The following competencies are covered in the course INFO 4414, 5514 and 6614. The materials used are from a draft set of instructional materials developed by NIATEC. In addition students use Computer Security Lab Manual by V. J. Nestler, Conklin, and White by McGraw Hill. Other portions are covered using Information Assurance for the Enterprise: A Roadmap to Information Security by Schou and Shoemaker 2007.

Students should use the following table to prepare for examinations. Submit a completed form prior to each examination.  At the end of the semester, you will fill out an online form at the NIATEC site.

The successful student in INFO 4414, 5514, 6614 demonstrates entry-level competency by discussing, defining, explaining, describing, identifying or addressing the following terms via slide shows, modules, written or oral exams Student Checklist
1. Access control models  
2. Access control software management policies, laws and penalties with personnel  
3. Alarms, signals, and reports requirements  
4. Application and system vulnerabilities and threats - web-based (e.g., XML, SAML)  
5. Application and system vulnerabilities and threats - client-based (e.g., applets, Active-X)  
6. Application and system vulnerabilities and threats - server-based  
7. Application and system vulnerabilities and threats - mainframe  
8. Application and system vulnerabilities and threats - malicious code (e.g., Trojan Horses, trap doors, viruses, worms)  
9. Application environment and security controls  
10. Appropriate laws and policies for e-mail monitoring  
11. Audit trails/access logs & intrusion detection applications  
12. Auditing and logging management policies, laws, and penalties with personnel  
13. Authentication policies, laws, and penalties with personnel  
14. Badging, and smart/dumb cards  
15. Biometric access controls to facility  
16. Biometric access management policies, laws and penalties with personnel  
17. Boundary  
18. Business continuity planning (BCP)  
19. Business organization analysis  
20. CCTV requirements/capabilities  
21. Certification tools  
22. Clinger-Cohen Act  
23. Computer crime and the various methods  
24. Computer crime and various methods used to commit computer crime  
25. Computer crime laws  
26. Computer Fraud and Abuse Act  
27. Computer Security Act  
28. Continuity plans  
29. Copyright Act of 1976  
30. Copyright Law of the United States and related laws  
31. Copyright Protection and License  
32. Copyright protection and licenses  
33. Criminal prosecution requirements  
34. Current access control software management with necessary parties  
35. Current auditing and logging management with necessary parties  
36. Current authentication with necessary parties  
37. Current biometric access management with necessary parties  
38. Current emergency destruction plan (EDP) with necessary parties  
39. Current password management with necessary parties  
40. Data mining  
41. Databases and data warehousing vulnerabilities, threats and protections  
42. Disaster recovery planning (DRP) (recovery planning and strategy)  
43. Disposition of classified material & EDP  
44. Electronic Freedom of Information Act  
45. Electronic Records Management and Federal Records Act  
46. Electronic records retention program  
47. Environmental control issues  
48. Escort requirements/visitor control issues  
49. ETA as a countermeasure  
50. Evidence collection and handling  
51. Federal Information System Management Act  
52. Federal Managers Financial Integrity Act  
53. Federal Property and Administration Service Act  
54. Filtered power issues  
55. Fire detection and suppression issues/systems  
56. Fire prevention issues  
57. Firewalls  
58. Freedom of Information Act  
59. Goals, mission, and objectives of the organization(s)  
60. Good passwords/password conventions  
61. Government Information Security Reform Act  
62. Government Paperwork Elimination Act  
63. Government Paperwork Elimination Act/Paperwork Reduction Act  
64. Grounding issues  
65. How the security architecture is affected by assurance and confidence  
66. How the security architecture is affected by countermeasures  
67. How the security architecture is affected by covert channels  
68. How the security architecture is affected by emanations  
69. How the security architecture is affected by maintenance hooks and privileged programs  
70. How the security architecture is affected by resource misuse prevention  
71. How the security architecture is affected by states attacks (e.g., time of check/time of use)  
72. How the security architecture is affected by timing attacks  
73. Implications of the Privacy Act  
74. Import/export laws  
75. Incident handling and response  
76. Inference  
77. Information systems security laws  
78. Intellectual properties laws  
79. International legal issues which can affect Information Assurance  
80. Intrusion detection problems  
81. Intrusion detection system (e.g., firewalls, motion detectors, sensors, alarms) requirements/capabilities  
82. Keys and locks requirements/capabilities  
83. Legal responsibilities of the SSM, viz., CIO, DAA, CTO, etc.  
84. Liability laws  
85. Licensing laws  
86. Millennium Copyright Act  
87. National Archives and Records Act  
88. National Information Assurance Program (NIAP) Validated Products List  
89. Natural disaster impacts on system  
90. Network monitoring problems  
91. Object reuse  
92. Password management policies, laws, and penalties with personnel  
93. Perimeter and building grounds protection issues/systems  
94. Polyinstantiation  
95. Power and HVAC considerations  
96. Privacy Act issues  
97. Privacy Act/Privacy Act issues  
98. Project scope development and planning  
99. Reconstitution plans  
100. Requirements of Computer Security Act  
101. Resource requirements  
102. Restricted areas/work areas security requirements  
103. Risk management concepts  
104. Safety issues  
105. Security guard requirements  
106. Security implications posed by portable devices and components  
107. Site selection and facility design configuration considerations  
108. ST&E  
109. ST&E plan and procedures  
110. The components of information systems evaluation models  
111. The concepts of availability, integrity, confidentiality, authentication, and non-repudiation  
112. The constituent components of the certification and accreditation process  
113. The legal responsibilities of the SSM, viz., CIO, DAA, CTO, etc.  
114. The parameters of investigations  
115. The theoretical concepts of security models – commercial systems models  
116. The theoretical concepts of security models – confidentiality models (e.g., Bell & LaPadula)  
117. The theoretical concepts of security models – information flow models  
118. The theoretical concepts of security models – integrity models (e.g., Biba, Clark and Wilson)  
119. Trans-border data flow laws  
120. Turnstiles and mantraps requirements  
121. Unauthorized access attempts  
122. Unauthorized access policies, laws, and penalties with personnel  
123. USA Patriot Act  
124. User roles  
125. Water, leakage, flooding impact to system  
126. Account management  
127. Advocacy  
128. Aggregation  
129. An approved facility  
130. An approved service  
131. Asset criticality  
132. Attack analysis  
133. Authentication  
134. Backup reports  
135. Biometrics  
136. Certification and accreditation  
137. Concept of Operations (CONOP)  
138. Configuration Control Board (CCB)  
139. Configuration management  
140. Contingency plan reporting  
141. Contingency plans  
142. Continuity plan  
143. Continuity plan reporting  
144. Contracts, agreements, and other obligation policy  
145. Cost/benefit analysis  
146. Countermeasures  
147. Criticality  
148. Cryptanalytic techniques  
149. Cryptographic concepts  
150. Culture and ethics policy  
151. Digital signatures/non-repudiation  
152. Disposition of classified material  
153. Disposition reports  
154. EDP reports  
155. EKMS  
156. Electronic monitoring  
157. Electronic records management program and tools  
158. Identification and authentication (I&A)  
159. Information valuation  
160. Intrusion detection  
161. Intrusion detections  
162. Key management  
163. Keystroke monitoring  
164. Keystroke monitoring requirements for policy and procedures  
165. KMI  
166. Lattice model  
167. Life cycle security  
168. Malicious code  
169. Message digests (e.g., MD5, SHA, HMAC)  
170. Methods of encryption  
171. Monitoring  
172. Information Assurance Program (NIAP) Validated Products List  
173. Need to understand policy  
174. Need-to-know  
175. Non-repudiation  
176. Peer-to-peer  
177. Peer-to-peer security  
178. Policy for user roles  
179. Protection Profiles  
180. Protective technology  
181. Public Key Infrastructure (PKI)  
182. Reconstitution reporting  
183. Required audit features  
184. Requirements for error logs/system logs  
185. Residual risk  
186. Restoration reports  
187. Risk (threat and vulnerability pairs together with significance)  
188. Risk acceptance  
189. Risk assessment  
190. Risk management policy  
191. Roles, responsibilities, and organization (e.g., separation of duties)  
192. Security awareness for information system users  
193. Security breaches  
194. Security training for information system users  
195. Social engineering threats  
196. System security architecture  
197. Technological threats  
198. Threats from careless/disgruntled employees  
199. Unauthorized access  
200. Underlying rules for electronic records management program  
201. Underlying rules for electronic records retention program  
202. Vulnerabilities  
203. Who has responsibility for accountability  
204. Advocacy role  
205. Agency policy for access by uncleared individuals and vendors to the SA and SSM viz., CIO, DAA, CTO, etc.  
206. Approval to operate  
207. Attack  
208. Attack root exploits  
