Knowledge Management and Information Technology. (Know-IT Encyclopedia)

Size: px
Start display at page:

Download "Knowledge Management and Information Technology. (Know-IT Encyclopedia)"

Transcription

1 Knowledge Management and Information Technology (Know-IT Encyclopedia) Neal Pollock Published by the Defense Acquisition University Press, Fort Belvoir, Virginia, for the Program Executive Office for Information Technology First Edition September

2 2

3 Navigation Tool: A B C D E F G H I J K L M N O P Q R S T U V W X 1 ACRONYM LIST INTRODUCTION As knowledge management (KM) and information technology (IT) have developed and grown, they have evolved numerous technical terms and phrases that those not intimately involved in these disciplines may find difficult to understand. These terms are useful in efficiently communicating among professionals, but they can be difficult to absorb in a rapid manner, and it can be difficult to obtain consistent definitions. There is a spectrum of tools to address different aspects of the jargon development phenomenon. At the low end of the range are lists that define each letter of an acronym but do not usually provide much else they are essentially data-level tools. Many glossaries provide short definitions of terms and phrases; they are essentially information-level tools. Unless one has an idea or context already, it is difficult to truly understand when only provided with information. This encyclopedia addresses a void in the present spectrum. It is an attempt to create and distribute a knowledge-level tool, although it is not as voluminous as a full-boat encyclopedia (which would be impossible to adequately distribute). This encyclopedia was constructed using a number of different sources. Much of it, however, is tacit knowledge taken from my experience on-the-job at the Program Executive Office for Information Technology (PEO-IT), the Department of the Navy (DON) Chief Information Office (CIO), and from courses taken at the Information Resources Management College (IRMC) to achieve certifications (CIO and National Security Telecommunications and Information Systems Security Instruction [NSTISSI] 4011). This document is not all-inclusive, but it provides a first step at capturing and elucidating many commonly used KM and IT terms and phrases. Descriptions are limited to KM and IT word usage though some words have other meanings (not addressed here) as well. A Web version is hosted on the Defense Acquisition University (DAU) and PEO-IT Web sites at and and included in future versions of the DON Knowledge Centric Organization (KCO) Toolkit CD. The online version will be maintained and periodically updated. Please help keep the online version current by submitting additional terms and comments via the Web site. For more information, feedback, or to submit changes, please contact me at , , or I have added a considerable number of quotations from various sources to enhance the encyclopedia. They are an attempt to extend the knowledge inherent in this document into the longer scope of human knowledge and into the realm of wisdom. I anticipate that some readers will find them of particular value and interest while others will find them perplexing or even 3

4 annoying. I have differentiated them from the text via differing font size and placement at the end of each entry. However, similar to Zen Buddhist koans, the quotations that may appear the least relevant may be the very ones to shed light where it is needed most (though I had to stretch a bit to find a quote for a few of the entries). I hope you find them enjoyable as well as enlightening. As Samuel Johnson ( ) stated: Every quotation contributes something to the stability or enlargement of the language (from The Oxford Dictionary of Quotations, Oxford University Press, New York, 1980, p. 281, No. 7) and Pettibone Poole said, He who laughs, lasts (from A Glass Eye at the Keyhole, 1938 as quoted by Robert Byrne in The 637 Best Things Anybody Ever Said, Atheneum, NY, 1982, #72). USES This encyclopedia can, of course, be used as a reference document (similar to the Encyclopedia Britannica or Americana) for KM and IT terms and phrases. It can also be used as a training aid for KM and IT courses. In addition, in can be used as an INDOC (indoctrination) tool for new employees. Such usage can provide the person new to IT or KM with basic knowledge from which to build and can elicit informed questions to expand the person s personal knowledge base by eliciting implicit or tacit knowledge from more experienced employees. In addition, PEO-IT intends to employ the encyclopedia as part of its Enterprise Solutions outreach program. NAVIGATION An alphabetic banner at the start of the document provides hyperlinks to the letters of the alphabet within the document as well as to the acronym list. Depending upon your software, you may have to hit the control key while clicking the left mouse button to reach the desired location. The letters and acronym list may also be directly accessed through Insert on the tool bar, followed by Bookmark, selecting the element desired, and then Go to. The acronym list is attached at the beginning of the document. It includes references to where acronyms are used within the encyclopedia and can, therefore, be used as an abbreviated index. Searches in Microsoft Word can also be made. These can be facilitated (if searching for entries) by selecting advanced search, font, and bold since the entry headers are all in bold. Thus, only the entry headers (which are repeated in the acronym list) will be found via this search. DISCLAIMER Opinions, conclusions, and recommendations expressed or implied within are solely those of the authors. They do not necessarily represent the views of the Department of the Navy or any other U.S. government agency. Cleared for public release; distribution unlimited (from Information Age Anthology: Part Four, International Affairs, David Alberts and Daniel Papp, Eds., National Defense University (NDU) Press, Washington, DC, 1987, p. iv). 4

5 ACKNOWLEDGMENTS The idea for this document came from my former boss, John DeSalme, former DON program executive officer for space, communications, and sensors (PEO-SCS) while he was attending our DON CIO electronic Business/Knowledge Fair 2001 on August 30, The effort to create this encyclopedia was encouraged by our deputy chief information officer, Ms. Alex Bennet, without whose support it would certainly not have been possible. I thank Messrs. Joseph Cipriano and Steven Ehrler (PEO-IT) and Dan Porter (DON CIO), who supported my request for a rotational assignment at the DON CIO, and Ms. Eileen Roberson for her continued support that enabled me to complete the encyclopedia. I also wish to thank my instructors at the IRMC: Jay Alden, LTC Carr, Dr. Chang, Norm Crane, Pete Denega, Jack Egan, Ed Fitzpatrick, Gerry Gingrich, Bill Hodson, Phil Irish, LTC Craig Kaucher, Howard Looney, Dr. M. L. Martin, LTC McNamara, John Michel, Robert Norris, Jerome Paige, Les Pang, Phil Parsons, Blair Peterson, Linda Polydys, MAJ Cliff Poole, CAPT Jean Sando, John Saunders, Geoff Seaver, Carolyn Strano, Brian Sutton, Dwight Toavs, Charles Tompkins, Nancy Wills, N. Wood, et al., and the many individual contributors to this pocket encyclopedia: DON CIO Contributors: Karen Danis, Jill Garcia, Floyd Groce, Matthew Hart, CAPT James Kantner, Debbie Lemmeyer, Jean Pate, Lynda Pierce, Sandra Smith, and Frank Sowa. Other Contributors: David Akin (University of Maryland), John Andre (GSA), Richard Burk (HUD), Dr. Robert Burkuhl (SOCOM), Charles Cather (HQDA, U.S. Army), Ken Creighton (IIT Research Institute), Matt D'Antuono (SSC Charleston, Washington Navy Yard), Clay Dean (NAVFAC), Walt Dyer (PEO-IT), Becky Fitzgerald (CINCPACFLT, U.S. Navy), Virgil Frizzel (George Mason University), Karen Gilmore (DAU), Beth Gramoy (SPAWAR Systems Center, San Diego), Gary Hacker (OPM), Janice Herd (Library of Congress), John Hickok (DAU), Hans Jerrell (DAU), Erik Johnson (PEO-IT), Seth Kahan (World Bank), Geoff Malafsky (TII Corp.), Dr. Margaret Myers (ASD (C 3 I)), Dick Opp (PEO-IT), Lisa Pirone (EDO Corp.), Mike Rauscher (U.S. Forest Service), Dr. Vincent Ribiere (American University), Harriet Riofrio (OSD), Charles Rogers (SSC Charleston, Washington Navy Yard), Janet Scheitle (U.S. Army), Susan Tarr (Library of Congress), Susan Turnbull (GSA), Bob Turner (FAA), Peter Williams (Utah State University), and Bill Windhurst (SPAWAR). A special thank you to my publisher, Greg Caruth, and editors Martha Polkey and Debbie Gonzalez of the DAU, who have vastly improved the readability and usefulness of this book, and to everyone who helped make this dream into a reality. Neal J. Pollock 5

