NSTSSI Security Education Standards
7. Initiate protective or corrective measures a. Intrusion Deterrents E - list local and command security policies and safeguards; I - enforce security policies and safeguards; and A - develop local security policies and safeguards. (1) Alarms, Signals, & Reports I - choose balance between hardware, software, and/or procedural indicator schema; and I - use analysis of intrusion indicators, when appropriate, and generate reports. (2) Intrusion Detection E - define intrusion detection system; I - use appropriate intrusion detection system; and I - select appropriate intrusion detection deterrents. b. Network Security E - describe national level policy for a specific network; E - explain the need for security on the system and interconnected networks; and A - explore vulnerabilities of leading edge emerging technologies. (1) Lines (Fiber, Copper, Wireless) E - describe the types of lines used in networks; and E - explain appropriate security measure for each type of line. (a) Leased E - describe the security implications of leased lines; and E - identify the security needs for leased lines. (b) Owned E - describe the security implications of owned lines; and E - identify the security needs for owned lines. (2) Off-site Security I - assist in determining the off-site security requirements as they impact on the local system or network (need to ensure the other unit does not degrade yours); E - describe the meaning of off-site security; I - provide inputs to the design of any features needed to maintain security at an off-site location; I - determine the off-site security requirements as they impact on the local system or network (need to ensure the other unit does not degrade yours); and I - write status reports on off-site security to management. (3) FAX Security E - describe what is entailed by FAX security and its vulnerabilities; E - explain difference between stand-alone FAX machines and FAX boards on computers; and I - develop procedures governing FAX security. (4) Network Firewalls E - describe network firewall and its uses; E - use/make sure the firewall is used; and I - recommend appropriate firewall technology based upon network connections and vulnerabilities. (5) Switch E - describe a switch and its uses; and I - ensure protection measures are used for switches. (6) Phone Mail E - describe phone mail and its uses; and E - identify potential vulnerabilities on single lines used by many people. (7) Modems E - describe function of a modem and its uses; E - identify potential vulnerabilities with modems when shared among systems; and I - develop policy and practices regarding modem security. c. Marking of Media/Information Systems Oversight Office (ISOO) Rules E - describe the ISOO rules as published in the Federal registry and its implementation in the system; and I - develop local implementing policy. (1) Labeling E - describe the marking and release rules to users and managers. (2) Marking of Sensitive Information E - describe the policy to mark all sensitive information and how to do it. d. Environmental Controls E - identify controls that are needed; E - describe what is meant by environmental controls; list potential benefits and hazards of some; E - provide examples of controls; and I - assure controls are used and maintained. (1) Fire Prevention E - describe the requirement and identify measures in place. (2) Safety E - describe the requirement and identify measures in place. (3) Filtered Power E - describe the requirements and identify measures in place. (4) Grounding E - describe what is meant, the requirement, and identify measures in place. e. Assessments (e.g., surveys, inspections) E - assist customers on how to best use resources; I - perform surveys or inspections; I - report findings and recommendations; and A - prioritize findings and recommendations. (1) Validation Testing I - report findings and recommendations; A - defend findings among the participating components; and E - define what is meant and encompassed by validation testing. (2) Traffic Analysis E - define traffic analysis; I - summarize the information inferred from observations and provide reports; and I - use the information to our advantage and the other party's detriment. (3) Evidence Collection I - answer questions from management about potential vulnerabilities; I - assist in making recommendations on the findings based on evidence collection; E - describe what is meant by evidence collection and its importance to assessment and management; I - provide examples relating to various criminal situations in IS; and I - identify potential problems. f. Handling Media E - list national and command policies, procedures, and rules regarding media handling; E - assist users and managers in complying with rules, regulations, etc.; and I - relate current policy to new situations. (1) Remanence E - describe the phenomenon and its implication to various types of media; and E - describe the command/agency remanence program to users and managers. (2) Physical Controls & Accounting E - list policies and procedures; and E - describe the policies and procedures to users. (3) Transportation E - list policies and procedures; and E - describe the policies and procedures to users.