209. Backdoor routines  
210. Business aspects of information security  
211. C&A process for information system  
212. Common Criteria (CC)  
213. Computer network attack  
214. Consequences of unapproved monitoring  
215. Contents of SSAA  
216. Contents of Systems Security Plan (SSP)  
217. Cooperation concerns to vendors  
218. Cooperation concerns with vendors to SSM, viz., CIO, DAA, CTO, etc.  
219. Criminal activity preparedness planning policy  
220. Criminal prosecution  
221. Denial-of-service (DOS) attacks  
222. Disposition of classified media policies and procedures  
223. E-mail monitoring management with SA/staff  
224. Emergency destruction policy (EDP) to those who execute plans  
225. Other sources of information can assist ISSO in providing additional information for reporting security status of information systems  
226. How to report audit assessments  
227. Industrial security  
228. Information Technology Security Evaluation Criteria (ITSEC)  
229. INFOWAR concepts  
230. Intellectual property rights  
231. Interim approval to operate  
232. International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 17799  
233. Investigative authorities  
234. Law enforcement interfaces  
235. Life cycle security planning  
236. Life cycle system security planning  
237. National key escrow policies and procedures  
238. Necessity of reporting on administrative security policies and practices  
239. Need for account management  
240. Need for system certification  
241. Operating security features  
242. Purpose and contents of Approval to Operate (ATO) to users  
243. Purpose and contents of Certification Statement to users  
244. Purpose and contents of Interim Approval to Operate (IATO) to users  
245. Purpose and process of re-certification  
246. Remote explorer attack  
247. Reporting audit alarms and signals  
248. Risk management  
249. Security services to contracting officers  
250. Security-relevant changes to be made to information system  
251. Session hijacking tools  
252. Software licensing  
253. Software piracy  
254. SSAA  
255. Standards of conduct  
256. Systems Security Plan (SSP)  
257. The maintenance of audit records  
258. The Model for Information Assurance: An Integrated Approach (2nd Annual IEEE Systems, Man and Cybernetics Information Assurance Workshop, June 2002)  
259. To users and managers what COMSEC process is and how COMSEC process is relevant to them  
260. User access policy  
261. User access requirements  
262. Waive Policy to Continue Operation  
263. Dialer/THC-scan attacks  
264. War dialers  
265. Accounting process for hardware, software, and information  
266. Adversarial threat  
267. Agency policy for access by uncleared individuals and vendors  
268. Agency policy for redeploying classified systems  
269. Agency policy for redeploying classified systems to the SA and SSM viz., CIO, DAA, CTO, etc.  
270. Agency/vendor cooperation/coordination  
271. Areas encompassed by report  
272. Audit collection requirements  
273. Basic/generic management issues  
274. Configuration management reporting requirements  
275. Effect of records retention system  
276. E-mail retention policies as they apply to system  
277. E-mail system and its potential vulnerabilities  
278. E-mail system/e-mail system security  
279. Hardware asset management program  
280. Hardware asset management program and how it applies and is used on the system  
281. How agency specific policies enhance overall security posture of information systems by defining operational environment  
282. How countermeasures can mitigate risk  
283. How effective security policies and procedures can reduce threats to information systems  
284. How espionage (industrial/international) can impact security of information systems  
285. How ISSO interfaces with law enforcement agencies  
286. How people can threaten system’s security, i.e., intentional and unintentional  
287. How security reviews can be used to identify threats to information systems  
288. How to choose appropriate passwords, and how/why to protect them  
289. How to contact law enforcement interfaces (LEI)  
290. How various types of testing are reported  
291. Malicious code and outline various types of malicious code  
292. Non-repudiation and its application to system  
293. Organization culture  
294. Policy for audit  
295. Process of investigating security incident  
296. Process of responding and reporting of security incidents  
297. Process to report insufficient passwords  
298. Process to report unauthorized accounts  
299. Proper procedures to follow when conducting a witness interview  
300. Risk assessment process  
301. Software asset management program  
302. Software asset management program and how it applies and is used on the system  
303. Software asset management program and how it applies/is used on system with emphasis on license and copyright issues, and cross reference to ethics  
304. Techniques for protection from malicious code to users, and provide examples (real and theoretical)  
305. The effect of electronic records management on the system  
306. Threat from electronic emanations  
307. Threat from natural sources (fire, flood, earthquake, etc)  
308. Three states of information  
309. To users and managers what EKMS is, and how/why it is used  
310. To users and managers what key escrow is, and how/why it is used  
311. To users and managers what key management is, and how/why EKMS is used  
312. To users and managers what key management is, and how/why PKI is used  
313. To users and managers what PKI is, and how/why it is used  
314. Types of environmental control (air conditioning, filtered power, etc.) threats  
315. Types of intentional human threats to system  
316. Types of unintentional human threats to system  
317. Vulnerability analysis  
318. Access control attacks (brute force, dictionary, spoofing, denial of service, etc.)  
319. Agencies and offices responsible for investigating security incidents  
320. Appropriate EMSEC/TEMPEST authorities  
321. Appropriate reporting channels for IG  
322. Assets  
323. Audit and log tools  
324. Basic management issues and their impact on information systems security program  
325. Components of EKMS as it applies to system  
326. Components of PKI as it applies to system  
327. COMSEC  
328. Configuration management requirements  
329. Contracts, agreements, and other obligations  
330. Countermeasures to deter/mitigate attack threats (e.g.; malicious code, flooding, spamming)  
331. Data owner  
332. Database structure  
333. EKMS requirements  
334. Error and system tools  
335. Information system that needs re-certification  
336. Investigating authorities  
337. Items for which plans must be developed  
338. Legal liability issues  
339. Notification requirements for handling disgruntled employees  
340. Organizational/agency systems emergency/incident response team  
341. Peer-to-peer requirements  
342. PKI requirements  
343. Potential monitoring problems  
344. Process for evaluating threat  
345. Protective technologies  
346. Protective technology requirements  
347. Related disciplines that should contribute to risk analysis  
348. Security policy-making bodies  
349. System owner  
350. Systems interconnection  
351. Technical surveillance vulnerabilities  
352. Use for COMSEC material on system  
353. Who can conduct interrogations (investigative agencies only)  
354. Access control software management with SA/staff  
355. Access management with SA/staff  
356. Account management with SA/staff  
357. Auditing and logging management with SA/staff  
358. Authentication with SA/staff  
359. Biometric access management with SA/staff  
360. Configuration management with SA/staff  
361. Disposition procedures with system administrator SA/staff  
362. Intrusion detection management with SA/staff  
363. Monitoring management with SA/staff  
364. Password management with SA/staff  
365. Questions from users about due care  
366. Recovery procedures with SA/staff  
367. SA/staff about legal access restrictions  
368. SA/staff about legal configuration restrictions  
369. SA/staff about legal e-mail monitoring restrictions  
370. SA/staff about legal monitoring restrictions  
371. SA/staff about monitoring and auditing intrusion detection policies  
372. System security architecture study  
373. Unauthorized access incident reporting with SA/staff  
374. Work force about access control software management procedures  
375. Work force about access management procedures  
376. Work force about account management procedures  
377. Work force about authentication procedures  
378. Work force about configuration management procedures  
379. Work force about intrusion detection management procedures  
380. Work force about monitoring management procedures  
381. Work force auditing and logging management procedures  
382. Work force authentication procedures  
383. Defense in depth methods  
384. CCTV requirements/capabilities  
385. Input to contingency plan  
386. Security policy for backup procedures  
387. Topics for inclusion into education, training and awareness plan  
388. AT&E is a countermeasure  
389. Employees to seek education in IA as a countermeasure  
390. Non-automated data remanence tools  
391. Agency specific/local directives when reporting to SSM, viz., CIO, DAA, CTO, etc.  
392. System status post accreditation  
393. Justification for waiver  
The successful student in CIS 4414, 5514, 6614 demonstrates intermediate-level competency by directing, explaining, developing, discussing, summarizing, enforcing, monitoring, presenting, verifying, planning, recommending, proposing, specifying, identifying, implementing, using, reviewing, describing, preparing, conducting, demonstrating, selecting, or writing the following concepts in case study workshops and hands-on exercises. Student Checklist