6 6

7 Acronyms Note: encyclopedia entries (headers) are in bold ABC Activity-Based Costing ACAT Acquisition CATegory see CBR, CCA, DAE, PM, and 8121 ACWP Actual Cost of Work Performed see EVM ADA Americans with Disabilities Act see Section 508 ADP Automated Data Processing see IT AFB Air Force Base see DSS AFIT Air Force Institute of Technology see DSS AFP Approval for Full Production see Buzzword Compliant AHP Analytical Hierarchy Process AI Artificial Intelligence AII Assuring the Information Infrastructure IRMC Course AIS Automated Information System see IT AMPS Analog Mobile Phone Service ANOVA ANalysis Of VAriance ANSI American National Standards Institute AOL America OnLine see ISP, P2P, Vortal AP Access Point APC Acquisition Professional Corps see DAWIA API Application Programming Interface APMC Advanced Program Management Course see Decision Theory, PM, Systems Engineering APP Application Portability Profile see NIST, Portability AR Acquisition Reform AS Administrative Support see DAWPDP ASCII American Standard Code for Information Interchange see Cookie ASN (AR) Assistant Secretary of the Navy for Acquisition Reform see PM ASP Active Server Page see Webification ASP Application Service Provider ASR Automatic Speech Recognition ASSIST Automated System Security Incident Support Team see IO, PGP ASU Approval for Service Use see Buzzword Compliant ATM Asynchronous Transfer Mode AWT Abstract Windowing Toolkit see Java B/L BaseLine B2B Business to Business B2C Business to Customer (or Consumer) BAC Budgeted At Completion see EVM BAR Behaviorally-Anchored Rating (Scale) BBS Bulletin Board System see Intellectual Property BCA Bridge Certification Authority see CA BCA Business Case Analysis see ROI 7

8 BCWP Budgeted Cost of Work Performed see EVM BCWS Budgeted Cost of Work Scheduled see EVM BIA Business Impact Analysis see COOP BOA Basic Ordering Agreements see GWAC BPA Blanket Purchasing Agreements see GWAC, ESI BPR Business Process Reengineering BRAC Base Realignment And Closure Act BSS Basic Service Set BTMP Business and Technical Management Professionals see DAWPDP BUPERS BUreau of PERSonnel see DSS B/W BandWidth C 2 Command and Control see CCRP, C 2 W, DIAP C 2 W Command and Control Warfare C 3 I Command, Control, Communications, and Intelligence C 4 I Command, Control, Communications, Computers, and Intelligence C 4 ISP Command, Control, Communications, Computers, and Intelligence Support Plan see Architecture CA Certification Authority CAAP Critical Asset Assurance Program CAC Common Access Card CAD Card Acceptance Device see Smart Card CAD/CAM Computer-Aided Design/Manufacturing see DB CAIV Cost As an Independent Variable CALEA Communications Assistance to Law Enforcement Act CAPP Crisis Action Planning Process see IO CASE Computer-Aided Software Engineering see DB, S/W CBR Case Based Reasoning CCA Clinger-Cohen Act CCITT Committee for International Telegraph and Telephone see ITU c-commerce collaborative commerce CCPA Cable Communications Policy Act CCRP Command and Control Research Program (formerly: Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance (C 4 ISR) Cooperative Research Project) CD Compact Disk CDA Central Design Activity or Communications Decency Act CDA Component Data Administrator see Data Administration CDMA Code-Division Multiple Access CDRL Contract Data Requirements List see Data CD-R Compact Disk-Recordable see CD, Log Files, OSD CD-ROM Compact Disk Read-Only Memory see DVD, Distributed Learning, IT, OSD CD-RW Compact Disk-Re-Writable see Optical Storage Device 8

9 CEO Chief Executive Officer see Capital Planning and Investment, CXOs, NSTAC, Performance- and Results-Based Management, Vision and Mental Model CERIAS Center for Education and Research in Information Assurance and Security see Electronic Business, Hackers CERT Computer Emergency Response Team cf. See (in References) CFAA Computer Fraud and Abuse Act CFHA Computer Fraud and Hacking Act CFO Chief Financial Officer see Capital Planning and Investment, FISCAM, GPRA CFOA Chief Financial Officers Act CHAID CHi square Automatic Interaction Detection see Data Mining CHAP Challenge Handshake Authentication Protocol see Authentication CIA Central Intelligence Agency see PCCIP, Vulnerability CIANA Confidentiality, Integrity, Availability, Nonrepudiation, and Authentication CIAO Critical Infrastructure Assurance Officer CICG Critical Infrastructure Coordination Group see PDD-63 CIM Computer Integrated Manufacturing see DB CIO Chief Information Officer CIP Critical Infrastructure Protection CIPC Critical Infrastructure Protection Council CIRT Computer Incident Response Team CISA Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance (C 4 ISR) Integration Support Activity CISO Chief Information Security Officer see DB, IAM CISSP Certified Information Systems Security Professional see ISC 2 CIWS Close In Weapons System see CND CKO Chief Knowledge Officer CLO Chief Learning Officer see CXOs CMM Capability Maturity Model CMU Carnegie-Mellon University see CMM, Risk Assessment/Analysis, S/W, SEI CNA Center for Naval Analyses see Interoperability CNA Computer Network Attack see IO CND Computer Network Defense COAT Council On Accessible Technology see Section 508 CobIT Control objectives for Information and related Technology COE Common Operating Environment CoI Community of Interest COMSEC COMmunications SECurity see DITSCAP COO Chief Operating Officer see CXOs COOP Continuity Of Operations Plan CoP Community of Practice 9

10 COPPA CORBA COS COTS CPI CPO CPS CPU CREATE CRL CRM CSA C/SCSC CSMA/CA CSSPAB CST CW CWML CXO C&A C&E DA DAA DAC DAE D-AMPS DARPA DAU DAWIA DAWPDP DB DBMS DCMC DDDS DDL DDM DDOS DES DFAS DIAP Children s Online Privacy Protection Act Common Object Request Broker Architecture Chip Operating System Contractor Off-The-Shelf Cost Performance Index see EVM Chief Planning Officer, Chief Privacy Officer, or Chief Petty Officer see CXOs Certificate Practice Statement see Policy Central Processor Unit see S/W Committee on Resources for Electronic Accessible Technology to Endusers see Section 508 Certificate Revocation List Customer Relationship Management Computer Security Act Cost/Schedule Control Systems Criteria see Buzzword Compliant, EVM Carrier Sense Multiple Access/Collision Avoidance see IEEE Computer System Security and Privacy Advisory Board see Computer Security Act Critical information systems technologies IRMC Course Collected Works (of Carl Gustav Jung) Compact Wireless Markup Language see WML combination acronym for CEO, CIO, etc. where x is a variable Certification and Accreditation see DITSCAP, IASE Cause and Effect (chain)-cf. Feedback Design Agent see CDA Designated Approval Authority see DITSCAP, IAM, NSTISSI, SSAA Discretionary Access Control Defense Acquisition Executive Digital Advanced Mobile Phone Service see AMPS Defense Advanced Research Project Agency see CIRT, ITU, Internet, NII Defense Acquisition University see DAWIA, PM, Systems Engineering Defense Acquisition Workforce Improvement Act Defense Acquisition Workforce Personnel Demonstration Project DataBase DataBase Management System Defense Contract Management Command see Components, Performance- and Results-Based Management Defense Data Dictionary System see Data Dictionary, Standardization Data Definition Language see DB Department of Defense Data Model see Data Administration Distributed Denial Of Service Data Encryption Standard Defense Finance and Accounting Service see EFT Defense-wide Information Assurance Program 10

