |
|
443. I - Monitor acquisition of approved service |
|
444. I - Monitor auditing and logging management plan training |
|
445. I - Monitor authentication plan training |
|
446. I - Monitor biometric access management plan training |
|
447. I - Monitor changing security education requirements for information system users |
|
448. I - Monitor compliance with procedure |
|
449. I - Monitor configuration management plan training |
|
450. I - Monitor contingency plan training |
|
451. I - Monitor disposition plan training |
|
452. I - Monitor EDP training |
|
453. I - Monitor electronic records management system |
|
454. I - Monitor e-mail monitoring management plan training |
|
455. I - Monitor e-mail program |
|
456. I - Monitor incident reporting plan training |
|
457. I - Monitor intrusion detection management plan training |
|
458. I - Monitor life cycle security acquisition process |
|
459. I - Monitor life cycle security process |
|
460. I - Monitor monitoring management plan training |
|
461. I - Monitor operation of approved facility |
|
462. I - Monitor operation of approved service |
|
463. I - Monitor password management plan training |
|
464. I - Monitor reconstitution plan training |
|
465. I - Monitor records retention program |
|
466. I - Monitor recovery plan training |
|
467. I - Monitor restoration/reconstitution |
|
468. I - Monitor system security architecture acquisition process |
|
469. I - Monitor system security architecture process |
|
470. I - Monitor systems interconnection |
|
471. I - Organize accreditation process |
|
472. I - Perform security testing prior to implementation ensuring changes made to systems do not violate security policy |
|
473. I - Plan an approved service |
|
474. I - Plan backups and off-site storage |
|
475. I - Plan business resumption |
|
476. I - Plan change control |
|
477. I - Plan communications |
|
478. I - Plan documentation |
|
479. I - Plan emergency response |
|
480. I - Plan fire and water protection |
|
481. I - Plan for acquisition of an approved service |
|
482. I - Plan life cycle security |
|
483. I - Plan logistics and supplies |
|
484. I - Plan personnel notification |
|
485. I - Plan primary/backup/reconstitution utilities |
|
486. I - Prepare EKMS operating procedures for a system |
|
487. I - Prepare PKI operating procedures for a system |
|
488. I - Prepare report of non-compliance to SSM, viz., CIO, DAA, CTO, etc. |
|
489. I - Prepare testing reports |
|
490. I - Prescribe changes resulting from evaluation alarms, signals, & reports |
|
491. I - Present approved facility plan to SSM, viz., CIO, DAA, CTO, etc. |
|
492. I - Present approved service plan to SSM, viz., CIO, DAA, CTO, etc. |
|
493. I - Present authentication identification and authentication policy |
|
494. I - Present computer network attack policy |
|
495. I - Present computer network attack threat policy |
|
496. I - Present CONOP plan |
|
497. I - Present contingency plan |
|
498. I - Present continuity plan |
|
499. I - Present data aggregation policy |
|
500. I - Present disposition plan |
|
501. I - Present EMSEC/TEMPEST policy |
|
502. I - Present facility management policy |
|
503. I - Present human threat policy |
|
504. I - Present life cycle security plan to SSM, viz., CIO, DAA, CTO, etc. |
|
505. I - Present protective technologies implementation plan |
|
506. I - Present risk policy |
|
507. I - Present security requirements |
|
508. I - Present security review policy |
|
509. I - Present social engineering policy |
|
510. I - Present system security architecture study to SSM, viz., CIO, DAA, CTO, etc. |
|
511. I - Present the agency policy for access by uncleared individuals and vendors |
|
512. I - Present the agency policy for redeploying classified systems |
|
513. I - Present threat assessment policy |
|
514. I - Present vendor cooperation report |
|
515. I - Promote compliance |
|
516. I - Propose access management plan |
|
517. I - Propose changes to procedures |
|
518. I - Propose contingency plan |
|
519. I - Propose hardware asset management process |
|
520. I - Propose implementation of intrusion detection |
|
521. I - Propose methods and policies to combat introduction of malicious code into system |
|
522. I - Propose methods and policies to include in CONOP |
|
523. I - Propose methods to share files without sharing passwords |
|
524. I - Propose modifications to current policies and procedures |
|
525. I - Recommend alternatives (e.g., steganography, watermarking) |
|
526. I - Recommend approved EKMS technology |
|
527. I - Recommend approved facility configuration |
|
528. I - Recommend approved PKI technology |
|
529. I - Recommend digital signatures/non-repudiation tools |
|
530. I - Recommend email security (e.g., PGP, PEM) |
|
531. I - Recommend input to organizational ETA activities |
|
532. I - Recommend internet security (e.g., SSL) |
|
533. I - Recommend message digests (e.g., MD5, SHA, HMAC) tools |
|
534. I - Recommend modifications to the SSAA |
|
535. I - Recommend protective technologies |
|
536. I - Recommend public key infrastructure (PKI) (e.g., certification authorities, etc.) |
|
537. I - Recommend training to avoid incident |
|
538. I - Report on status of restoration of information systems |
|
539. I - Require accountability of copyrighted software in accordance with software licensing agreements |
|
540. I - Review assessments for purpose of certification of information systems |
|
541. I - Review backup policy |
|
542. I - Review reports of monitoring events |
|
543. I - Review results of execution of certification tools |