1. I - Analyze the constituent components of the certification and accreditation process  
2. I - Assess effectiveness of contingency plan  
3. I - Assist in evidence collection  
4. I - Assist users and managers with reporting  
5. I - Compile information from various sources for compilation into status report  
6. I - Comply with agency specific security policies when reporting security status to SSM, viz., CIO, DAA, CTO, etc.  
7. I - Conduct business impact analysis  
8. I - Conduct cost/benefit analysis procedures  
9. I - Conduct/perform vulnerability analysis  
10. I - Coordinate risk assessment process  
11. I - Demonstrate compliance with certification plan  
12. I - Demonstrate how to use NIAP Validated Products  
13. I - Demonstrate professional ethics  
14. I - Describe cost of the system life cycle and security  
15. I - Describe EKMS methodology  
16. I - Describe PKI methodology  
17. I - Describe risk acceptance process  
18. I - Design specific EKMS procedures for system in line with policies  
19. I - Design specific PKI procedures for system IAW national/local policies  
20. I - Determine if re-certification is warranted  
21. I - Develop a security policy  
22. I - Develop access authorization processes plan  
23. I - Develop access control software management plan  
24. I - Develop access management plan  
25. I - Develop account management plan  
26. I - Develop alternatives - cold, warm, hot and mobile sites, electronic vaulting, etc  
27. I - Develop assessments for purpose of certifying information systems  
28. I - Develop asset criticality measures  
29. I - Develop audit policy  
30. I - Develop audit trails and logging policy and procedures in compliance with legal requirements  
31. I - Develop auditing and logging management plan  
32. I - Develop authentication plan  
33. I - Develop authentication schema  
34. I - Develop backups and off-site storage plan  
35. I - Develop biometric access management plan  
36. I - Develop business resumption plan  
37. I - Develop clearance policy  
38. I - Develop communications plan  
39. I - Develop CONOP  
40. I - Develop CONOP policy  
41. I - Develop contingency plan  
42. I - Develop continuity plan  
43. I - Develop disposition plan  
44. I - Develop documentation plan  
45. I - Develop EDP  
46. I - Develop education, training, and awareness plan  
47. I - Develop electronic monitoring policy  
48. I - Develop e-mail monitoring management plan  
49. I - Develop emergency response plan  
50. I - Develop ETA policy  
51. I - Develop fire and water protection plan  
52. I - Develop intrusion detection management plan  
53. I - Develop local policies and procedures governing password sharing  
54. I - Develop logistics and supplies plan  
55. I - Develop monitoring management plan  
56. I - Develop monitoring techniques and methods  
57. I - Develop need to understand policy  
58. I - Develop non-repudiation schema  
59. I - Develop organizational policies and procedures for password use/selection  
60. I - Develop personnel notification plan  
61. I - Develop policy and procedures for conducting a risk assessment  
62. I - Develop policy and procedures on use of audit trails and logging  
63. I - Develop policy and procedures on use of error logs/system logs  
64. I - Develop policy for completing and maintaining certification and accreditation  
65. I - Develop policy for criminal activity  
66. I - Develop policy for integrating protective technology  
67. I - Develop policy for monitoring and auditing information systems  
68. I - Develop policy for need-to-know controls implementation  
69. I - Develop policy governing intrusion detection  
70. I - Develop policy governing use of information systems  
71. I - Develop processing agreements - reciprocal, mutual, etc  
72. I - Develop reconstitution plan  
73. I - Develop recovery plan  
74. I - Develop recovery strategy  
75. I - Develop risk policy  
76. I - Develop roles, responsibilities, and access controls policy  
77. I - Develop security awareness plan and materials for information system users  
78. I - Develop security plan  
79. I - Develop security policy for account administration  
80. I - Develop security policy for administration of access controls  
81. I - Develop security training plan and materials for information system users  
82. I - Develop unauthorized access incident reporting plan  
83. I - Develop unit priorities  
84. I - Develop utilities plan  
85. I - Develop/write policy for criminal activity  
86. I - Direct account administration tests  
87. I - Direct automated security tools tests  
88. I - Direct C&A effort for information systems  
89. I - Direct C&A effort leading to Certification Statement  
90. I - Direct change control  
91. I - Direct configuration management tests  
92. I - Direct contracting officers to incorporate security services as required  
93. I - Direct efforts of Managers in accreditation process  
94. I - Direct efforts of SA in accreditation process  
95. I - Direct efforts of users in accreditation process  
96. I - Direct environmental control testing as required  
97. I - Direct filtered power testing as required  
98. I - Direct fire prevention testing as required  
99. I - Direct grounding testing as required  
100. I - Direct implementation of access management plan  
101. I - Direct implementation of e-mail monitoring management plan  
102. I - Direct implementation of intrusion detection management plan  
103. I - Direct implementation of unauthorized access incident reporting plan  
104. I - Direct intrusion detection be implemented  
105. I - Direct intrusion detection enforced  
106. I - Direct life cycle system security planning  
107. I - Direct need-to-know tests  
108. I - Direct network boundaries and perimeters security tests  
109. I - Direct network monitoring  
110. I - Direct network security tests  
111. I - Direct operation of access management plan  
112. I - Direct operation of e-mail monitoring management plan  
113. I - Direct operation of incident reporting plan  
114. I - Direct operation of intrusion detection management plan  
115. I - Direct protective technology tests  
116. I - Direct re-certification effort  
117. I - Direct risk assessment of information systems  
118. I - Direct risk assessment to support granting an ATO  
119. I - Direct risk assessment to support granting an IATO  
120. I - Direct SA to follow proper access control software management procedures  
121. I - Direct SA to follow proper access management procedures  
122. I - Direct SA to follow proper account management procedures  
123. I - Direct SA to follow proper auditing and logging management procedures  
124. I - Direct SA to follow proper authentication procedures  
125. I - Direct SA to follow proper configuration management procedures  
126. I - Direct SA to follow proper e-mail monitoring management procedures  
127. I - Direct SA to help work force with access control software management procedures  
128. I - Direct SA to help work force with access management procedures  
129. I - Direct SA to help work force with account management procedures  
130. I - Direct SA to help work force with authentication procedures  
131. I - Direct SA to help work force with configuration management procedures  
132. I - Direct SA to help work force with e-mail monitoring management procedures  
133. I - Direct SA to implement auditing and logging management procedures  
134. I - Direct SA to incorporate life cycle security planning as required  
135. I - Direct SA to incorporate system security architecture study as required  
136. I - Direct SA/staff to follow access control access procedures  
137. I - Direct SA/staff to follow access control procedures  
138. I - Direct SA/staff to follow appropriate laws and policies  
139. I - Direct SA/staff to follow appropriate laws and policies for access control software  
140. I - Direct SA/staff to follow appropriate laws and policies for configuration  
141. I - Direct SA/staff to follow appropriate laws and policies for e-mail monitoring  
142. I - Direct SA/staff to follow appropriate laws and policies for monitoring  
143. I - Direct SA/staff to follow configuration control software procedures  
144. I - Direct SA/staff to follow proper access control software procedures  
145. I - Direct SA/staff to follow proper access procedures  
146. I - Direct SA/staff to follow proper auditing and logging procedures  
147. I - Direct SA/staff to follow proper configuration procedures  
148. I - Direct SA/staff to follow proper e-mail monitoring procedures  
149. I - Direct SA/staff to follow proper intrusion detection management procedures  
150. I - Direct SA/staff to follow proper monitoring and auditing procedures  
151. I - Direct SA/staff to follow proper monitoring management procedures  
152. I - Direct SA/staff to follow proper monitoring procedures  
153. I - Direct SA/staff to help work force with monitoring management procedures  
154. I - Direct SA/staff to implement intrusion detection management procedures  
155. I - Direct SA/staff to restrict access control software to access control software system and collected information  
156. I - Direct SA/staff to restrict access control software to access control software functions and collected log files  
157. I - Direct SA/staff to restrict access to access functions and collected log files  
158. I - Direct SA/staff to restrict access to access system and collected information  
159. I - Direct SA/staff to restrict access to auditing and logging functions and collected log files  
160. I - Direct SA/staff to restrict access to auditing and logging system and collected information  
161. I - Direct SA/staff to restrict access to configuration functions and collected log files  
162. I - Direct SA/staff to restrict access to configuration system and collected information  
163. I - Direct SA/staff to restrict access to e-mail monitoring functions and collected log files  
164. I - Direct SA/staff to restrict access to e-mail monitoring system and collected information  
165. I - Direct SA/staff to restrict access to intrusion detection system and collected information  
166. I - Direct SA/staff to restrict access to monitoring functions and collected log files  
167. I - Direct SA/staff to restrict access to monitoring system and collected information  
168. I - Direct SA/staff to review policy and procedures for auditing and logging management  
169. I - Direct SA/staff to review policy and procedures for authentication  
170. I - Direct SA/staff to review policy and procedures for password  
171. I - Direct SA/staff to review relevant policy and procedures for access management  
172. I - Direct SA/staff to review relevant policy and procedures for access control software management  
173. I - Direct SA/staff to review relevant policy and procedures for account management  
174. I - Direct SA/staff to review relevant policy and procedures for auditing and logging management  
175. I - Direct SA/staff to review relevant policy and procedures for biometric access  
176. I - Direct SA/staff to review relevant policy and procedures for configuration management  
177. I - Direct SA/staff to review relevant policy and procedures for disposition of classified material  
178. I - Direct SA/staff to review relevant policy and procedures for e-mail monitoring management  
179. I - Direct SA/staff to review relevant policy and procedures for intrusion detection management  
180. I - Direct SA/staff to review relevant policy and procedures for monitoring  
181. I - Direct SA/staff to review relevant policy and procedures for passwords  
182. I - Direct SA/staff to review relevant policy and procedures for unauthorized access  
183. I - Direct SA/staff to review relevant policy and procedures for unauthorized access incident reporting  
184. I - Direct SA/staff to use access control software management procedures  
185. I - Direct SA/staff to use access management procedures  
186. I - Direct SA/staff to use account management  
187. I - Direct SA/staff to use auditing and logging management  
188. I - Direct SA/staff to use authentication  
189. I - Direct SA/staff to use biometric access management techniques  
190. I - Direct SA/staff to use configuration management procedures  
191. I - Direct SA/staff to use disposition plan  
192. I - Direct SA/staff to use e-mail monitoring management procedures  
193. I - Direct SA/staff to use incident reporting  
194. I - Direct SA/staff to use intrusion detection management  
195. I - Direct SA/staff to use monitoring management procedures  
196. I - Direct SA/staff to use password management  
197. I - Direct SA/staff to use recovery plan during recovery  
198. I - Direct safety testing as required  
199. I - Direct support of system security architecture  
200. I - Direct system security architecture study  
201. I - Direct technical certification of information systems  
202. I - Direct use of certification tools  
203. I - Direct verification and validation process as part of certification of information systems  
204. I - Direct writing of SSP  
205. I - Discuss access control models  
206. I - Discuss access management policies, laws and penalties with personnel  
207. I - Discuss access management policies, laws, and penalties with personnel  
208. I - Discuss account management  
209. I - Discuss account management policies, laws, and penalties with personnel  
210. I - Discuss audit collection requirements  
211. I - Discuss audit policy and procedures  
212. I - Discuss auditing reports  
213. I - Discuss authentication principles  
214. I - Discuss change controls  
215. I - Discuss common criteria  
216. I - Discuss computer network attack threat  
217. I - Discuss configuration CCB  
218. I - Discuss configuration management policies, laws and penalties with personnel  
219. I - Discuss consequences of security breaches  
220. I - Discuss current access management with necessary parties  
221. I - Discuss current account management with necessary parties  
222. I - Discuss current configuration management with necessary parties  
223. I - Discuss current contingency plan with necessary parties  
224. I - Discuss current disposition plan with necessary parties  
225. I - Discuss current e-mail monitoring management with necessary parties  
226. I - Discuss current incident reporting plan with necessary parties  
227. I - Discuss current intrusion detection management plans, policies, and procedures with necessary parties  
228. I - Discuss current monitoring management with necessary parties  
229. I - Discuss current reconstitution plan with necessary parties to ensure they understand their respective reconstitution roles and responsibilities.  