11 DiD DII DINK DISA DISN DITSCAP DLA DLR DM DMCA DMIR DML DMS DMZ DNS DoA DoAF DoC DoD DoDD DoE DoE DoJ DOLAP DoN Defense in Depth Defense Information Infrastructure Data, INformation, and Knowledge Defense Information Systems Agency Defense Information Systems Network see DISA Defense Information Technology Security Certification and Accreditation Process Defense Logistics Agency see components, DSS Disk Operating System Local Area Network requestor see Protocol Data Management Digital Millennium Copyright Act Data Management and Interoperability Repository see DM, Data Repository, Metadata Repository Data Manipulation Language see DB Data Management Strategies and Technologies IRMC Course DeMilitarized Zone Domain Name Server Department of the Army see Departments Department of the Air Force see Departments Department of Commerce see PCCIP Department of Defense see Architecture Framework, Architectures and Infrastructures, A-11, A-76, BRAC, Buzzword Compliant, Capital Planning and Investment, CIO, CCA, C 3 I, CAC, COE, Components, CIRT, Core Functions, CAIV, CAAP, CIAO, CIP, CIPC, cyberlaw, cybrarian, CISA, Data Administration, Data Dictionary, Data Element, DM, DAE, Defense, Departments, DoDD, EVM, eb, ec, EDI, EFT, Enterprise, FASA, GIG, Information, IASE, Information Infrastructure, IM, IRM, IRMC, INFOSEC, ITA, IDEF1X, IPT, Interface, ISO, Internet, JTA, NII, OA, Performance- and Results-Based Management, PPBS, PCCIP, Privacy Act, Process Improvement, PM, PKI, Quality, Seat Management, SBU, Services, SCSCG, S/W, SEI, Spectrum Management, Standardization, TA, TCO, X.509, 8121 Department of Defense Directive see C 3 I, CAAP, DAE, DISA, DITSCAP, DIAP, Eb, IM, IO, IRM, INFOSEC, NSTISSI, policy Department of Education see PCCIP Department of Energy see CIRT, PCCIP Department of Justice see PCCIP Desktop OnLine Analytical Processing see OLAP Department of the Navy see INTRODUCTION, ACKNOWLEDGMENTS, Benchmarking, Capital Planning, Change Management, CCA, Cop, Cop CD, CIAO, CIP, CIPC, Cybrarian, DM, DII, Departments, e-gov, Hyperlink, IL, KCO CD, KM, LO, NMCI, NCW, Organizational Learning, PM, Reverse Auction, Search Engine, Seat Management, Section 508, S/W, Systems Thinking, Tacit Knowledge, Taxonomy 11

12 DoS Department of State see Information Assurance Red Team, SPO DOS Disk Operating System see COS, OS, Protocol, System Software DoS Denial of Service DoT Department of Transportation see PCCIP DoT Department of the Treasury see PCCIP DRI Defense Reform Initiative DSA Digital Signature Algorithm see Public Key Cryptosystems DS-CDMA another name for Direct Sequence Spread Spectrum (DSSS) DSL Digital Subscriber Line DSMC Defense Systems Management College see acquisition, DAWIA, PM, Systems Engineering DSS Decision Support Systems DSSS Direct Sequence Spread Spectrum DVD Digital Versatile Disk DWDM Dense Wavelength Division Multiplexing EA Economic Analysis see 8121 EAC Estimate At Completion see EVM EAI Enterprise Application Integration eb electronic Business ebusiness electronic Business ec electronic Commerce e-checks electronic checks ecommerce electronic Commerce ECPA Electronic Communications Privacy Act EDGE Enhanced Data Global System for Mobile Communications Environment EDI Electronic Data Interchange EEA Economic Espionage Act e-foia electronic Freedom Of Information Act EFT Electronic Funds Transfer or Electronic Financial Transaction e-gov electronic Government EIS Executive Information System e-learning electronic learning cf. Distributed Learning electronic mail EMS Electronic Meeting System see DSS E/MSS Employee/Member Self Service see EFT EO Executive Order see CCA, CIP, NSTAC, Strategic Planning EPA Environmental Protection Agency see NIC ERP Enterprise Resource Planning ES Enterprise Solutions ESA Enterprise Software Agreement see ESI ESI Enterprise Software Initiative e-sign electronic signature ESP External Services Provider ESS [developing] Enterprise Security Strategies, Guidelines, And Policies IRMC Course 12

13 ESS Extended Service Set See IBSS and BSS. ESTJ Extroverted, Sensate, Thinking, Judgmental see Model ETA Education, Training and Awareness see DITSCAP, IASE ETC Estimate To Complete see EVM EU European Union EVM Earned Value Management EW Electronic Warfare see C 2 W, IW EWSP Entity-Wide Security Program FAA Federal Aviation Administration see A-76, DSS FAIR Federal Activities Inventory Reform Act FAQs Frequently Asked Questions FAR Federal Acquisition Regulations see FSS, Section 508 FARA Federal Acquisition Reform Act FARC Federal Acquisition Regulatory Council see Acquisition FASA Federal Acquisition Streamlining Act FBI Federal Bureau of Investigation see CIRT, Cyberlaw, PCCIP FCC Federal Communications Commission cf. Frequency, IEEE, Policy, Section 508 FDA Functional Data Administrator see Data Administration FDM Frequency-Division Multiplexing FDMA Frequency Division Multiple Access see AMPS FEIT Functional Evaluation and Integration Team see DIAP FEMA Federal Emergency Management Agency cf. COOP, CIP, Disaster Recovery, PCCIP ff footnote (in a reference) see Regression Analysis FFRDC Federally Funded Research and Development Center FGCA Freedom from Government Competition Act FHSS Frequency Hopping Spread Spectrum FII Federal Information Infrastructure see DII FIPS Federal Information Processing Standard see A-130, Data, DES, IDEF1X FISA Foreign Intelligence Surveillance Act FISCAM Federal Information Technology Security Assessment Manual FMFIA Federal Managers Financial Integrity Act FOIA Freedom Of Information Act FORMIS Framework and Open Reference Model for Information Security see INFOSEC FOUO For Official Use Only see CIO, CAAP, CIP, DIAP, SBU four A s Adaptability, Accountability, Alignment and Awareness FPC Federal Preparedness Circular see COOP, CIP FSS Federal Supply Schedules FTE Full Time Equivalents see DRI FTP File Transfer Protocol see Cache Server, PGP, Trojan Horse, URL FV First Virtual F/W FirmWare see S/W 13

