National Cryptologic School
DAW provided this URL: http://csrc.nist.gov/training/in170.zip 1996-04-29 Introduction to Computer Security National Cryptologic School Interactive Courseware Trainee Guide (formerly, CP-133) (37 zipped files, DOS program) We've had a look at this course, a primer on CompSec and a required course for all DoD employees. It takes some fiddling to get past the sign-on block. Hint: after unzipping execute "student.exe" and enter "CP" as the lesson. Repeat for other listed files, CPxxx - CPxxx. It's basic stuff but worthwhile for its claims, these among others: 1. Most hackers are employees of the target. 2. Negligence, accidents and sloppy sys-administration are prime causes of disruptions, perhaps more than deliberate attacks. 3. Environmental weaknesses are often overlooked by security experts too focussed on computer systems. It lists these security documents as references: EO 12356 [superceded by EO 12958] DCID 1/16 [Director of Central Intelligence Directive] DoDDir 5200.28 DoD 5200.28 STD Public Law 100-235 NSA/CSS Dir 10-27 NSA/CSS Manual 130-1 (NSAM 130-1) NSA/CSS Manual 130-2 (NSAM 130-2) NSA/CSS Reg 130-2 NTISSAM COMPSEC 1-87 The Rainbow Series OMB A-130 Does anyone know of a source for the DCID series and the NSA/CSS series? Some of the others are available on the Web -- see AltaVista. While looking for these we ran across an informative implementation of infosec and compsec: Information Systems Accreditation Document, 4 Volumes System Security Requirements for the Department of Defense Intelligence Information System Automated Message Handling System (AMHS) V2.x By: McDonnell Douglas Aerospace For: Electronic Systems Center, Air Force Materiel Command Which we've put at: http://jya.com/amhs.htm
participants (1)
-
John Young