230. I - Discuss current recovery plan with necessary parties  
231. I - Discuss data aggregation policy  
232. I - Discuss defense in depth  
233. I - Discuss EKMS  
234. I - Discuss electronic monitoring  
235. I - Discuss e-mail monitoring management policies, laws, and penalties with personnel  
236. I - Discuss Evaluation Assurance Levels (EALs)  
237. I - Discuss importance of privacy  
238. I - Discuss information covered by CONOP  
239. I - Discuss intrusion detection management policies, laws, and penalties with personnel  
240. I - Discuss intrusion detection policy  
241. I - Discuss ITSEC/Common Criteria  
242. I - Discuss KMI  
243. I - Discuss legal liability issues  
244. I - Discuss methods of encryption  
245. I - Discuss monitoring  
246. I - Discuss monitoring management policies, laws, and penalties with personnel  
247. I - Discuss notification requirements to use entrapment techniques  
248. I - Discuss peer-to-peer  
249. I - Discuss PKI  
250. I - Discuss policy and procedures  
251. I - Discuss privacy policy  
252. I - Discuss problems associated with evidence collection  
253. I - Discuss Protection Profiles and Security Target  
254. I - Discuss protective technologies implementation  
255. I - Discuss requirements for security awareness  
256. I - Discuss requirements for security training  
257. I - Discuss security breaches  
258. I - Discuss security education  
259. I - Discuss technical surveillance vulnerabilities  
260. I - Discuss technical surveillance vulnerabilities policy  
261. I - Discuss what reporting is required for unauthorized access  
262. I - Enforce account administration policy  
263. I - Enforce alarms, signals, and reports requirements  
264. I - Enforce appropriate security measures for each type of media  
265. I - Enforce change control  
266. I - Enforce configuration management policy  
267. I - Enforce contingency plan  
268. I - Enforce continuity plan  
269. I - Enforce criminal prosecution requirements  
270. I - Enforce disposition of classified material & EDP  
271. I - Enforce evidence collection and preservation security requirements  
272. I - Enforce information remanence requirements  
273. I - Enforce intrusion detection requirements  
274. I - Enforce keystroke monitoring policy  
275. I - Enforce legal and liability security requirements  
276. I - Enforce media/information handling requirements  
277. I - Enforce need-to-know policy  
278. I - Enforce network boundaries and perimeters security requirements  
279. I - Enforce network monitoring requirements  
280. I - Enforce network security requirements  
281. I - Enforce policies and procedures  
282. I - Enforce policy and practices for modem security  
283. I - Enforce procedures governing EMSEC/TEMPEST security  
284. I - Enforce procedures governing FAX security  
285. I - Enforce procedures governing phone mail security  
286. I - Enforce procedures governing voice communications security  
287. I - Enforce procedures governing wireless communications security  
288. I - Enforce protective or corrective measures  
289. I - Enforce protective technology policy  
290. I - Enforce reconstitution plan  
291. I - Enforce requirements associated with investigations  
292. I - Enforce rules on evidence acceptability  
293. I - Enforce security clearance, authorization, and need-to-know requirements  
294. I - Enforce security media/information marking requirements  
295. I - Enforce security needs for leased lines  
296. I - Enforce security needs for owned lines  
297. I - Enforce security physical controls and accounting requirements  
298. I - Enforce transportation security requirements  
299. I - Enforce use of automated security tools  
300. I - Ensure Information System is installed, operated, used, maintained, and disposed of in accordance with security policy  
301. I - Ensure the re-accreditation of the system  
302. I - Evaluate significance of security breaches  
303. I - Evaluate vulnerability  
304. I - Exercise contingency plan  
305. I - Explain access authorization processes  
306. I - Explain access control requirements  
307. I - Explain access control software management plan  
308. I - Explain access management plan  
309. I - Explain account management plan  
310. I - Explain agency policy for access by uncleared individuals and vendors  
311. I - Explain agency policy for redeploying classified systems  
312. I - Explain agency/vendor cooperation/coordination policy  
313. I - Explain alarms, signals, and reports requirements  
314. I - Explain alternatives (e.g., steganography, watermarking)  
315. I - Explain asset inventory  
316. I - Explain auditing and logging management plan  
317. I - Explain authentication plan  
318. I - Explain authentication policy  
319. I - Explain biometric access management plan  
320. I - Explain business organization analysis  
321. I - Explain careless employee policy  
322. I - Explain certification and accreditation policy planning  
323. I - Explain certification to SA  
324. I - Explain certification to SSM, viz., CIO, DAA, CTO, etc.  
325. I - Explain change control  
326. I - Explain common criteria  
327. I - Explain COMSEC policies and their relevance to SA  
328. I - Explain COMSEC policies and their relevance to SSM, viz., CIO, DAA, CTO, etc.  
329. I - Explain COMSEC policies and their relevance to users  
330. I - Explain configuration management  
331. I - Explain configuration management plan  
332. I - Explain configuration management requirements  
333. I - Explain consequences of unapproved monitoring  
334. I - Explain containment/management of evidence  
335. I - Explain contingency plan  
336. I - Explain continuity plans  
337. I - Explain contracts, agreements, and other obligation policy  
338. I - Explain criminal activity preparedness planning policy  
339. I - Explain cryptanalytic techniques  
340. I - Explain cryptographic concepts  
341. I - Explain database security feature use policy  
342. I - Explain defense in depth  
343. I - Explain digital signatures/non-repudiation  
344. I - Explain disgruntled employee policy  
345. I - Explain disposition of classified material & EDP  
346. I - Explain disposition plan  
347. I - Explain disposition policy  
348. I - Explain EDP  
349. I - Explain EKMS  
350. I - Explain electronic records management  
351. I - Explain email security (e.g., PGP, PEM)  
352. I - Explain EMSEC/TEMPEST policy  
353. I - Explain environmental control requirements  
354. I - Explain evidence collection and handling  
355. I - Explain filtered power requirements  
356. I - Explain fire prevention requirements  
357. I - Explain generally accepted systems security principles (GASSP)  
358. I - Explain grounding requirements  
359. I - Explain how to use assistance from LEI  
360. I - Explain I&A  
361. I - Explain I&A policy  
362. I - Explain incident handling and response  
363. I - Explain internet security (e.g., SSL)  
364. I - Explain intrusion detection management plan  
365. I - Explain intrusion detection policy  
366. I - Explain intrusion detection problems  
367. I - Explain ITSEC/Common Criteria  
368. I - Explain key management  
369. I - Explain legal liability issues  
370. I - Explain life cycle security plan  
371. I - Explain message digests (e.g., MD5, SHA, HMAC)  
372. I - Explain monitoring  
373. I - Explain monitoring management plan  
374. I - Explain need for authentication  
375. I - Explain network monitoring problems  
376. I - Explain non-repudiation  
377. I - Explain NSTISSP 11  
378. I - Explain organization culture  
379. I - Explain organization culture policy  
380. I - Explain organization’s culture and its affect on security of information systems  
381. I - Explain password management plan  
382. I - Explain password management/password conventions  
383. I - Explain peer-to-peer  
384. I - Explain peer-to-peer security policy  
385. I - Explain PKI  
386. I - Explain privacy policy  
387. I - Explain procedures to users and managers, significance of actions, and consequences for variations  
388. I - Explain professional ethics  
389. I - Explain project scope development and planning  
390. I - Explain Protection Profile policy  
391. I - Explain protective technology requirements  
392. I - Explain public key infrastructure (PKI) (e.g., certification authorities, etc)  
393. I - Explain reconstitution plan  
394. I - Explain reconstitution plans  
395. I - Explain recovery plan  
396. I - Explain residual risk  
397. I - Explain resource requirements  
398. I - Explain restoration  
399. I - Explain risk management to access control policy  
400. I - Explain risks associated with agency policy for access by uncleared individuals and vendors  
401. I - Explain risks associated with agency policy for redeploying classified systems  
402. I - Explain roles, responsibilities, and access controls  
403. I - Explain safety requirements  
404. I - Explain security review policy  
405. I - Explain social engineering policy  
406. I - Explain system security architecture study  
407. I - Explain systems interconnection policy  
408. I - Explain the Model for Information Assurance: An Integrated Approach (2nd  
409. I - Explain the Model for Information Assurance: An Integrated Approach (2nd Annual IEEE Systems, Man and Cybernetics Information Assurance Workshop, June 2002)  
410. I - Explain the parameters of investigations  
411. I - Explain the role of vendors and uncleared individuals in defense in depth  
412. I - Explain unauthorized access incident reporting plan  
413. I - Explain user roles  
414. I - Explain Validated Products  
415. I - Explain Validated Products policy  
416. I - Explain what constitutes an approved service  
417. I - Explain what constitutes approved facility  
418. I - Explain what constitutes approved service  
419. I - Explain what information is reported to which agencies and offices  
420. I - Identify asset criticality  
421. I - Identify computer network attack threats  
422. I - Identify requirements for intrusion detection  
423. I - Identify sources of technological threats: hardware, software (operating systems, applications, malicious code), firmware, networks (local area networks, wide area networks, metropolitan area networks, and direct connect)  
424. I - Identify standards upon which GASSP are based  
425. I - Identify threat from aggregation  
426. I - Identify threats from related disciplines  
427. I - Identify vulnerabilities with acquisitions  
428. I - Implement account management  
429. I - Implement audit trail and logging  
430. I - Implement biometrics  
431. I - Implement electronic monitoring policy  
432. I - Implement logging  
433. I - Implement monitoring policy  
434. I - Implement non-repudiation schema  
435. I - Integrate change control into operations  
436. I - Know legal rights of disgruntled employees before reporting  
437. I - Manage PKI Certificates  
438. I - Modify contingency plan reflecting changes  
439. I - Monitor access control software management plan training  
440. I - Monitor access management plan training  
441. I - Monitor account management plan training  
442. I - Monitor acquisition of approved facility  
443. I - Monitor acquisition of approved service  
444. I - Monitor auditing and logging management plan training  
445. I - Monitor authentication plan training  
446. I - Monitor biometric access management plan training  
447. I - Monitor changing security education requirements for information system users  
448. I - Monitor compliance with procedure  
449. I - Monitor configuration management plan training  
450. I - Monitor contingency plan training  
451. I - Monitor disposition plan training  
452. I - Monitor EDP training  
453. I - Monitor electronic records management system  
454. I - Monitor e-mail monitoring management plan training  
455. I - Monitor e-mail program  
456. I - Monitor incident reporting plan training  
457. I - Monitor intrusion detection management plan training  
458. I - Monitor life cycle security acquisition process  
459. I - Monitor life cycle security process  
460. I - Monitor monitoring management plan training  
461. I - Monitor operation of approved facility  
462. I - Monitor operation of approved service  
463. I - Monitor password management plan training  
464. I - Monitor reconstitution plan training  
465. I - Monitor records retention program  
466. I - Monitor recovery plan training  
467. I - Monitor restoration/reconstitution  
468. I - Monitor system security architecture acquisition process  
469. I - Monitor system security architecture process  
470. I - Monitor systems interconnection  
471. I - Organize accreditation process  
472. I - Perform security testing prior to implementation ensuring changes made to systems do not violate security policy  