14 GA GAA GAAP GAO Gbps GCCS GCSS GIG GII GIS GISRA GITS GMRA GNIE GOSC GPEA GPO GPRA GPRS GS GS GSA GSM GST GUI GWAC HCI HBR HIPAA HLL HMD HOL HONE HPS HSM HTML Genetic Algorithms Generally Applicable and Accepted Generally Accepted Accounting Principles see GAA General Accounting Office see Audit, Balanced Scorecard, CERT, CIRT, Core Functions, CIP, EVM, FISCAM, GPRA, Information Assurance Red Team, INFOSEC, Penetration Test, Performance- and Results-Based Management, Portfolio Management, Privacy, Pki, Spo, Strategic Planning Gigabits per second; one billion or 10 9 bits/second Global Command and Control System see COE Global Combat Support System see COE Global Information Grid Global Information Infrastructure Geographic Information System Government Information Security Reform Act Government Information Technology Services Board see CCA Government Management and Reform Act Global Networked Information Enterprise see GIG Global Operations and Security Center see IO Government Paperwork Elimination Act Government Printing Office see XML Government Performance and Results Act General Packet Radio Service General Semantics see Semantic Analysis General Schedule see DAWPDP General Services Administration see Balanced Scorecard, Capital Planning and Investment, FSS, GWAC, Performance- and Results-Based Management, PDD-63, Seat Management, Section 508 Global System for Mobile Communications General Systems Theory Graphical User Interface Government Wide Acquisition Contract Human Computer Interface Harvard Business Review cf. Assumptions, Balanced Scorecard, Change Management, DSS, IM, IPT, Leadership, LO, Performance- and Results- Based Management, Reengineering, Simulation, Vision and Mental Model Health Insurance Portability and Accountability Act High-Level Languages cf. Mainframe Computer Head Mounted Devices cf. VR High Order Languages cf. Mainframe Computer Hands On Network Environment cf. Information Map High Performing System cf. Flow, Organizational Learning Hierarchical Storage Management HyperText Markup Language 14

15 HTTP HyperText Transfer Protocol IA Information Assurance IA Intelligent Agent IAG International Agreements Generator cf. CBR IAM Information Security or Information System Security Assessment Methodology IASE Information Assurance Support Environment IAVA Information Assurance Vulnerability Alerts cf. DIAP, IO IBSS Independent Basic Service Set I-CASE Integrated Computer Aided Software Engineering cf. S/W ICE Independent Cost Analysis cf. TCO ICSA International Computer Security Association cf. viruses IDE Integrated Digital Environment IDEF1X Integrated DEFinition for information modeling IDL Interface Definition Language cf. CORBA, Java IDS Interface Design Specification cf. Interface IDS Intrusion Detection System IEEE Institute of Electrical and Electronics Engineers IERs Information Exchange Requirements IETF Internet Engineering Task Force see X.509 IFC Internet Foundation Classes cf. Java IG Inspector General cf. GISRA IIPT Integrating Integrated Product (or Process) Team cf. IPT IITF Information Infrastructure Task Force cf. Information Infrastructure IKM Institute for Knowledge Management IL Information Literacy IM Information Management IMPAC International Merchant Purchasing Authorization card cf. FASA INFOSEC INFOrmation SECurity or INFOrmation system SECurity IO Information Operations IP Intellectual Property IP Internet Protocol IPPD Integrated Product and Process Development cf. DSS IPT Integrated Product (or Process) Team IQ Intelligence Quotient cf. Information Infrastructure, Time Horizon IRM Information Resources Management IRM303 Advanced Information System Acquisition IRMC Course IRMC Information Resources Management College IRS Internal Revenue Service cf. Data Warehouse, DSS, Expert System, GPEA IRT Internet Relay Chat IS Information Superiority or Information Security or Information System ISAC Information Security Analysis Center ISACA Information Systems Audit and Control Association cf. CobIT ISACF Information Systems Audit and Control Foundation cf. CobIT 15

16 ISC 2 International Information Systems Security Certification Consortium ISDN Integrated Services Digital Network ISM Industry, Science, And Medicine cf. Frequency, Home RF, IEEE ISO International Standards Organization ISP Internet Service Provider ISSA Inter-Service Support Agreements cf. A-76 ISSM Information System Security Manager cf. IASE, IAM ISSO Information System Security Officer cf. IASE, IAM, NSTISSI ISSP Information System Security Program cf. NII IT Information Technology ITA Information Technology Architecture ITIM Information Technology Investment Management cf. Portfolio Management ITMRA Information Technology Management Reform Act cf. Acquisition, Capital Planning and Investment, CCA, DM, FARA, Policy ITRB Information Technology Requirements Board cf. CCA ITSEC Information Technology SECurity see DITSCAP, IASE ITU International Telecommunications Union IT-21 Information Technology for the 21 st Century cf. Gateway, NMCI IW Information Warfare JFC Java Foundation Classic cf. Java JFCOM Joint Forces COMmand cf. DSS JOPES Joint Operations Planning and Execution System cf. IO JSCOPE Joint Services Conference On Professional Ethics cf. FMFIA JTA Joint Technical Architecture JVM Java Virtual Machine cf. Java JV 2020 Joint Vision 2020 cf. Decision Superiority, DiD, IO, Information Superiority, KS KB Knowledge Base KCL Knowledge Community Leader KCO Knowledge-Centric Organization KCO CD Knowledge-Centric Organization Compact Disk (toolkit) KD Knowledge Density KID Knowledge, Information, and/or Data KM Knowledge Management KMCP Knowledge Management Community of Practice cf. CoP KMI Key Management Infrastructure KPA Key Process Area cf. Acquisition, CMM, S/W KR contractor cf. Penetration Test KS Knowledge Superiority LAN Local Area Network LCC Life-Cycle Cost cf. PMLCCE, TCO LCDR Lieutenant CommanDeR cf. Micro Purchases LCL Lower Control Limits cf. Change Management LDAP Light-Weight Directory Access Protocol 16

17 LDC Leadership for the 21 st Century IRMC Course LMDS Local Multipoint Distribution Service LO Learning Organization LoA Level of Abstraction LOC Lines Of Code cf. IT, software quality LoD Level of Detail cf. LoA LRA Local Registration Authority LSB Least Significant Bit cf. steganography L2TP Layer two Tunneling Protocol cf. VPN MAGIC Merced Automated Global Information Collector cf. Expert System MAIS Major Automated Information System cf. DAE, IRM, 8121 MAN Metropolitan Area Network MBTI Myers-Briggs Type Indicator cf. CRM, Item Analysis, Model, NLS MDA Milestone Decision Authority cf. DAE MDAP Major Defense Acquisition Program cf. DAE MEO Most Efficient Organization cf. A-76, DRI MIDS Multifunctional Information Distribution System cf. CBR, Common, IERs MILDEP MILitary DEPartment cf. AR, Agency, CIO, Enterprise, 8121 MIME Multipurpose Internet Mail Extension MISSI Multilevel Information System Security Initiative cf. MLS MLDT Mean Logistics Delay Time cf. Availability MLS MultiLevel Security MMDS Multipoint Multichannel Distribution Service MO Magneto-Optical cf. OSD MOLAP Multidimensional OnLine Analytical Processing cf. OLAP MOP Measuring results of Organizational Performance IRMC Course MOTS Modified Off-The-Shelf see COTS MP3 MPEG-1 (Motion Picture Expert Group) Audio Layer-3 MSB Most Significant Bit cf. Steganography MTBF Mean Time Between Failures cf. Availability, Burn-In, SPOF MUDs Multi-User Dungeon, Multi-User Dimension, Multi-User Dialogue NADC Naval Air Development Center cf. Cryptology, Java NASA National Aeronautics and Space Administration cf. Seat Management, VTC NATO North Atlantic Treaty Organization cf. CBR, Common, DSS, IERs, interoperability NAVAIR NAVal AIR systems command cf. BRAC, CAIV, Knowledge Elicitation, PM NAVFAC NAVal FACilities engineering command cf. CoI, Domain, Knowledge Network NAVSEA NAVal SEA systems command cf. Acronym, ANOVA, CDA, Change Management, Eb, Interoperability, PM NCW Network Centric Warfare NDI Non Developmental Item cf. COTS, DITSCAP 17

APPENDIX J INFORMATION TECHNOLOGY MANAGEMENT GOALS

APPENDIX J INFORMATION TECHNOLOGY MANAGEMENT GOALS APPENDIX J INFORMATION TECHNOLOGY MANAGEMENT GOALS Section 5123 of the Clinger-Cohen Act requires that the Department establish goals for improving the efficiency and effectiveness of agency operations

