Do D IA Education Training Awareness Products Maryann
- Slides: 33
Do. D IA Education, Training, Awareness Products Maryann Dennehy DISA/GO 434, (703) 882 -1716 Dennehy. M@ncr. disa. mil March 2004
Agenda u Mission u Authorities u Approach u Categories of Products u New Products u Under Development u Videos u Order Products Online, POCs
MISSION
Do. D ETA Mission 1. Provide standardized Do. D-level IA products for Combatant Commands / Services/Agencies to integrate into their IA Education, Training & Awareness (ETA) programs 2. Develop products to support the Do. D-wide IA career field or professional / certification programs 1. Assist other Do. D components in developing and / or conducting IA training activities 2. Support Do. D and Federal IA ETA outreach programs (HSPD-7)
AUTHORITIES
Authorities u DOD Instruction 8500. 01 Information Assurance -Require the Director, DISA to develop and provide IA training and awareness products. u DOD Instruction 8500. 02 Information Assurance Implementation -The Director, DISA shall develop and provide IA training and awareness products, and a distributive training capability to support product delivery. u CJCSI 6510. 01 C (1 May 01, Enclosure B, Pg. B-12) -The Director, DISA will develop an IA and INFOSEC education, training, and awareness program, guidelines, computer-based training and distributive courses and products for use by other DOD components in coordination with other DOD components as required, and assist other DOD components in developing and/or conducting IA and INFOSEC training activities u IA/IT/HR/IPT (February 2000, implemented by DEPSECDEF Memo, 14 Jul 00) -DISA shall develop baseline IA training courses to meet the IA training requirements stipulated in the IPT certification documents.
Derivation of Requirements Gathered From u u u u u ASD (NII), Director, IA, DIAP IA ETA Forums, Working Groups Service HQs IA Program Offices Operators Do. D CERT Other DISA entities (e. g. , PKI) Feedback from Training Organizations Service schools Service & agency training organizations DISA/FSO trainers
Prioritization of Requirements Priorities established in coordination with u ASD(NI 2), Director IA, DIAP u DISA FSO Prioritization considerations u Certification requirements u Magnitude of need u Availability of funding u Availability of content u Availability of external funding Factors bearing on prioritization u Command decision u Rapid transition to new technology impacting existing media products u Emergence of new IA policies/concepts
APPROACH
Approach u DOD-centric with focus on commonality across organizational lines u Collaborate with other Federal agencies using their dollars to create products that support their unique training programs
CATEGORIES OF PRODUCTS
Categories of Products Personnel Certification Used by some Combatant Commands/Services/Agencies for various levels of certification for SAs, IAOs, IAMs, etc. Professionalization Intended for use by IA professionals, (SA, IAO, IAM) to build professional competence Support to Warfighter Present basic concepts to the Warfighter, and to aid the Warfighter in becoming more technically sound
Personnel Certification u Do. D Information Assurance Awareness Information Assurance Policy & Technology (IAP&T) (formerly OISS) u u Windows NT Security u UNIX Security u Cyber. Protect 1999 CINDY Silver Award; Three New Media Invision Gold Awards
Professionalization u Designated Approving Authority (DAA) u DITSCAP u SSAA Preparation Guide u Certifiers Fundamentals u Web Security u Database Security u System Admin Incident Prep & Response – UNIX System Admin Incident Prep & Response – Win NT u u System Defender Mapped 100% to NSTISSI 4015
Support to the Warfighter u Information Operations Fundamentals u Defense in Depth u Information Age Technology u Computer Network Defense u Public Key Infrastructure u IA for Auditors & Evaluators u Active Defense – An Executive’s Guide to IA u Introduction to CIRT Management
All Products u Currently available for ordering via IASE at http: //iase. disa. mil/eta u Web-deliverable u ADA Section 508 Compliant u Available at no cost u Cleared for “Open Release” by Do. D
NEW PRODUCTS
System Defender Teaches a methodology of proactive defense through practice using scenarios u Defines training gaps u Web-based only u u Easy to update u Tracks students via web server/LMS u Compatible with ADA 508 requirements. Audience includes SAs, IAOs, IAMs, Net Admins with Level 2 experience.