473. I - Plan an approved service  
474. I - Plan backups and off-site storage  
475. I - Plan business resumption  
476. I - Plan change control  
477. I - Plan communications  
478. I - Plan documentation  
479. I - Plan emergency response  
480. I - Plan fire and water protection  
481. I - Plan for acquisition of an approved service  
482. I - Plan life cycle security  
483. I - Plan logistics and supplies  
484. I - Plan personnel notification  
485. I - Plan primary/backup/reconstitution utilities  
486. I - Prepare EKMS operating procedures for a system  
487. I - Prepare PKI operating procedures for a system  
488. I - Prepare report of non-compliance to SSM, viz., CIO, DAA, CTO, etc.  
489. I - Prepare testing reports  
490. I - Prescribe changes resulting from evaluation alarms, signals, & reports  
491. I - Present approved facility plan to SSM, viz., CIO, DAA, CTO, etc.  
492. I - Present approved service plan to SSM, viz., CIO, DAA, CTO, etc.  
493. I - Present authentication identification and authentication policy  
494. I - Present computer network attack policy  
495. I - Present computer network attack threat policy  
496. I - Present CONOP plan  
497. I - Present contingency plan  
498. I - Present continuity plan  
499. I - Present data aggregation policy  
500. I - Present disposition plan  
501. I - Present EMSEC/TEMPEST policy  
502. I - Present facility management policy  
503. I - Present human threat policy  
504. I - Present life cycle security plan to SSM, viz., CIO, DAA, CTO, etc.  
505. I - Present protective technologies implementation plan  
506. I - Present risk policy  
507. I - Present security requirements  
508. I - Present security review policy  
509. I - Present social engineering policy  
510. I - Present system security architecture study to SSM, viz., CIO, DAA, CTO, etc.  
511. I - Present the agency policy for access by uncleared individuals and vendors  
512. I - Present the agency policy for redeploying classified systems  
513. I - Present threat assessment policy  
514. I - Present vendor cooperation report  
515. I - Promote compliance  
516. I - Propose access management plan  
517. I - Propose changes to procedures  
518. I - Propose contingency plan  
519. I - Propose hardware asset management process  
520. I - Propose implementation of intrusion detection  
521. I - Propose methods and policies to combat introduction of malicious code into system  
522. I - Propose methods and policies to include in CONOP  
523. I - Propose methods to share files without sharing passwords  
524. I - Propose modifications to current policies and procedures  
525. I - Recommend alternatives (e.g., steganography, watermarking)  
526. I - Recommend approved EKMS technology  
527. I - Recommend approved facility configuration  
528. I - Recommend approved PKI technology  
529. I - Recommend digital signatures/non-repudiation tools  
530. I - Recommend email security (e.g., PGP, PEM)  
531. I - Recommend input to organizational ETA activities  
532. I - Recommend internet security (e.g., SSL)  
533. I - Recommend message digests (e.g., MD5, SHA, HMAC) tools  
534. I - Recommend modifications to the SSAA  
535. I - Recommend protective technologies  
536. I - Recommend public key infrastructure (PKI) (e.g., certification authorities, etc.)  
537. I - Recommend training to avoid incident  
538. I - Report on status of restoration of information systems  
539. I - Require accountability of copyrighted software in accordance with software licensing agreements  
540. I - Review assessments for purpose of certification of information systems  
541. I - Review backup policy  
542. I - Review reports of monitoring events  
543. I - Review results of execution of certification tools  
544. I - Review results of execution of ST&E plan and procedures  
545. I - Revise policy document  
546. I - Select vulnerabilities identified by agencies/vendors with existing cooperation/coordination  
547. I - Select vulnerabilities in agency policy for access by uncleared individuals and vendors  
548. I - Select vulnerabilities in agency policy for redeploying classified systems  
549. I - Specify method to exercise backup plan  
550. I - Specify method to exercise contingency plan  
551. I - Specify method to exercise continuity plan  
552. I - Specify method to exercise deposition plan  
553. I - Specify method to exercise reconstitution plan  
554. I - Specify method to test contingency plan  
555. I - Specify method to test continuity plan  
556. I - Specify method to test deposition plan  
557. I - Specify method to test reconstitution plan  
558. I - Submit peer-to-peer requirements  
559. I - Summarize account management plan  
560. I - Summarize asset inventory  
561. I - Summarize auditing and logging management plan  
562. I - Summarize authentication plan  
563. I - Summarize biometric access management plan  
564. I - Summarize biometrics  
565. I - Summarize common criteria  
566. I - Summarize computer network attack policy  
567. I - Summarize computer network attack threat policy  
568. I - Summarize COMSEC process  
569. I - Summarize contingency plan  
570. I - Summarize cost/benefit analysis  
571. I - Summarize countermeasure  
572. I - Summarize data aggregation policy  
573. I - Summarize database security feature use policy  
574. I - Summarize defense in depth  
575. I - Summarize disposition plan  
576. I - Summarize disposition policy  
577. I - Summarize EDP  
578. I - Summarize e-mail monitoring management plan  
579. I - Summarize EMSEC/TEMPEST policy  
580. I - Summarize facility management policy  
581. I - Summarize human threat policy  
582. I - Summarize intrusion detection management plan  
583. I - Summarize ITSEC/Common Criteria policy  
584. I - Summarize legal liability issues  
585. I - Summarize major elements of an approved facility  
586. I - Summarize major elements of an approved service  
587. I - Summarize major elements of life cycle security  
588. I - Summarize major elements of system security architecture  
589. I - Summarize monitoring management plan  
590. I - Summarize password management plan  
591. I - Summarize peer-to-peer security policy  
592. I - Summarize protective technologies implementation plan  
593. I - Summarize recovery plan  
594. I - Summarize residual risk  
595. I - Summarize restoration/reconstitution plan  
596. I - Summarize risk management policy  
597. I - Summarize risk profile  
598. I - Summarize security review policy  
599. I - Summarize social engineering policy  
600. I - Summarize systems interconnection policy  
601. I - Summarize technical surveillance vulnerabilities policy  
602. I - Summarize threat assessment policy  
603. I - Summarize unauthorized access incident reporting plan  
604. I - Summarize vendor cooperation  
605. I - Test/exercise continuity plans  
606. I - Test/exercise reconstitution plans  
607. I - Use analysis of intrusion indicators, when appropriate, and generate results  
608. I - Use appropriate EKMS system  
609. I - Use appropriate PKI system  
610. I - Use audit collection  
611. I - Use knowledge of threats from related disciplines  
612. I - Use Protection Profiles for input into vulnerability analysis  
613. I - Use results of electronic monitoring reports  
614. I - Verify that necessary parties understand access control software management plan and where it is maintained  
615. I - Verify that necessary parties understand access management plan and where it is maintained  
616. I - Verify that necessary parties understand account management plan and where it is maintained  
617. I - Verify that necessary parties understand auditing and logging management plan and where it is maintained  
618. I - Verify that necessary parties understand authentication plan and where it is maintained  
619. I - Verify that necessary parties understand biometric access management plan and where it is maintained  
620. I - Verify that necessary parties understand configuration management plan and where it is maintained  
621. I - Verify that necessary parties understand disposition plan and where it is maintained  
622. I - Verify that necessary parties understand EDP and where it is maintained  
623. I - Verify that necessary parties understand e-mail monitoring management plan and where it is maintained  
624. I - Verify that necessary parties understand intrusion detection management plan and where it is maintained  
625. I - Verify that necessary parties understand monitoring management plan and where it is maintained  
626. I - Verify that necessary parties understand password management plan and where it is maintained  
627. I - Verify that necessary parties understand recovery plan and where it is maintained  
628. I - Verify that necessary parties understand restoration/reconstitution plans and where they are maintained  
629. I - Verify that necessary parties understand unauthorized access incident reporting plan and where it is maintained  
630. I - Write local guidance  
631. I - Write risk assessment reports  
632. I - Write SSP for simple information system  
The successful student in CIS 4414, 5514, 6614 demonstrates advanced-level competency by verifying, writing, evaluating, reporting, prescribing, implementing, testing, directing, integrating, proposing, influencing, developing, interpreting, revising, establishing, and discussing the following activities in discussion seminars, readings, research papers or essays Student Checklist