More information

Standards and Guidelines for. Information Technology. Infrastructure, Architecture, and Ongoing Operations

Standards and Guidelines for. Information Technology. Infrastructure, Architecture, and Ongoing Operations Standards and Guidelines for Information Technology Infrastructure, Architecture, and Ongoing Operations This document describes applicable standards and guidelines for the university's policy on Information

More information

Certified Information Systems Auditor (CISA)

Certified Information Systems Auditor (CISA) Certified Information Systems Auditor (CISA) Course Introduction Course Introduction Module 01 - The Process of Auditing Information Systems Lesson 1: Management of the Audit Function Organization of the

More information

i. Definition ii. Primary Activities iii. Support Activities iv. Information Systems role in value chain analysis

i. Definition ii. Primary Activities iii. Support Activities iv. Information Systems role in value chain analysis ACS 1803 Final Exam Topic Outline I. Enterprise Information Systems a. Enterprise systems vs. inter-organisational systems b. Value Chain Analysis ii. Primary Activities iii. Support Activities iv. Information

More information

Service Oriented Architecture (SOA) for DoD

Service Oriented Architecture (SOA) for DoD Service Oriented Architecture (SOA) for DoD Prof. Paul A. Strassmann January 9, 2008 1 Part 1 SOA Requirements 2 The DoD Challenge 3 Most DoD Projects Have Own Data Projects 07 Budget $ Millions Number

More information

BUY ONLINE FROM: http://www.itgovernance.co.uk/products/497

BUY ONLINE FROM: http://www.itgovernance.co.uk/products/497 CISSP EXAM CRAM 2 1. The CISSP Certification Exam. Assessing Exam Readiness. Taking the Exam. Multiple-Choice Question Format. Exam Strategy. Question-Handling Strategies. Mastering the Inner Game. 2.

More information

Network Security Administrator

Network Security Administrator Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

Reliable, Repeatable, Measurable, Affordable

Reliable, Repeatable, Measurable, Affordable Reliable, Repeatable, Measurable, Affordable Defense-in-Depth Across Your Cyber Security Life-Cycle Faced with today s intensifying threat environment, where do you turn for cyber security answers you

More information

Developing the Corporate Security Architecture. www.avient.ca Alex Woda July 22, 2009

Developing the Corporate Security Architecture. www.avient.ca Alex Woda July 22, 2009 Developing the Corporate Security Architecture www.avient.ca Alex Woda July 22, 2009 Avient Solutions Group Avient Solutions Group is based in Markham and is a professional services firm specializing in

More information

Chapter 1 The Principles of Auditing 1

Chapter 1 The Principles of Auditing 1 Chapter 1 The Principles of Auditing 1 Security Fundamentals: The Five Pillars Assessment Prevention Detection Reaction Recovery Building a Security Program Policy Procedures Standards Security Controls

More information

Department of Defense

Department of Defense Department of Defense DIRECTIVE NUMBER 8100.02 April 14, 2004 Certified Current as of April 23, 2007 ASD(NII) SUBJECT: Use of Commercial Wireless Devices, Services, and Technologies in the Department of

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used

More information

Department of Defense INSTRUCTION

Department of Defense INSTRUCTION Department of Defense INSTRUCTION NUMBER 5200.40 December 30, 1997 SUBJECT: DoD Information Technology Security Certification and Accreditation Process (DITSCAP) ASD(C3I) References: (a) DoD Directive

More information

COMPLIANCE WITH THIS PUBLICATION IS MANDATORY. NOTICE: This publication is available digitally on the AFDPO WWW site at: http://afpubs.hq.af.mil.

COMPLIANCE WITH THIS PUBLICATION IS MANDATORY. NOTICE: This publication is available digitally on the AFDPO WWW site at: http://afpubs.hq.af.mil. BY ORDER OF THE SECRETARY OF THE AIR FORCE AIR FORCE INSTRUCTION 33-204 21 September 2001 Communications and Information INFORMATION ASSURANCE (IA) AWARENESS PROGRAM COMPLIANCE WITH THIS PUBLICATION IS

More information

IBM Cognos TM1 on Cloud Solution scalability with rapid time to value

IBM Cognos TM1 on Cloud Solution scalability with rapid time to value IBM Solution scalability with rapid time to value Cloud-based deployment for full performance management functionality Highlights Reduced IT overhead and increased utilization rates with less hardware.

More information

U.S. ELECTION ASSISTANCE COMMISSION OFFICE OF INSPECTOR GENERAL

U.S. ELECTION ASSISTANCE COMMISSION OFFICE OF INSPECTOR GENERAL U.S. ELECTION ASSISTANCE COMMISSION OFFICE OF INSPECTOR GENERAL FINAL REPORT: U.S. Election Assistance Commission Compliance with the Requirements of the Federal Information Security Management Act Fiscal

More information

FLORIDA STATE COLLEGE AT JACKSONVILLE COLLEGE CREDIT COURSE OUTLINE

FLORIDA STATE COLLEGE AT JACKSONVILLE COLLEGE CREDIT COURSE OUTLINE Form 2A, Page 1 FLORIDA STATE COLLEGE AT JACKSONVILLE COLLEGE CREDIT COURSE OUTLINE COURSE NUMBER: CTS 2658 COURSE TITLE: PREREQUISITE(S): COREQUISITE(S): Managing Network Security CNT 2210 with grade

More information

Oct 15, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html 3. Internet : the vast collection of interconnected networks that all use the TCP/IP protocols

Oct 15, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html 3. Internet : the vast collection of interconnected networks that all use the TCP/IP protocols E-Commerce Infrastructure II: the World Wide Web The Internet and the World Wide Web are two separate but related things Oct 15, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html 1 Outline The Internet and

More information

5 FAH-11 H-500 PERFORMANCE MEASURES FOR INFORMATION ASSURANCE

5 FAH-11 H-500 PERFORMANCE MEASURES FOR INFORMATION ASSURANCE 5 FAH-11 H-500 PERFORMANCE MEASURES FOR INFORMATION ASSURANCE 5 FAH-11 H-510 GENERAL (Office of Origin: IRM/IA) 5 FAH-11 H-511 INTRODUCTION 5 FAH-11 H-511.1 Purpose a. This subchapter implements the policy

More information

4. Objective. To provide guidelines for IS requirements and LCM support under NMCI.

4. Objective. To provide guidelines for IS requirements and LCM support under NMCI. d. To apply basic policy and principles of computer hardware and software management as they relate to Information Management and Information Technology (IMIT) and Information Systems (IS) associated with

More information

UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET

UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET Form 1221-2 (June 1969) UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT Release: 1-1718 Date: MANUAL TRANSMITTAL SHEET Subject 1265 Information Technology Investment Management (ITIM)

More information

Eleventh Hour Security+

Eleventh Hour Security+ Eleventh Hour Security+ Exam SYO-201 Study Guide I do Dubrawsky Technical Editor Michael Cross AMSTERDAM BOSTON HEIDELBERG LONDON NEWYORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO SYNGRESS.

