1 / 33

Maryann Dennehy DISA/GO434, (703) 882-1716 DennehyM@ncr.disa.mil March 2004

DoD IA Education, Training, Awareness Products . Maryann Dennehy DISA/GO434, (703) 882-1716 DennehyM@ncr.disa.mil March 2004. Agenda. Mission Authorities Approach Categories of Products New Products Under Development Videos Order Products Online, POCs. MISSION.

merry
Download Presentation

Maryann Dennehy DISA/GO434, (703) 882-1716 DennehyM@ncr.disa.mil March 2004

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. DoD IA Education, Training, Awareness Products Maryann Dennehy DISA/GO434, (703) 882-1716 DennehyM@ncr.disa.mil March 2004

  2. Agenda • Mission • Authorities • Approach • Categories of Products • New Products • Under Development • Videos • Order Products Online, POCs

  3. MISSION

  4. DoD ETA Mission • Provide standardized DoD-level IA products for Combatant Commands / Services/Agencies to integrate into their IA Education, Training & Awareness (ETA) programs • Develop products to support the DoD-wide IA career field or professional / certification programs • Assist other DoD components in developing and / or conducting IA training activities • Support DoD and Federal IA ETA outreach programs (HSPD-7)

  5. AUTHORITIES

  6. Authorities • DOD Instruction 8500.01 Information Assurance -Require the Director, DISA to develop and provide IA training and awareness products. • DOD Instruction 8500.02 Information Assurance Implementation -The Director, DISA shall develop and provide IA training and awareness products, and a distributive training capability to support product delivery. • CJCSI 6510.01C(1 May 01, Enclosure B, Pg. B-12) -The Director, DISA will develop an IA and INFOSEC education, training, and awareness program, guidelines, computer-based training and distributive courses and products for use by other DOD components in coordination with other DOD components as required, and assist other DOD components in developing and/or conducting IA and INFOSEC training activities • IA/IT/HR/IPT(February 2000, implemented by DEPSECDEF Memo, 14 Jul 00) -DISA shall develop baseline IA training courses to meet the IA training requirements stipulated in the IPT certification documents.

  7. Derivation of Requirements Requirements Gathered From • ASD (NII), Director, IA, DIAP • IA ETA Forums, Working Groups • Service HQs IA Program Offices • Operators • DoD CERT • Other DISA entities (e.g., PKI) • Feedback from Training Organizations • Service schools • Service & agency training organizations • DISA/FSO trainers

  8. Prioritization of Requirements Priorities established in coordination with • ASD(NI2), Director IA, DIAP • DISA FSO Prioritization considerations • Certification requirements • Magnitude of need • Availability of funding • Availability of content • Availability of external funding Factors bearing on prioritization • Command decision • Rapid transition to new technology impacting existing media products • Emergence of new IA policies/concepts

  9. APPROACH

  10. Approach • DOD-centric with focus on commonality across organizational lines • Collaborate with other Federal agencies using their dollars to create products that support their unique training programs

  11. CATEGORIES OF PRODUCTS

  12. Categories of Products Personnel Certification • Used by some Combatant Commands/Services/Agencies for various levels of certification for SAs, IAOs, IAMs, etc. Professionalization • Intended for use by IA professionals, • (SA, IAO, IAM) to build professional competence Support to Warfighter • Present basic concepts to the Warfighter, and to aid the Warfighter in becoming more technically sound

  13. Personnel Certification 1999 CINDY Silver Award; Three New Media Invision Gold Awards • DoD Information Assurance Awareness • Information Assurance Policy & Technology (IAP&T) (formerly OISS) • Windows NT Security • UNIX Security • CyberProtect

  14. Professionalization Mapped 100% to NSTISSI 4015 • Designated Approving Authority (DAA) • DITSCAP • SSAA Preparation Guide • Certifiers Fundamentals • Web Security • Database Security • System Admin Incident Prep & Response – UNIX • System Admin Incident Prep & Response – Win NT • System Defender

  15. Support to the Warfighter • Information Operations Fundamentals • Defense in Depth • Information Age Technology • Computer Network Defense • Public Key Infrastructure • IA for Auditors & Evaluators • Active Defense – An Executive’s Guide to IA • Introduction to CIRT Management

  16. All Products • Currently available for ordering via IASE at http://iase.disa.mil/eta • Web-deliverable • ADA Section 508 Compliant • Available at no cost • Cleared for “Open Release” by DoD

  17. NEW PRODUCTS

  18. System Defender Teaches a methodology of proactive defense through practice using scenarios • Defines training gaps • Web-based only • Easy to update • Tracks students via web server/LMS • Compatible with ADA 508 requirements. • Audience includes SAs, IAOs, IAMs, Net Admins with Level 2 experience. Demo available at DISA IA Training Products Booth