1. A - Access and auditing procedures and that they are being followed  
2. A - Access authorization policy document  
3. A - Access authorization policy is integrated into overall system and procedures  
4. A - Access authorization procedures are enforced  
5. A - Access authorization processes are implemented  
6. A - Access control policy  
7. A - Access control software and auditing procedures and that they are being followed  
8. A - Access control software management plan  
9. A - Access control software management plan is executed  
10. A - Access control software management policy  
11. A - Access control software management policy for infractions  
12. A - Access control software management policy is followed  
13. A - Access control software management reporting  
14. A - Access control software policy document  
15. A - Access control software policy is integrated into overall system and procedures  
16. A - Access control software procedures are enforced  
17. A - Access controls into policy  
18. A - Access management plan  
19. A - Access management plan is executed  
20. A - Access management policy  
21. A - Access management policy for infractions  
22. A - Access management policy is followed  
23. A - Access management reporting  
24. A - Access notification policy  
25. A - Account management plan  
26. A - Account management plan is executed  
27. A - Account management policy  
28. A - Account management policy document  
29. A - Account management policy for infractions  
30. A - Account management policy is followed  
31. A - Account management policy is integrated into overall system and procedures  
32. A - Account management reporting  
33. A - Account management security procedures are enforced  
34. A - Accreditation of a system to the SSM, viz., CIO, DAA, CTO, etc. Based on risk assessment  
35. A - Accreditation process  
36. A - Actions to management based on risk acceptance  
37. A - Adherence to access control software procedures  
38. A - Adherence to access procedures  
39. A - Adherence to appropriate laws and policies access  
40. A - Adherence to appropriate laws and policies for access procedures  
41. A - Adherence to appropriate laws and policies for configuration procedures  
42. A - Adherence to appropriate laws and policies for e-mail monitoring  
43. A - Adherence to appropriate laws and policies for monitoring  
44. A - Adherence to auditing and logging procedures  
45. A - Adherence to configuration procedures  
46. A - Adherence to e-mail monitoring procedures  
47. A - Adherence to monitoring procedures  
48. A - Adverse side affects of testing to SSM, viz., CIO, DAA, CTO, etc.  
49. A - Agency policy and procedures for guiding local policy and procedures  
50. A - Agency policy for access by uncleared individuals and vendors  
51. A - Agency policy for redeploying classified systems  
52. A - Agency/vendor cooperation/coordination policy  
53. A - Alarms, signals, and reports  
54. A - Alternatives (e.g., steganography, watermarking)  
55. A - An approved facility  
56. A - An approved service  
57. A - And coordinate with LEI  
58. A - And maintain recovery procedures  
59. A - And test disposition of classified material and EDP  
60. A - Applicable laws and directives  
61. A - Appropriate information as defined in security policy to appropriate agencies and offices  
62. A - Appropriate system security architecture process  
63. A - Asset inventory policy  
64. A - Asset inventory process  
65. A - Asset inventory report  
66. A - Assigned responsibilities are commensurate with underlying information system security policies and are appropriately assigned  
67. A - Attack analysis plan  
68. A - Attack analysis policy  
69. A - Attack analysis report  
70. A - Audit alarms and signals  
71. A - Audit collection requirements  
72. A - Audit trail error logs/system logs  
73. A - Audit trail logging policy  
74. A - Auditing and logging management plan  
75. A - Auditing and logging management plan is executed  
76. A - Auditing and logging management policy  
77. A - Auditing and logging management policy for infractions  
78. A - Auditing and logging management reporting  
79. A - Authentication  
80. A - Authentication into local policy  
81. A - Authentication plan  
82. A - Authentication plan is executed  
83. A - Authentication policy  
84. A - Authentication policy document  
85. A - Authentication policy for infractions  
86. A - Authentication policy is followed  
87. A - Authentication policy is integrated into overall system and procedures  
88. A - Authentication procedures are enforced  
89. A - Authentication reporting  
90. A - Backup policy  
91. A - Behavior of disgruntled employees to appropriate authorities  
92. A - Biometric access incident notification policy  
93. A - Biometric access incident reporting  
94. A - Biometric access management plan  
95. A - Biometric access management policy document  
96. A - Biometric access management policy is integrated into overall system and procedures  
97. A - Biometric access management procedures are enforced  
98. A - Biometric access plan is executed  
99. A - Biometrics into systems  
100. A - Biometrics policy  
101. A - C&A effort for information systems  
102. A - C&A effort leading to Certification Statement  
103. A - Careless/disgruntled employee monitoring policy  
104. A - Certification tools  
105. A - Change control  
106. A - Change control plan  
107. A - Changes in configuration to SSM, viz., CIO, DAA, CTO, etc.  
108. A - Changes resulting from evaluation  
109. A - Changes resulting from evaluation alarms, signals, & reports  
110. A - Changes resulting from evaluation environmental control testing  
111. A - Changes resulting from evaluation of contingency plan  
112. A - Changes resulting from evaluation of continuity plan  
113. A - Changes resulting from evaluation of filtered power testing  
114. A - Changes resulting from evaluation of fire prevention testing  
115. A - Changes resulting from evaluation of grounding testing  
116. A - Changes resulting from evaluation of intrusion detection process  
117. A - Changes resulting from evaluation of network monitoring process  
118. A - Changes resulting from evaluation of reconstitution plan  
119. A - Changes resulting from evaluation of safety testing  
120. A - Changes resulting from evaluation of security breaches  
121. A - Changes resulting from evidence collection  
122. A - Changes that result from analysis  
123. A - Changes that were identified as problems  
124. A - Clearance policy is implemented  
125. A - Clearance verification policy document  
126. A - Clearance verification policy is integrated into overall system and procedures  
127. A - Clearance verification procedures are enforced  
128. A - Computer network attack policy  
129. A - Computer network attack threats  
130. A - COMSEC procedures are enforced  
131. A - Configuration and auditing procedures and ensure that they are being followed  
132. A - Configuration management changes resulting from evaluation  
133. A - Configuration management plan  
134. A - Configuration management plan is executed  
135. A - Configuration management policy  
136. A - Configuration management policy is followed  
137. A - Configuration management reporting  
138. A - Configuration management requirements  
139. A - CONOP plan  
140. A - CONOP policy  
141. A - Consent to monitoring banners are in place  
142. A - Consequences of introducing malicious code  
143. A - Contingency plan  
144. A - Contingency plan test results  
145. A - Contingency plans are implemented  
146. A - Contingency plans are reflected in SSAA  
147. A - Continuity plan  
148. A - Continuity plans are implemented  
149. A - Continuity plans are reflected in SSAA  
150. A - Contracted security services  
151. A - Contracting Officer's Technical Representative (COTR) through facility acquisition process  
152. A - Contracts, agreements, and other obligation policy  
153. A - Corrective vendor actions when required  
154. A - Cost/benefit analysis  
155. A - Cost/benefit analysis results to formulate recommend changes  
156. A - COTR through service acquisition process  
157. A - Countermeasures exist and that countermeasure procedures are being followed  
158. A - Criminal activity preparedness into local policy  
159. A - Criminal activity preparedness plan  
160. A - Criticality  
161. A - Current access control software management plan is available and accurate  
162. A - Current access management plan is available and accurate  
163. A - Current account management plan is available and accurate  
164. A - Current auditing and logging management plan is available and accurate  
165. A - Current authentication plan is available and accurate  
166. A - Current biometric access management plan is available and accurate  
167. A - Current configuration management plan is available and accurate  
168. A - Current contingency plan is available and accurate  
169. A - Current disposition plan is available and accurate  
170. A - Current edp is available and accurate  
171. A - Current e-mail monitoring management plan is available and accurate  
172. A - Current intrusion detection management plan is available and accurate  
173. A - Current monitoring management plan is available and accurate  
174. A - Current password management plan is available and accurate  
175. A - Current recovery plan is available and accurate  