More information

Detailed Table of Contents

Detailed Table of Contents Detailed Table of Contents Foreword Preface 1. Networking Protocols and OSI Model 1 1.1 Protocols in Computer Communications 3 1.2 The OSI Model 7 1.3 OSI Layer Functions 11 Summary 19 Key Terms and Concepts

More information

Department of Defense INSTRUCTION. SUBJECT: Information Assurance (IA) in the Defense Acquisition System

Department of Defense INSTRUCTION. SUBJECT: Information Assurance (IA) in the Defense Acquisition System Department of Defense INSTRUCTION NUMBER 8580.1 July 9, 2004 SUBJECT: Information Assurance (IA) in the Defense Acquisition System ASD(NII) References: (a) Chapter 25 of title 40, United States Code (b)

More information

United States Antarctic Program Information Resource Management Directive 5000.01 The USAP Information Security Program

United States Antarctic Program Information Resource Management Directive 5000.01 The USAP Information Security Program The National Science Foundation Office of Polar Programs United States Antarctic Program Information Resource Management Directive 5000.01 The USAP Information Security Program Organizational Function

More information

Application Reviews and Web Application Firewalls Clarified. Information Supplement: PCI Data Security Standard (PCI DSS) Requirement:

Application Reviews and Web Application Firewalls Clarified. Information Supplement: PCI Data Security Standard (PCI DSS) Requirement: Standard: Version: Date: Requirement: Author: PCI Data Security Standard (PCI DSS) 1.2 October 2008 6.6 PCI Security Standards Council Information Supplement: Application Reviews and Web Application Firewalls

More information

Information and Communications Technology Courses at a Glance

Information and Communications Technology Courses at a Glance Information and Communications Technology Courses at a Glance Level 1 Courses ICT121 Introduction to Computer Systems Architecture This is an introductory course on the architecture of modern computer

More information

Chapter 5. Data Communication And Internet Technology

Chapter 5. Data Communication And Internet Technology Chapter 5 Data Communication And Internet Technology Purpose Understand the fundamental networking concepts Agenda Network Concepts Communication Protocol TCP/IP-OSI Architecture Network Types LAN WAN

More information

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES Table of contents 1.0 SOFTWARE 1 2.0 HARDWARE 2 3.0 TECHNICAL COMPONENTS 2 3.1 KEY MANAGEMENT

More information

Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified

Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified Standard: Data Security Standard (DSS) Requirement: 6.6 Date: February 2008 Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified Release date: 2008-04-15 General PCI

More information

E-Business, E-Commerce

E-Business, E-Commerce E-Business, E-Commerce Lecture Outline 11 Instructor: Kevin Robertson Introduction to Information Systems Explain the differences between extranets and intranets as well as show how organizations utilize

More information

AlphaTrust PRONTO Enterprise Platform Product Overview

AlphaTrust PRONTO Enterprise Platform Product Overview AlphaTrust PRONTO Enterprise Platform Product Overview AlphaTrust PRONTO Enterprise Platform is server-based software that automates the creation of legally enforceable, permanent business records that

More information

IT SECURITY EDUCATION AWARENESS TRAINING POLICY OCIO-6009-09 TABLE OF CONTENTS

IT SECURITY EDUCATION AWARENESS TRAINING POLICY OCIO-6009-09 TABLE OF CONTENTS OFFICE OF THE CHIEF INFORMATION OFFICER Date of Issuance: May 22, 2009 Effective Date: May 22, 2009 Review Date: Section I. PURPOSE II. AUTHORITY III. SCOPE IV. DEFINITIONS V. POLICY VI. RESPONSIBILITIES

More information

Information Technology (IT) Investment Management Insight Policy for Acquisition

Information Technology (IT) Investment Management Insight Policy for Acquisition MEMORANDUM FOR SECRETARIES OF THE MILITARY DEPARTMENTS CHAIRMAN OF THE JOINT CHIEFS OF STAFF UNDER SECRETARIES OF DEFENSE DIRECTOR, DEFENSE RESEARCH AND ENGINEERING ASSISTANT SECRETARIES OF DEFENSE GENERAL

More information

Business Information System Courses Description

Business Information System Courses Description Business Information System Courses Description 1903101 Fundamentals of Information Technology: (Prerequisite none) Information Technology components, computer hardware: memory, CPU, machine cycle. numbering

More information

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved. Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control

More information

Implementation of the DoD Management Control Program for Navy Acquisition Category II and III Programs (D-2004-109)

Implementation of the DoD Management Control Program for Navy Acquisition Category II and III Programs (D-2004-109) August 17, 2004 Acquisition Implementation of the DoD Management Control Program for Navy Acquisition Category II and III Programs (D-2004-109) Department of Defense Office of the Inspector General Quality

More information

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY) E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system

More information

Measure More, Spend Less. Better Security

Measure More, Spend Less. Better Security Measure More, Spend Less ON THE WAY TO Better Security For: Information Security Officers of the State of California Presented by: John Streufert US Department of State February 25, 2010 State Department

More information

Common Remote Service Platform (crsp) Security Concept

Common Remote Service Platform (crsp) Security Concept Siemens Remote Support Services Common Remote Service Platform (crsp) Security Concept White Paper April 2013 1 Contents Siemens AG, Sector Industry, Industry Automation, Automation Systems This entry

More information

Department of Veterans Affairs VA Directive 6004 CONFIGURATION, CHANGE, AND RELEASE MANAGEMENT PROGRAMS

Department of Veterans Affairs VA Directive 6004 CONFIGURATION, CHANGE, AND RELEASE MANAGEMENT PROGRAMS Department of Veterans Affairs VA Directive 6004 Washington, DC 20420 Transmittal Sheet September 28, 2009 CONFIGURATION, CHANGE, AND RELEASE MANAGEMENT PROGRAMS 1. REASON FOR ISSUE: This Directive establishes

More information

Department of Defense DIRECTIVE

Department of Defense DIRECTIVE Department of Defense DIRECTIVE NUMBER 8140.01 August 11, 2015 DoD CIO SUBJECT: Cyberspace Workforce Management References: See Enclosure 1 1. PURPOSE. This directive: a. Reissues and renumbers DoD Directive

More information

Evaluate the Usability of Security Audits in Electronic Commerce

Evaluate the Usability of Security Audits in Electronic Commerce Evaluate the Usability of Security Audits in Electronic Commerce K.A.D.C.P Kahandawaarachchi, M.C Adipola, D.Y.S Mahagederawatte and P Hewamallikage 3 rd Year Information Systems Undergraduates Sri Lanka

More information

SECTION C: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT Article C.1 Introduction This contract is intended to provide IT solutions and services as

SECTION C: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT Article C.1 Introduction This contract is intended to provide IT solutions and services as SECTION C: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT Article C.1 Introduction This contract is intended to provide IT solutions and services as defined in FAR 2.101(b) and further clarified in the Clinger-Cohen

More information

APPENDIX A WORK PROCESS SCHEDULE RELATED INSTRUCTION OUTLINE

APPENDIX A WORK PROCESS SCHEDULE RELATED INSTRUCTION OUTLINE APPENDIX A WORK PROCESS SCHEDULE RELATED INSTRUCTION OUTLINE E COMMERCE SPECIALIST PAGE 1 OF 11 WORK PROCESS SCHEDULE E COMMERCE SPECIALIST (ECS) O*NET SOC CODE: 15 1099.99 RAIS CODE: 1054CB DESCRIPTION:

More information

Department of Defense DIRECTIVE. SUBJECT: Management of the Department of Defense Information Enterprise

Department of Defense DIRECTIVE. SUBJECT: Management of the Department of Defense Information Enterprise Department of Defense DIRECTIVE SUBJECT: Management of the Department of Defense Information Enterprise References: See Enclosure 1 NUMBER 8000.01 February 10, 2009 ASD(NII)/DoD CIO 1. PURPOSE. This Directive:

More information

Department of Homeland Security Management Directive System MD Number: 4900 INDIVIDUAL USE AND OPERATION OF DHS INFORMATION SYSTEMS/ COMPUTERS

Department of Homeland Security Management Directive System MD Number: 4900 INDIVIDUAL USE AND OPERATION OF DHS INFORMATION SYSTEMS/ COMPUTERS Department of Homeland Security Management Directive System MD Number: 4900 INDIVIDUAL USE AND OPERATION OF DHS INFORMATION SYSTEMS/ COMPUTERS 1. Purpose This directive establishes the Department of Homeland

More information

Department of Defense INSTRUCTION

Department of Defense INSTRUCTION Department of Defense INSTRUCTION NUMBER 8551.01 May 28, 2014 DoD CIO SUBJECT: Ports, Protocols, and Services Management (PPSM) References: See Enclosure 1 1. PURPOSE. In accordance with the authority

More information

CFO Leadership Certificate Program CFO Academy

CFO Leadership Certificate Program CFO Academy CFO Leadership Certificate Program CFO Academy Information Resources Management College, NDU The Information Resource Management College (IRMC) at the National Defense University (NDU) is pleased to announce

More information

Additional Offeror Qualifications: Not applicable.

