Free Essay

Is4680 Lab 4

In:

Submitted By iape
Words 360
Pages 2
1) The DoD Information Assurance Certification and Accreditation Process (DIACAP) is the United States Department of Defense (DoD) process to ensure that risk management is applied on Information Systems from an enterprise view. DIACAP is a DoD-wide standard set of activities, tasks and process for the certification and accreditation of a DoD information system that will maintain the Information Assurance posture throughout the system's life cycle.

The Department of Defense Information Technology Security Certification and Accreditation Process (DITSCAP) is a process defined by the United States Department of Defense (DOD) for managing risk. DoD Instruction (DODI) 5200.40 establishes a standard DOD-wide process with a set of activities, general tasks and a management structure to certify and accredit an Automated Information System (AIS) that will maintain the Information Assurance (IA) posture of the Defense Information Infrastructure (DII) throughout the system's life cycle. DITSCAP applies to the acquisition, operation and sustainment of any DOD system that collects, stores, transmits, or processes unclassified or classified information since December 1997.

2) The Director of Central Intelligence Directive (DCID) 6/3 establishes the security policy and procedures for storing, processing, and communicating classified intelligence data in information systems. To achieve compliance with DCID 6/3, agencies must ensure that information is safeguarded at all times and that appropriate security measures are in place to ensure the confidentiality, integrity and availability of that information.

3) It’s the process for implementing any formal process. It is a systematic procedure for evaluating describing testing and authorizing systems or activities prior to or after a systems are in operation.

DISN: defense information system network
GIG: global information grid
PAA: program activity architecture
DAA: digital/analog/analog, designated approving authority
DISA: defense information systems agency

4) Is the worldwide industrial complex that enables research and development, as well as design, production, delivery, and maintenance of military weapon systems, subsystems, and components or parts, to meet U.S. military requirements

5) DIASCAP

6) It requires all individuals possessing pillaged access to a DoD information system to be properly trained and certified in the secure operation of a computer system used throughout the DoD’s global information grid.

7)

Similar Documents

Premium Essay

Research

...Unit 8 Lab 8: Auditing the Remote Access Domain for Compliance Larry Sanchez IS4680 5/12/2014 Remote Access Domain, when using this you are access resources that our outside you organizational resources to access your organizations network. A lot of this accessing of resources compromises of sensitive data. This makes it a lot more accessible to attackers or hackers due to the perimeter of the network being so far extended and the attackers or hackers could be able to find a breach in the network perimeter. Having a weak VPN that has no layers of security can and will give hackers or attackers the window of opportunity that they need to get to our network. We need to watch what kind of software that our user's are using. If our remote users are using different software than what we have at our company headquarters than there could be a possible risk. The software can be suspicious, especially if the user downloaded it from the Internet. the software in question could lead to incoming viruses and worms that can affect our network. This can create holes in the security that has been set up. Configuration settings can lead a user to let in viruses and worms also. If the remote user does know how to set up their configuration settings on their machines than anything that they send or receive can be a potential risk, threat, and vulnerability to our network. Once an employee takes their laptop home they are no longer protected by the organizations firewalls. This can...

Words: 716 - Pages: 3

Premium Essay

Test

...ITT Technical Institute IS3340 Windows Security Onsite Course SYLLABUS Credit hours: 4.5 Contact/Instructional hours: 60 (30 Theory Hours, 30 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisite: NT2580 Introduction to Information Security or equivalent Course Description: This course examines security implementations for a variety of Windows platforms and applications. Areas of study include analysis of the security architecture of Windows systems. Students will identify and examine security risks and apply tools and methods to address security issues in the Windows environment. Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program:    IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA    NT2580 NT2670  Introduction to  Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to  Security Auditing for Compliance Countermeasures Information Security Email and Web Services      NT1230 NT1330 Client-Server Client-Server  Networking I Networking II  IS3230 IS3350 NT1230 NT1330  Issues Client-Server Client-Server  SecurityContext in Legal Access Security Networking I Networking II   NT1110...

Words: 2305 - Pages: 10

Premium Essay

Audit

...Student Lab Manual © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LL NOT FOR SALE OR DISTRIBUT © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION Student Lab Manual © Jones & Bartlett Learning, LLC © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LL NOT FOR SALE OR DISTRIBUT Auditing IT Infrastructures for Compliance © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION IS4680 © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LL NOT FOR SALE OR DISTRIBUT © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett©Learning, LLC Learning, LLC, an Ascend Learning Company Bartlett Current Version Date: 11/21/2011 © Jones & Learning, LLC Copyright 2013 by Jones & Bartlett www.jblearning.com! NOT FOR SALE OR DISTRIBUTION ...

Words: 30948 - Pages: 124