|
544. I - Review results of execution of ST&E plan and procedures |
|
545. I - Revise policy document |
|
546. I - Select vulnerabilities identified by agencies/vendors with existing cooperation/coordination |
|
547. I - Select vulnerabilities in agency policy for access by uncleared individuals and vendors |
|
548. I - Select vulnerabilities in agency policy for redeploying classified systems |
|
549. I - Specify method to exercise backup plan |
|
550. I - Specify method to exercise contingency plan |
|
551. I - Specify method to exercise continuity plan |
|
552. I - Specify method to exercise deposition plan |
|
553. I - Specify method to exercise reconstitution plan |
|
554. I - Specify method to test contingency plan |
|
555. I - Specify method to test continuity plan |
|
556. I - Specify method to test deposition plan |
|
557. I - Specify method to test reconstitution plan |
|
558. I - Submit peer-to-peer requirements |
|
559. I - Summarize account management plan |
|
560. I - Summarize asset inventory |
|
561. I - Summarize auditing and logging management plan |
|
562. I - Summarize authentication plan |
|
563. I - Summarize biometric access management plan |
|
564. I - Summarize biometrics |
|
565. I - Summarize common criteria |
|
566. I - Summarize computer network attack policy |
|
567. I - Summarize computer network attack threat policy |
|
568. I - Summarize COMSEC process |
|
569. I - Summarize contingency plan |
|
570. I - Summarize cost/benefit analysis |
|
571. I - Summarize countermeasure |
|
572. I - Summarize data aggregation policy |
|
573. I - Summarize database security feature use policy |
|
574. I - Summarize defense in depth |
|
575. I - Summarize disposition plan |
|
576. I - Summarize disposition policy |
|
577. I - Summarize EDP |
|
578. I - Summarize e-mail monitoring management plan |
|
579. I - Summarize EMSEC/TEMPEST policy |
|
580. I - Summarize facility management policy |
|
581. I - Summarize human threat policy |
|
582. I - Summarize intrusion detection management plan |
|
583. I - Summarize ITSEC/Common Criteria policy |
|
584. I - Summarize legal liability issues |
|
585. I - Summarize major elements of an approved facility |
|
586. I - Summarize major elements of an approved service |
|
587. I - Summarize major elements of life cycle security |
|
588. I - Summarize major elements of system security architecture |
|
589. I - Summarize monitoring management plan |
|
590. I - Summarize password management plan |
|
591. I - Summarize peer-to-peer security policy |
|
592. I - Summarize protective technologies implementation plan |
|
593. I - Summarize recovery plan |
|
594. I - Summarize residual risk |
|
595. I - Summarize restoration/reconstitution plan |
|
596. I - Summarize risk management policy |
|
597. I - Summarize risk profile |
|
598. I - Summarize security review policy |
|
599. I - Summarize social engineering policy |
|
600. I - Summarize systems interconnection policy |
|
601. I - Summarize technical surveillance vulnerabilities policy |
|
602. I - Summarize threat assessment policy |
|
603. I - Summarize unauthorized access incident reporting plan |
|
604. I - Summarize vendor cooperation |
|
605. I - Test/exercise continuity plans |
|
606. I - Test/exercise reconstitution plans |
|
607. I - Use analysis of intrusion indicators, when appropriate, and generate results |
|
608. I - Use appropriate EKMS system |
|
609. I - Use appropriate PKI system |
|
610. I - Use audit collection |
|
611. I - Use knowledge of threats from related disciplines |
|
612. I - Use Protection Profiles for input into vulnerability analysis |
|
613. I - Use results of electronic monitoring reports |
|
614. I - Verify that necessary parties understand access control software management plan and where it is maintained |
|
615. I - Verify that necessary parties understand access management plan and where it is maintained |
|
616. I - Verify that necessary parties understand account management plan and where it is maintained |
|
617. I - Verify that necessary parties understand auditing and logging management plan and where it is maintained |
|
618. I - Verify that necessary parties understand authentication plan and where it is maintained |
|
619. I - Verify that necessary parties understand biometric access management plan and where it is maintained |
|
620. I - Verify that necessary parties understand configuration management plan and where it is maintained |
|
621. I - Verify that necessary parties understand disposition plan and where it is maintained |
|
622. I - Verify that necessary parties understand EDP and where it is maintained |
|
623. I - Verify that necessary parties understand e-mail monitoring management plan and where it is maintained |
|
624. I - Verify that necessary parties understand intrusion detection management plan and where it is maintained |
|
625. I - Verify that necessary parties understand monitoring management plan and where it is maintained |
|
626. I - Verify that necessary parties understand password management plan and where it is maintained |
|
627. I - Verify that necessary parties understand recovery plan and where it is maintained |
|
628. I - Verify that necessary parties understand restoration/reconstitution plans and where they are maintained |
|
629. I - Verify that necessary parties understand unauthorized access incident reporting plan and where it is maintained |
|
630. I - Write local guidance |
|
631. I - Write risk assessment reports |
|
632. I - Write SSP for simple information system |
|