Additional Offeror Qualifications: Not applicable. Category 1: IBM Host Systems Support Services shall include configuration design, installation, maintenance, modification, monitoring and/or evaluation of operating systems and secondary support software

More information

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT Name of System/Application: LAN/WAN PRIVACY IMPACT ASSESSMENT U. S. Small Business Administration LAN/WAN FY 2011 Program Office: Office of the Chief Information Officer A. CONTACT INFORMATION 1) Who is

More information

ACSAC 2007 - CWID 2007 Data Diode Case Study. http://www.owlcti.com toll free 866.695.3387

ACSAC 2007 - CWID 2007 Data Diode Case Study. http://www.owlcti.com toll free 866.695.3387 ACSAC 2007 - CWID 2007 Data Diode Case Study http://www.owlcti.com toll free 866.695.3387 Coalition Warrior Interoperability Demonstration (CWID) 2007 Case Studies in Data Diode Application http://www.owlcti.com

More information

PROCESSING CLASSIFIED INFORMATION ON PORTABLE COMPUTERS IN THE DEPARTMENT OF JUSTICE

PROCESSING CLASSIFIED INFORMATION ON PORTABLE COMPUTERS IN THE DEPARTMENT OF JUSTICE PROCESSING CLASSIFIED INFORMATION ON PORTABLE COMPUTERS IN THE DEPARTMENT OF JUSTICE U.S. Department of Justice Office of the Inspector General Audit Division Audit Report 05-32 July 2005 PROCESSING CLASSIFIED

More information

Applying the DOD Information Assurance C&A Process (DIACAP) Overview

Applying the DOD Information Assurance C&A Process (DIACAP) Overview Applying the DOD Information Assurance C&A Process (DIACAP) Overview C&A, Risk, and the System Life Cycle 2006 Hatha Systems Agenda Part 1 Part 2 Part 3 The C&A Challenge DOD s IA Framework Making C&A

More information

Brief Contents. Part Three: Decisions and Strategies. Part One: Information Technology Infrastructure. Part Four: Organizing Businesses and Systems

Brief Contents. Part Three: Decisions and Strategies. Part One: Information Technology Infrastructure. Part Four: Organizing Businesses and Systems Brief Contents 1 Introduction Part One: Information Technology Infrastructure 2 Information Technology Foundations 3 Networks and Telecommunications 4 Database Management Part Two: Business Integration

More information

E-Business Technologies for the Future

E-Business Technologies for the Future E-Business Technologies for the Future Michael B. Spring Department of Information Science and Telecommunications University of Pittsburgh spring@imap.pitt.edu http://www.sis.pitt.edu/~spring Overview

More information

Networking: EC Council Network Security Administrator NSA

Networking: EC Council Network Security Administrator NSA coursemonster.com/uk Networking: EC Council Network Security Administrator NSA View training dates» Overview The EC-Council's NSA certification looks at network security from a defensive view. The NSA

More information

Department of Defense DIRECTIVE

Department of Defense DIRECTIVE Department of Defense DIRECTIVE NUMBER 8000.01 March 17, 2016 DoD CIO SUBJECT: Management of the Department of Defense Information Enterprise (DoD IE) References: See Enclosure 1 1. PURPOSE. This directive:

More information

Test 1 Review Chapter 1 What is a computer? 1. Definition of computer 2. Data and information. Emphasize that data is processed into information. 3.

Test 1 Review Chapter 1 What is a computer? 1. Definition of computer 2. Data and information. Emphasize that data is processed into information. 3. Test 1 Review Chapter 1 What is a computer? 1. Definition of computer 2. Data and information. Emphasize that data is processed into information. 3. Instructions 4. Describe the information processing

More information

Information Security Policy

Information Security Policy Information Security Policy Steve R. Hutchens, CISSP EDS, Global Leader, Homeland Security Agenda Security Architecture Threats and Vulnerabilities Design Considerations Information Security Policy Current

More information

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323

More information

Lecture 1. Lecture Overview. Intro to Networking. Intro to Networking. Motivation behind Networking. Computer / Data Networks

Lecture 1. Lecture Overview. Intro to Networking. Intro to Networking. Motivation behind Networking. Computer / Data Networks Lecture 1 An Introduction to Networking Chapter 1, pages 1-22 Dave Novak BSAD 146, Introduction to Networking School of Business Administration University of Vermont Lecture Overview Brief introduction

More information

The IDA Catalogue. of GENERIC SERVICES. Interchange of Data between Administrations

The IDA Catalogue. of GENERIC SERVICES. Interchange of Data between Administrations Interchange of Data between Administrations EUROPEAN COMMISSION ENTERPRISE DIRECTORATE- GENERAL INTERCHANGE OF DATA BETWEEN ADMINISTRATIONS PROGRAMME Interchange of Data between Administrations 2 of Generic

More information

The following chart provides the breakdown of exam as to the weight of each section of the exam.

The following chart provides the breakdown of exam as to the weight of each section of the exam. Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those

More information

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS MODULE 13 ELECTRONIC COMMERCE OBJECTIVE QUESTIONS There are 4 alternative answers to each question. One of them is correct. Pick the correct answer. Do not guess. A key is given at the end of the module

More information

CISA TIMETABLE (4 DAYS)

CISA TIMETABLE (4 DAYS) CISA TIMETABLE (4 DAYS) ISACA-CISA Day 1 9.00 9.30 Welcome, Introductions, Coffee 9.30 11.00 About the CISA Exam Domain 1 - The Process of Auditing Information Systems Auditing Types of Audits Audit Methodology

More information

How Virtual Private Networks Work

How Virtual Private Networks Work How Virtual Private Networks Work by Jeff Tyson This article has been reprinted from http://computer.howstuffworks.com/ Please note that the web site includes two animated diagrams which explain in greater

More information

DEPARTMENT OF DEFENSE DeCA DIRECTIVE 35-30 HEADQUARTERS DEFENSE COMMISSARY AGENCY Fort Lee VA 28301-6300 August 1, 1995. Information Management

DEPARTMENT OF DEFENSE DeCA DIRECTIVE 35-30 HEADQUARTERS DEFENSE COMMISSARY AGENCY Fort Lee VA 28301-6300 August 1, 1995. Information Management DEPARTMENT OF DEFENSE DeCA DIRECTIVE 35-30 HEADQUARTERS DEFENSE COMMISSARY AGENCY Fort Lee VA 28301-6300 August 1, 1995 Information Management INFORMATION SYSTEMS SECURITY (INFOSEC) AWARENESS TRAINING

More information

HIPAA Security Considerations for Broadband Fixed Wireless Access Systems White Paper

HIPAA Security Considerations for Broadband Fixed Wireless Access Systems White Paper HIPAA Security Considerations for Broadband Fixed Wireless Access Systems White Paper Rev 1.0 HIPAA Security Considerations for Broadband Fixed Wireless Access Systems This white paper will investigate