IA Policy & Technology (IAP&T) u Policy and technology overview in accordance with DOD guidance pertaining to the defense of information systems u Topics include: u u Information Security Overview u System Modes and Evaluation Criteria u Workstation Security u Network Security u Identifying and Reporting Incidents u Protecting Information Systems u Managing Information Systems Security Audience is IAOs, IAMs or SAs
SSAA Preparation Guide u Contains guidance on completion of the SSAA u Product is useful for preparation of an SSAA using the National Information Assurance Certification and Accreditation Process (NIACAP), NSTISSI No. 1000 u Provides overview of the DITSCAP u u Uses DITSCAP outline (Do. D 8510. 1 M) Audience is IAMs, IAOs, SAs, Auditors
Firewall and Router Basics u Introduction to the security aspects of firewalls and routers u Addresses the operation and maintenance of secure information systems and networks within a networked environment u Audience is SAs, network adminis and users working toward obtaining Level 1 SA certification u Topics include u Internetworking Overview u Firewall Fundamentals u Router Fundamentals
UNDER DEVELOPMENT
Telework u Instructs users on current Do. D policies and guidelines for utilizing the Telework program
Wireless Networking Security u Instructs users on current Do. D policies and guidelines for utilizing wireless networks
Windows 2000 System Administrator u Security as it pertains to Windows 2000, both server and workstation Shows various ways to secure Windows 2000 systems and addresses current vulnerabilities u u Addresses Gold Standard u Audience includes SAs, IAOs, IAMs, and Network Administrators u Currently in Beta Review
Cyber OPS (Net Builder) u Multi-year collaborative effort with USMA u Modular IA exercise as an academic classroom, technical training and information warfare exercise support tool u Each module increases depth and realism of exercise play, using a building block approach Net Builder (2 yrs) Players create networks using generic hardware, software, and connection tool suites within allocated resources Net Defender Uses computer-generated attack sequences to test network defenses developed by exercise players Net Assurer Explores the impact of available IA personnel (SAs, IAMs, IAOs, and DAAs) on the efficiency of system operation Net Warrior Red Team – Blue Team exercise play defending or attacking previously created, defended, and staffed networks
Cyber Law u For government lawyers who need to understand legal and policy issues, both current and emerging, associated with IA and CIP/Homeland Security u Topics include: u Basic understanding of the Internet u Basic tenets of Information Assurance u Definition of Computer Crime u Discussion of First and Fourth Amendments u Presentation of statutory considerations to be applied during investigations u Discussion of four “Lanes in the Road” pertinent to CND u References for following evolving areas of the law in cyberspace u Audience: Combatant Commands/Components SJA; Regional JAGs; IA, IO, CIP and Intel specialists; SAs, IAOs, DAAs, Red Teams, CERTs, web developers
Videos
IA Videos Compilation Series 1 u Networks at Risk (NCS) (10 min) u The Information Front Line (IC) (10 min) u Bringing Down the House (IC) (11 min) u Computer Security 101 (DOJ) (~10 min) u Computer Security: The Executive Role (DOJ) (~10 min) u Safe Data - Its Your Business (DOL) (18 min) u Think Before You Respond (USGov) (3 min) u Protect Your AIS (USGov) (6 vignettes) u Protect Your AIS -The Sequel (USGov) (30 min) u Doctor D Stroye (USGov) (7 min) u The Scarlet V (USGov) (7 min)
IA Videos Compilation Series 2 u Ears Looking at You (USGov) (8 min) u Just the Fax (USGov) (7: 51 min) u Bits and Pieces (USGov) (4: 30 min) u Magnificent Discretion (USGov) (5: 02 min) u Sherman on My Mind (USGov) u Identity Theft – Protect Yourself (USN) Understanding PKI Solar Sunrise: Dawn of a New Threat* u (NACIC, NIPC, FBI) (18 min) Risky Business* u (NACIC, FBI) (~20 min) * Government only. All others contact http: //www. nacic. gov.
ORDER INFORMATION
Order Products Online For product order form, product descriptions, and frequently asked questions/product notes: u Web: http: //iase. disa. mil/infosec Sign up for automatic e-mail notification of new products u E-mail: dodiaeta@ncr. disa. mil u Ms. Emillie Quan. E@ncr. disa. mil (703) 882 -1709 COM / 381 -1709 DSN u Ms. Maryann Dennehy. M@ncr. disa. mil (703) 882 -1716 COM / 381 -1716 DSN
Do. D IA Education, Training, Awareness Products Maryann Dennehy DISA/GO 434, (703) 882 -1716 Dennehy. M@ncr. disa. mil March 2004
- Cvs privacy awareness training answers
- Define security education
- List 5 innovative and 5 functional products
- 4ps of pepsi
- Iso 9001 presentation
- Security training and threat awareness
- Level 3 cjis security test
- Sexual abuse quiz
- Ppe awareness training
- Ppe awareness training
- Iatf 16949 awareness training
- Iso 9001 2015 awareness training
- Iso 14001 2015 awareness training
- Insider threat awareness training
- Environmental management system awareness training
- Risk management awareness training
- Mold awareness training
- Ozone hazard symbol
- Dysphagia symptoms
- Vibration awareness training
- Ergonomics awareness training for supervisors
- Ergonomics awareness training for supervisors
- Sfar 73 explained
- Mold awareness training
- Insider threat awareness training powerpoint
- Esd awareness
- Phishing
- Lgbt awareness training
- Find ergonomics awareness training
- Rf safety awareness training answers
- Bloodborne pathogens awareness training
- Phonological awareness training program
- Child protection awareness training
- Counterfeit material awareness training