176. A - Current restoration/reconstitution plan is available and accurate  
177. A - Current unauthorized access incident reporting plan is available and accurate  
178. A - Data aggregation policy  
179. A - Data in to threat assessment  
180. A - Data Item Descriptions (DID) for life cycle security  
181. A - Database security feature use policy  
182. A - Design information system education programs  
183. A - DIDS for system security architecture  
184. A - Differing public EKMS methodologies  
185. A - Differing public PKI methodologies  
186. A - Discrepancies with disposition  
187. A - Disgruntled employee monitoring policy  
188. A - Disposition classified material plan is executed  
189. A - Disposition plan  
190. A - Disposition policy  
191. A - Disposition/EDP plan  
192. A - Due care concerns are addressed  
193. A - Due care rules  
194. A - EDP  
195. A - EDP into overall plans  
196. A - EKMS certificates  
197. A - EKMS conflict with procedures and policies, and variances thereof  
198. A - EKMS management into overall system and procedures  
199. A - EKMS management is integrated into overall system and procedures  
200. A - EKMS procedures are enforced  
201. A - EKMS procedures are in line with policy  
202. A - EKMS process for a system  
203. A - EKMS supports security management requirements  
204. A - Electronic monitoring policy  
205. A - Electronic records management system is operated in accordance with policy  
206. A - Electronic records retention management system is operated in accordance with policy  
207. A - E-mail monitoring and auditing procedures and that they are being followed  
208. A - E-mail monitoring management plan  
209. A - E-mail monitoring management plan is executed  
210. A - E-mail monitoring management policy  
211. A - E-mail monitoring management policy for infractions  
212. A - E-mail monitoring management policy is followed  
213. A - E-mail monitoring management reporting  
214. A - Email security (e.g., PGP, PEM)  
215. A - E-mail system is operated in accordance with policy  
216. A - EMSEC/TEMPEST policy  
217. A - Environmental control requirements are enforced  
218. A - Evaluated products for use in a system  
219. A - Evidence collection and preservation security  
220. A - Evidence collection procedures  
221. A - Execution of contingency plan  
222. A - Execution of continuity plan  
223. A - Facility is approved appropriate authority  
224. A - Facility management policy  
225. A - Filtered power requirements are enforced  
226. A - Findings and recommendations  
227. A - Fire prevention requirements are enforced  
228. A - For acquisition of an approved facility  
229. A - For acquisition of an approved service  
230. A - GASSP into standard operating procedures  
231. A - GASSP is implemented  
232. A - Good password systems  
233. A - Grounding requirements are enforced  
234. A - Hardware accountability is performed at all levels  
235. A - Hardware asset accountability is enforced at all levels  
236. A - Higher authority/organizational/agency systems emergency/incident response team notification  
237. A - Human threat policy  
238. A - I&A into overall plans  
239. A - I&A policy  
240. A - Identification of disgruntled employees to appropriate authorities  
241. A - IG results into report  
242. A - Implementation of access control software management plan  
243. A - Implementation of account management plan  
244. A - Implementation of auditing and logging management plan  
245. A - Implementation of authentication plan  
246. A - Implementation of biometric access management plan  
247. A - Implementation of configuration management plan  
248. A - Implementation of contingency plan  
249. A - Implementation of Continuity plan  
250. A - Implementation of defense in depth  
251. A - Implementation of disposition plan  
252. A - Implementation of due care rules  
253. A - Implementation of EDP  
254. A - Implementation of ekms  
255. A - Implementation of e-mail system and describe effect on system  
256. A - Implementation of monitoring management plan  
257. A - Implementation of non-repudiation  
258. A - Implementation of password management plan  
259. A - Implementation of peer-to-peer  
260. A - Implementation of PKI  
261. A - Implementation of reconstitution plan  
262. A - Implementation of records management program  
263. A - Implementation of records management program and describe effect on system  
264. A - Implementation of records retention program and describe effect on system  
265. A - Implementation of recovery plan  
266. A - Implementation of risk mitigation strategies necessary to obtain ATO  
267. A - Implementation of risk mitigation strategies necessary to obtain IATO  
268. A - Incident is reported  
269. A - Incident reporting plan  
270. A - Individuals understand their accountability  
271. A - Information system security requirements into configuration management program  
272. A - Information system security strategies  
273. A - Information Systems Oversight Office (ISOO) procedure policy is implemented  
274. A - INFOWAR  
275. A - Insufficient password  
276. A - Internet security (e.g., SSL)  
277. A - Intrusion detection is in accordance with policy  
278. A - Intrusion detection management plan  
279. A - Intrusion detection management plan is executed  
280. A - Intrusion detection management policy  
281. A - Intrusion detection management policy for infractions  
282. A - Intrusion detection management policy is followed  
283. A - Intrusion detection management reporting  
284. A - Intrusion detection policy  
285. A - Intrusion detection system  
286. A - Intrusion deterrents are current, operational, and tested  
287. A - Intrusion deterrents are implemented and enforced  
288. A - Investigative efforts to SSM, viz., CIO, DAA, CTO, etc.  
289. A - Items in contingency plan are in force  
290. A - Items in continuity plan are in force  
291. A - Items in reconstitution plan are in force  
292. A - ITSEC/Common Criteria policy  
293. A - Key escrow procedures are enforced  
294. A - Key escrow procedures are in line with policy  
295. A - Keystroke monitoring policy  
296. A - Labeling procedure policy is implemented  
297. A - Law enforcement Interfaces  
298. A - Legal aspects of access control software systems  
299. A - Legal aspects of access systems  
300. A - Legal aspects of configuration systems  
301. A - Legal aspects of e-mail monitoring systems  
302. A - Legal aspects of intrusion detection systems  
303. A - Legal aspects of logging and auditing systems  
304. A - Legal aspects of monitoring systems  
305. A - LEI activities to SSM, viz., CIO, DAA, CTO, etc.  
306. A - Life cycle security  
307. A - Life cycle security implementation  
308. A - Life cycle security planning is approved  
309. A - Life cycle security process to support CONOPS  
310. A - Life cycle system security planning is implemented  
311. A - Local COMSEC policies and procedures from an information assurance standpoint  
312. A - Local policy document IAW national policies  
313. A - Management issues into local policy  
314. A - Management of importance of having properly trained SA/staff to perform disposition plan on mission critical systems  
315. A - Management on importance of having properly trained SA/staff to execute intrusion detection management plans, policies, and procedures on mission critical systems  
316. A - Management on importance of having properly trained SA/staff to perform access control software management plan on mission critical systems  
317. A - Management on importance of having properly trained SA/staff to perform access management plan on mission critical systems  
318. A - Management on importance of having properly trained SA/staff to perform account management plan on mission critical systems  
319. A - Management on importance of having properly trained SA/staff to perform auditing and logging management plan on mission critical systems  
320. A - Management on importance of having properly trained SA/staff to perform authentication plan on mission critical systems  
321. A - Management on importance of having properly trained SA/staff to perform biometric access management plan on mission critical systems  
322. A - Management on importance of having properly trained SA/staff to perform configuration management plan on mission critical systems  
323. A - Management on importance of having properly trained SA/staff to perform contingency plan on mission critical systems  
324. A - Management on importance of having properly trained SA/staff to perform edp on mission critical systems  
325. A - Management on importance of having properly trained SA/staff to perform e-mail monitoring management plan on mission critical systems  
326. A - Management on importance of having properly trained SA/staff to perform monitoring management plan on mission critical systems  
327. A - Management on importance of having properly trained SA/staff to perform password management plan on mission critical systems  
328. A - Management on importance of having properly trained SA/staff to perform reconstitution plan on mission critical systems  
329. A - Management on importance of having properly trained SA/staff to perform recovery plan on mission critical systems  
330. A - Management on importance of having properly trained SA/staff to perform unauthorized access incident reporting plan on mission critical systems  