More information

Information System Security

Information System Security October 11, 2002 Information System Security Security Controls for the Defense Procurement Payment System (D-2003-009) Department of Defense Office of the Inspector General Quality Integrity Accountability

More information

Department of Defense INSTRUCTION. Telecommunications Services in the National Capital Region (NCR)

Department of Defense INSTRUCTION. Telecommunications Services in the National Capital Region (NCR) Department of Defense INSTRUCTION NUMBER 4640.07 September 24, 2009 Incorporating Change 2, August 10, 2012 DA&M SUBJECT: Telecommunications Services in the National Capital Region (NCR) References: See

More information

IBM Connections Cloud Security

IBM Connections Cloud Security IBM Connections White Paper September 2014 IBM Connections Cloud Security 2 IBM Connections Cloud Security Contents 3 Introduction 4 Security-rich Infrastructure 6 Policy Enforcement Points Provide Application

More information

Network Security Fundamentals

Network Security Fundamentals APNIC elearning: Network Security Fundamentals 27 November 2013 04:30 pm Brisbane Time (GMT+10) Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security IPv6

More information

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

CH ENSA EC-Council Network Security Administrator Detailed Course Outline CH ENSA EC-Council Network Security Administrator Detailed Course Outline Summary Duration Vendor Audience 5 Days hands-on training EC-Council Security Professionals Level Technology Category Advance Ethical

More information

BIT Course Description

BIT Course Description BIT Course Description Introduction to Operating Systems BTEC 101 This course follows a systematic approach to operating systems explaining why they are needed and what they do. Topics include the basic

More information

HE WAR AGAINST BEING AN INTERMEDIARY FOR ANOTHER ATTACK

HE WAR AGAINST BEING AN INTERMEDIARY FOR ANOTHER ATTACK HE WAR AGAINST BEING AN INTERMEDIARY FOR ANOTHER ATTACK Prepared By: Raghda Zahran, Msc. NYIT-Jordan campus. Supervised By: Dr. Lo ai Tawalbeh. November 2006 Page 1 of 8 THE WAR AGAINST BEING AN INTERMEDIARY

More information

---Information Technology (IT) Specialist (GS-2210) IT Security Competency Model---

---Information Technology (IT) Specialist (GS-2210) IT Security Competency Model--- ---Information Technology (IT) Specialist (GS-2210) IT Security Model--- TECHNICAL COMPETENCIES Computer Forensics Knowledge of tools and techniques pertaining to legal evidence used in the analysis of

More information

DEFENSE INFORMATION SYSTEMS AGENCY P. O. BOX 549 FORT MEADE, MARYLAND 20755-0549. Thanks

DEFENSE INFORMATION SYSTEMS AGENCY P. O. BOX 549 FORT MEADE, MARYLAND 20755-0549. Thanks DEFENSE INFORMATION SYSTEMS AGENCY P. O. BOX 549 FORT MEADE, MARYLAND 20755-0549 Thanks IN REPLY REFER TO: Joint Interoperability Test Command (JTE) 7 Aug 13 MEMORANDUM FOR DISTRIBUTION SUBJECT: Extension

More information

Public-Key Infrastructure

Public-Key Infrastructure Public-Key Infrastructure Technology and Concepts Abstract This paper is intended to help explain general PKI technology and concepts. For the sake of orientation, it also touches on policies and standards

More information

SECTION C: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT

SECTION C: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT PAGE 6 of 51 SECTION C: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT Article C.1 Statement of Work This contract is designed to permit the Institutes and Centers (ICs) of NIH, the Department of Health and

More information

Application Note. Intelligent Application Gateway with SA server using AD password and OTP

Application Note. Intelligent Application Gateway with SA server using AD password and OTP Application Note Intelligent Application Gateway with SA server using AD password and OTP ii Preface All information herein is either public information or is the property of and owned solely by Gemalto

More information

Ensuring the security of your mobile business intelligence

Ensuring the security of your mobile business intelligence IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive

More information

Network Systems Integration

Network Systems Integration Network Systems Integration Strong Networks for Mission-Critical Services Turnkey Solutions for Today s Large-Scale Networks Government and business enterprises turn to General Dynamics Information Technology

More information

SECTION A: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT

SECTION A: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT SECTION A: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT Article A.1 Introduction This contract is intended to provide IT solutions and services as defined in FAR 2.101(b) and further clarified in the Clinger-Cohen

More information

I. U.S. Government Privacy Laws

I. U.S. Government Privacy Laws I. U.S. Government Privacy Laws A. Privacy Definitions and Principles a. Privacy Definitions i. Privacy and personally identifiable information (PII) b. Privacy Basics Definition of PII 1. Office of Management

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Department of Defense INSTRUCTION. SUBJECT: Communications Security (COMSEC) Monitoring and Information Assurance (IA) Readiness Testing

Department of Defense INSTRUCTION. SUBJECT: Communications Security (COMSEC) Monitoring and Information Assurance (IA) Readiness Testing Department of Defense INSTRUCTION NUMBER 8560.01 October 9, 2007 ASD(NII)/DoD CIO SUBJECT: Communications Security (COMSEC) Monitoring and Information Assurance (IA) Readiness Testing References: (a) DoD

More information

Chapter 8. Network Security

Chapter 8. Network Security Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who

More information

OFFICE OF THE INSPECTOR GENERAL SOCIAL SECURITY ADMINISTRATION

OFFICE OF THE INSPECTOR GENERAL SOCIAL SECURITY ADMINISTRATION OFFICE OF THE INSPECTOR GENERAL SOCIAL SECURITY ADMINISTRATION CONTRACTOR SECURITY OF THE SOCIAL SECURITY ADMINISTRATION S HOMELAND SECURITY PRESIDENTIAL DIRECTIVE 12 CREDENTIALS June 2012 A-14-11-11106

More information

Information Technology Security Training Requirements APPENDIX A. Appendix A Learning Continuum A-1

Information Technology Security Training Requirements APPENDIX A. Appendix A Learning Continuum A-1 APPENDIX A Appendix A Learning Continuum A-1 Appendix A Learning Continuum A-2 APPENDIX A LEARNING CONTINUUM E D U C A T I O N Information Technology Security Specialists and Professionals Education and

More information

Security Digital Certificate Manager

Security Digital Certificate Manager IBM i Security Digital Certificate Manager 7.1 IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in Notices,

More information

ERserver. iseries. Secure Sockets Layer (SSL)

ERserver. iseries. Secure Sockets Layer (SSL) ERserver iseries Secure Sockets Layer (SSL) ERserver iseries Secure Sockets Layer (SSL) Copyright International Business Machines Corporation 2000, 2002. All rights reserved. US Government Users Restricted

More information

UTMB INFORMATION RESOURCES PRACTICE STANDARD

UTMB INFORMATION RESOURCES PRACTICE STANDARD IR Security Glossary Introduction Purpose Applicability Sensitive Digital Data Management Privacy Implications This abbreviated list provides explanations for typically used Information Resources (IR)

More information

014-00-01-01-01-1146-00. Mixed Life Cycle FY2002

014-00-01-01-01-1146-00. Mixed Life Cycle FY2002 Consolidated American System (CAPPS) and Interagency e Migration Exhibit 300: Part I: Summary Information and Justification (All Capital Assets) I.A. Overview 1. Date of Submission: 2. Agency: Department

More information

Information Technology & Communications Department Organization N6

Information Technology & Communications Department Organization N6 Information Technology & Communications Department Organization N6 Director, Information Technology & Communications Department N6 Deputy, Information Technology & Communications Department N6B Chart VI

More information