  19. IA Policy & Technology (IAP&T) • Policy and technology overview in accordance with DOD guidance pertaining to the defense of information systems • Topics include: • Information Security Overview • System Modes and Evaluation Criteria • Workstation Security • Network Security • Identifying and Reporting Incidents • Protecting Information Systems • Managing Information Systems Security • Audience is IAOs, IAMs or SAs Demo available at DISA IA Training Products Booth

  20. SSAA Preparation Guide • Contains guidance on completion of the SSAA • Product is useful for preparation of an SSAA using the National Information Assurance Certification and Accreditation Process (NIACAP), NSTISSI No. 1000 • Provides overview of the DITSCAP • Uses DITSCAP outline (DoD 8510.1M) • Audience is IAMs, IAOs, SAs, Auditors Demo available at DISA IA Training Products Booth

  21. Firewall and Router Basics • Introduction to the security aspects of firewalls and routers • Addresses the operation and maintenance of secure information systems and networks within a networked environment • Audience is SAs, network adminis and users working toward obtaining Level 1 SA certification • Topics include • Internetworking Overview • Firewall Fundamentals • Router Fundamentals Demo available at DISA IA Training Products Booth

  22. UNDERDEVELOPMENT

  23. Telework • Instructs users on current DoD policies and guidelines for utilizing the Telework program

  24. Wireless Networking Security • Instructs users on current DoD policies and guidelines for utilizing wireless networks

  25. Windows 2000 System Administrator • Security as it pertains to Windows 2000, both server and workstation • Shows various ways to secure Windows 2000 systems and addresses current vulnerabilities • Addresses Gold Standard • Audience includes SAs, IAOs, IAMs, and Network Administrators • Currently in Beta Review

  26. Cyber OPS (Net Builder) • Multi-year collaborative effort with USMA • Modular IA exercise as an academic classroom, technical training and information warfare exercise support tool • Each module increases depth and realism of exercise play, using a building block approach Net Builder (2 yrs) Players create networks using generic hardware, software, and connection tool suites within allocated resources Net Defender Uses computer-generated attack sequences to test network defenses developed by exercise players Net Assurer Explores the impact of available IA personnel (SAs, IAMs, IAOs, and DAAs) on the efficiency of system operation Net Warrior Red Team – Blue Team exercise play defending or attacking previously created, defended, and staffed networks

  27. Cyber Law • For government lawyers who need to understand legal and policy issues, both current and emerging, associated with IA and CIP/Homeland Security • Topics include: • Basic understanding of the Internet • Basic tenets of Information Assurance • Definition of Computer Crime • Discussion of First and Fourth Amendments • Presentation of statutory considerations to be applied during investigations • Discussion of four “Lanes in the Road” pertinent to CND • References for following evolving areas of the law in cyberspace • Audience: Combatant Commands/Components SJA; Regional JAGs; IA, IO, CIP and Intel specialists; SAs, IAOs, DAAs, Red Teams, CERTs, web developers

  28. Videos

  29. IA Videos Compilation Series 1 • Networks at Risk (NCS) (10 min) • The Information Front Line (IC) (10 min) • Bringing Down the House (IC) (11 min) • Computer Security 101 (DOJ) (~10 min) • Computer Security: The Executive Role (DOJ) (~10 min) • Safe Data - Its Your Business (DOL) (18 min) • Think Before You Respond (USGov) (3 min) • Protect Your AIS (USGov) (6 vignettes) • Protect Your AIS -The Sequel (USGov) (30 min) • Doctor D Stroye (USGov) (7 min) • The Scarlet V (USGov) (7 min)

  30. IA Videos Compilation Series 2 • Ears Looking at You (USGov) (8 min) • Just the Fax (USGov) (7:51 min) • Bits and Pieces (USGov) (4:30 min) • Magnificent Discretion (USGov) (5:02 min) • Sherman on My Mind (USGov) • Identity Theft – Protect Yourself (USN) Understanding PKI Solar Sunrise: Dawn of a New Threat* • (NACIC, NIPC, FBI) (18 min) Risky Business* • (NACIC, FBI) (~20 min) * Government only. All others contact http://www.nacic.gov.

  31. ORDER INFORMATION

  32. Order Products Online For product order form, product descriptions, and frequently asked questions/product notes: • Web: http://iase.disa.mil/infosec Sign up for automatic e-mail notification of new products • E-mail: dodiaeta@ncr.disa.mil • Ms. Emillie Quan QuanE@ncr.disa.mil (703) 882-1709 COM / 381-1709 DSN • Ms. Maryann Dennehy DennehyM@ncr.disa.mil (703) 882-1716 COM / 381-1716 DSN

  33. DoD IA Education, Training, Awareness Products Maryann Dennehy DISA/GO434, (703) 882-1716 DennehyM@ncr.disa.mil March 2004

More Related