331. A - Marking procedure policy is implemented  
332. A - Monitoring and auditing procedures and that they are being followed  
333. A - Monitoring management plan  
334. A - Monitoring management plan is executed  
335. A - Monitoring management policy  
336. A - Monitoring management policy is followed  
337. A - Monitoring management reporting  
338. A - Monitoring policy  
339. A - Need-to-know changes resulting from evaluation  
340. A - Need-to-know controls are implemented  
341. A - Need-to-know policy  
342. A - Need-to-know policy document  
343. A - Need-to-know policy is integrated into overall system and procedures  
344. A - Need-to-know procedures are enforced  
345. A - Need-to-know requirements  
346. A - Network monitoring is in accordance with policy  
347. A - Network monitoring system  
348. A - Non-compliance  
349. A - Non-repudiation is enforced  
350. A - Non-repudiation is implemented  
351. A - Obligation for security services  
352. A - Obtaining SSM, viz., CIO, DAA, CTO, etc. Approval  
353. A - Of an incident response  
354. A - On COMSEC process  
355. A - On contracted security services  
356. A - On EKMS implementation  
357. A - On evaluated damage done by an incident  
358. A - On GASSP implementation  
359. A - On KMI implementation  
360. A - On life cycle security implementation  
361. A - On peer-to-peer implementation  
362. A - On PKI implementation  
363. A - On recommendations for configuration management  
364. A - On status of back ups  
365. A - On status of restoration  
366. A - On system security architecture implementation  
367. A - Operation of access control software management plan  
368. A - Operation of account management plan  
369. A - Operation of auditing and logging management plan  
370. A - Operation of authentication plan  
371. A - Operation of biometric access management plan  
372. A - Operation of configuration management plan  
373. A - Operation of contingency plan  
374. A - Operation of disposition plan  
375. A - Operation of EDP  
376. A - Operation of monitoring management plan  
377. A - Operation of password management plan  
378. A - Operation of reconstitution plan  
379. A - Operation of recovery plan  
380. A - Oversight associated environmental controls  
381. A - Oversight associated filtered power  
382. A - Oversight associated fire prevention  
383. A - Oversight associated grounding  
384. A - Oversight associated safety  
385. A - Oversight associated with account administration tests  
386. A - Oversight associated with alarms and signals  
387. A - Oversight associated with biometric access management tests  
388. A - Oversight associated with configuration management tests  
389. A - Oversight associated with evidence acceptability in investigations  
390. A - Oversight associated with intrusion detection process  
391. A - Oversight associated with investigations  
392. A - Oversight associated with monitoring process  
393. A - Oversight associated with need-to-know tests  
394. A - Oversight associated with network boundaries and perimeters security tests  
395. A - Oversight associated with network security tests  
396. A - Oversight associated with password management tests  
397. A - Oversight associated with protective technology tests  
398. A - Oversight associated with use of automated security tools  
399. A - Oversight for access policy  
400. A - Oversight of contingency plans  
401. A - Oversight of continuity plans  
402. A - Oversight of disposition of classified material & EDP  
403. A - Oversight of reconstitution plans  
404. A - Password incident notification policy  
405. A - Password incident reporting  
406. A - Password management plan  
407. A - Password management policy document  
408. A - Password management policy is integrated into overall system and procedures  
409. A - Password management procedures are enforced  
410. A - Password plan is executed  
411. A - Peer-to-peer security concerns are addressed  
412. A - Peer-to-peer security into local policy  
413. A - Peer-to-peer security management is integrated into overall system and procedures  
414. A - Peer-to-peer security policy  
415. A - Peer-to-peer security procedures are enforced  
416. A - Physical controls and accounting procedure policy is implemented  
417. A - PKI conflict with procedures and policies, and variances thereof  
418. A - PKI management into overall system and procedures  
419. A - PKI management is integrated into overall system and procedures  
420. A - PKI procedures are enforced  
421. A - PKI procedures are in line with policy  
422. A - PKI process for a system  
423. A - PKI supports security management requirements  
424. A - Plan changes  
425. A - Plan for certification and accreditation policy  
426. A - Plan for implementing an approved facility  
427. A - Plan for implementing an approved service contract  
428. A - Planning for certification and accreditation posture  
429. A - Policies for intrusion detection in accordance with higher level policies  
430. A - Policy document  
431. A - Policy document iaw national policies  
432. A - Policy for addressing security breaches  
433. A - Policy for criminal activity  
434. A - Policy for password infractions  
435. A - Policy for security breach  
436. A - Policy for unauthorized access infractions  
437. A - Policy governing appropriate use of information system  
438. A - Policy infractions for monitoring management  
439. A - Policy on malicious code  
440. A - Privacy policy  
441. A - Product policy  
442. A - Protection Profile policy  
443. A - Protection techniques into policies  
444. A - Protective technologies implementation  
445. A - Protective technologies performs as expected  
446. A - Protective technologies plan  
447. A - Protective technologies policy  
448. A - Protective technology changes resulting from evaluation  
449. A - Protective technology policy  
450. A - Protective technology requirements  
451. A - Public key infrastructure (PKI) (e.g., certification authorities, etc.)  
452. A - RBAC policy document  
453. A - RBAC policy is integrated into overall system and procedures  
454. A - RBAC procedures are enforced  
455. A - Re-certification effort  
456. A - Recommendations for corrective/remedial action for non-compliance  
457. A - Recommended actions, changes, modifications to information assurance program and practices based upon an incident  
458. A - Recommended fixes for deficiencies identified by vulnerability analysis  
459. A - Reconstitution plan  
460. A - Reconstitution planning is implemented  
461. A - Reconstitution plans are implemented  
462. A - Reconstitution plans are reflected in SSAA  
463. A - Reconstitution plans into local policy  
464. A - Recovery plan  
465. A - Recovery plan test results  
466. A - Recovery plans are implemented  
467. A - Recovery procedures  
468. A - Remanence procedure policy is implemented  
469. A - Remediation is executed  
470. A - Requirements for protective technology policy  
471. A - Residual risk standard and policy  
472. A - Resources to perform a risk assessment  
473. A - Restoration/reconstitution plan  
474. A - Results from environmental control testing  
475. A - Results from filtered power testing  
476. A - Results from fire prevention testing  
477. A - Results from grounding testing  
478. A - Results from safety testing  
479. A - Results mapped to security CONOPS  
480. A - Results of a risk assessment  
481. A - Results of automated security tools and tools tests  
482. A - Results of carrying out ST&E plan and procedures  
483. A - Results of certification tools  
484. A - Results of configuration management tests  
485. A - Results of intrusion detection process  
486. A - Results of need-to-know tests  
487. A - Results of network boundaries and perimeters security tests  
488. A - Results of network monitoring process  
489. A - Results of network security tests  
490. A - Results of protective technology tests  
491. A - Results of security breaches  
492. A - Results of test of contingency plan  
493. A - Results of test of continuity plan  
494. A - Results of test of EDP  
495. A - Results of test of reconstitution plan  
496. A - Results of test of unauthorized access policy  
497. A - Results of vulnerability analysis  
498. A - Risk assessment plan  
499. A - Risk assessment policy  
500. A - Risk assessment process  
501. A - Risk assessment report  
502. A - Risk assessment to support granting an ATO  
503. A - Risk assessment to support granting an IATO  
504. A - Risk management  
505. A - Risk management policy  
506. A - Risk policy  
507. A - Roles, responsibilities and access controls are implemented  
508. A - SA response  
509. A - SA understands rules for access control software management  
510. A - SA understands rules for access management  
511. A - SA understands rules for auditing and logging management  
512. A - SA understands rules for authentication  
513. A - SA understands rules for biometric access management  
514. A - SA understands rules for configuration management  
515. A - SA understands rules for e-mail monitoring management  
516. A - SA understands rules for intrusion detection management  
517. A - SA understands rules for monitoring management  
518. A - SA understands rules for password management  
519. A - SA understands rules for restoring files  
520. A - SA understands rules for unauthorized access incident reporting  
521. A - SA understands rules to disposition procedures  
522. A - SA/staff monitors intrusion deterrents status  
523. A - Safety requirements are enforced  
524. A - Security architecture provides defense in depth  
525. A - Security assessment  
526. A - Security breach detection systems  
527. A - Security breach policy is implemented  
528. A - Security incidents in accordance with agency-specific/local policy to SSM, viz., CIO, DAA, CTO, etc. When information system compromised  
529. A - Security issues for configuration management  
530. A - Security issues to organizational/agency systems emergency/incident response team  
531. A - Security review  
532. A - Security review policy  
533. A - Security services  
534. A - Security services as defined by common criteria are implemented  
535. A - Security services contracts  
536. A - Security test and evaluation plan and procedure  
537. A - Service is approved appropriate authority  
538. A - Service is approved by appropriate authority  
539. A - Shortfalls in current policies and procedures  
540. A - Significance of security breaches  
541. A - Site security policy  
542. A - Social engineering monitoring policy  
543. A - Software accountability is performed at all levels  
544. A - Software asset accountability is enforced at all levels  
545. A - Software asset management process  
546. A - Software licensing  
547. A - Software piracy  
548. A - SSAA  
549. A - SSAA in light of incident  
550. A - SSAA to reflect changes to mediate impact of incident  
551. A - SSM, viz., CIO, DAA, CTO, etc. can discuss approval to operate  
552. A - SSM, viz., CIO, DAA, CTO, etc. can discuss IATO  
553. A - SSM, viz., CIO, DAA, CTO, etc. can discuss investigative authorities  
554. A - SSM, viz., CIO, DAA, CTO, etc. can discuss system certification requirements and processes  
555. A - SSM, viz., CIO, DAA, CTO, etc. understands intellectual property rights  
556. A - SSP  
557. A - SSP for complex information system  
558. A - Standard operating procedures into CONOP  
559. A - Status of reconstitution of systems  
560. A - Status report  
561. A - Strategic items being audited and logged  
562. A - Strategic items being monitored  
563. A - Strategic items being under access control software management  
564. A - Strategic items being under access management  
565. A - Strategic items being under configuration management  
566. A - Strategic placement of access control software systems  
567. A - Strategic placement of access systems  
568. A - Strategic placement of auditing and logging system  
569. A - Strategic placement of intrusion detection system  
570. A - Strategic placement of monitoring systems  
571. A - System administrator (SA) understands rules for account management  
572. A - System approval with SSM, viz., CIO, DAA, CTO, etc.  
573. A - System security architecture  
574. A - System security architecture implementation  
575. A - System security architecture is approved  
576. A - System security architecture study is implemented  
577. A - Systems interconnection policy  
578. A - Technical surveillance vulnerabilities policy  
579. A - Test of unauthorized access procedures  
580. A - Test/execution of reconstitution plan  
581. A - Testing and assessment  
582. A - That a process for maintaining signed consent to monitoring forms exists  
583. A - That access to access control software is restricted  
584. A - That consent to access banners are in place  
585. A - That entrapment activities are approved by organizational/agency systems emergency/incident response team and SSM, viz., CIO, DAA, CTO, etc.  
586. A - That entrapment in the legal sense does not occur  
587. A - That evidence collection and preservation policy is implemented  
588. A - That necessary parties understand contingency plan and where it is maintained  
589. A - That privacy laws are enforced  
590. A - That process for maintaining signed consent to monitoring forms exists  
591. A - That security architecture study provides for defense in depth  
592. A - That software configuration is restricted  
593. A - Threat assessment  
594. A - Threat assessment plan  
595. A - Threat assessment policy  
596. A - Threat from aggregation  
597. A - Threats  
598. A - Threats to and vulnerabilities of an information system  
599. A - To attacks/incidents  
600. A - To management and SA of status of due care rules  
601. A - Training  
602. A - Training for SA/staff with specific it security roles is provided  
603. A - Transportation procedure policy is implemented  
604. A - Unauthorized access  
605. A - Unauthorized access incident reporting  
606. A - Unauthorized access incident reporting plan is executed  
607. A - Unauthorized access policy document  
608. A - Unauthorized access policy is integrated into overall system and procedures  
609. A - Unauthorized accounts  
610. A - Unauthorized procedures are enforced  
611. A - Use of appropriate life cycle security process  
612. A - Use of automated security tools  
613. A - Use of entrapment techniques being instituted for compliance with policies and guidelines  
614. A - Use of network boundaries and perimeters security  
615. A - Use of network security  
616. A - User access policy  
617. A - Vendor cooperation  
618. A - Violations of due care rules  
619. A - Violations, incidents, and breaches appropriately  
620. A - Vulnerabilities  
621. A - Vulnerability analysis policy  
622. A - Waive Policy to Continue Operation  
623. A - When testing is completed to SSM, viz., CIO, DAA, CTO, etc.  
624. A - When testing is scheduled to SSM, viz., CIO, DAA, CTO, etc.  
625. A - With st&e team to write test plan  
626. A - Write backups and off-site storage plan  
627. A - Write business resumption plan  
628. A - Write communications plan  
629. A - Write documentation plan  
630. A - Write emergency response plan  
631. A - Write fire and water protection plan  
632. A - Write logistics and supplies plan  
633. A - Write personnel notification plan  
634. A - Write roles and responsibilities for continuity participants  
635. A - Write utilities plan  
NIATEC National Science Foundation Information Assurance Directorate Department of Homeland Security CISSE Scholarship For Service