Update on IS Security Issues - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

Update on IS Security Issues

Description:

Classified lines only in conduit. Weekly alarm verification if secret, daily if TS or SAP ... Power PC (SVME/DMV-179) 32 Kbytes NV RAM with Auto Store ... – PowerPoint PPT presentation

Number of Views:28
Avg rating:3.0/5.0
Slides: 13
Provided by: ini64
Category:

less

Transcript and Presenter's Notes

Title: Update on IS Security Issues


1
FAISSR
Update on IS Security Issues
Florida Association of IS Security
Representatives (FAISSR) Presentation June 12,
2002
2
Overview
  • Policy
  • Lessons Learned
  • New Technology

3
New IS Policy
  • ISL 02L-1 Electronic Receipt/Dispatch Records
  • PL1 Contractual Record in document control
    each facility that information is transmitted to
    or received from by CAGE code, contract number,
    expiration date and classification level.
  • PL1 Non Contractual For each session,
    Automated or manual receipt/dispatch records

4
Policy
  • Para 8-501 Standalone 1 User system
  • Integrity of Password Audit Files (Note on Pg
    8-4-2)
  • Banners must be on IS if capable (8-609 a 1)
  • All IS protection from malicious code (ISL01-1)
  • Unix malicious code programs
  • Cybersoft - www.cybersoft.com
  • F-Secure - www.fsecure.com
  • McAfee - www.mcafee.com or www.nai.com

5
Policy
  • Floppies Shredding Prohibited (5-705)
  • New DSS Sanitization Products
  • Maresware
  • Sanitizer
  • Small Lan all removable media (8-303c)
  • Identification Authentication not required
  • All other audit trails are required

6
PDS Requirements
  • NISTISSI 7003
  • Records of inspection
  • Classified lines only in conduit
  • Weekly alarm verification if secret, daily if TS
    or SAP
  • Technical Inspections not required

7
Wide Area Networks (WANs) and NTK
  • NTK determined by contract
  • If all sites on the WAN have same contract then
    there is a common NTK
  • Different contracts at nodes then PL 2

8
WANs with Government Sites
  • Two options
  • Defense Information Systems Network (DISN)
    circuit (e.g. NIPRNET Type 1, SIPRNET, DREN
    etc.)
  • Waiver from DISA

9
Classified Contaminations
  • Downgrade
  • Remember the Swap File
  • Data Owner concurrence on actions if less than
    NISPOM requirements
  • New issue with NTFS alternate data streams
  • Default condition not implemented
  • Can not delete information
  • More info http//archives.neohapsis.com/archives/
    vulnwatch/2002-q1/0025.html
  • ITSClean ftp//ftp.gdeb.com/pub/

10
Like Equipment Self Certifications
  • Like equipment addition of any similar system
    component previously accredited (e.g. PCs,
    workstations, test equipment, etc.)
    Self certification not required.
  • Self Certification additional like systems
    (e.g. lan, standalone)
  • Question true or false You have an accredited
    lan with 10 workstations. The addition of 5 more
    similar workstations would be considered addition
    of like equipment.

11
New Technology
  • Metal Tape Verify degausser is correct type
  • 2500 Orsted Tapes DVC Pro, DDS3, DDS4, DTF 2
  • Power PC (SVME/DMV-179) 32 Kbytes NV RAM with
    Auto Store
  • KG-235 Sectra In-Line Network Encryptor
  • Replacement for NES
  • 20 Mbps speed

12
DSS Academy Chapter 8 Requirements Class
  • Atlanta, GA August 20-22, 2002
  • Cocoa Beach, FL January 21-23, 2003
Write a Comment
User Comments (0)
About PowerShow.com