Most of our web-based training products can be
ordered on a CD-ROM.
|
|
DoD
Information Assurance Awareness
(for DoD Personnel)
Date 10/08– Ver 7
This web-based product provides an interactive style of presenting
topics to reflect the constant changing world of information assurance
as it relates to information technology. The user is introduced
to the principles of IA, its evolution, IA-related policies and
laws, critical infrastructure protection (CIP), and the differences
between threats and vulnerabilities. Utilizing an interactive format
the user is presented with information regarding the insider threat,
social engineering, and peer-to-peer applications. The course presents
the concept of Malicious Code, including its impacts and the methods
it uses to infect information systems. Important guidelines for
ensuring a secure system, defining classification levels for DoD
information, to include personally identifiable information (PII),
and outlining your role as a user in protecting this information
is also provided. The course also introduces the threats associated
with identity theft, spyware, and phishing and how you can protect
yourself, as well as, providing security tips to practice in your
daily routine to increase your home computer security. (1hr) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Federal
Information Systems Security Awareness
(for non-DoD Personnel)
Date 10/08 - Ver 2
This web-based product provides expanded modules and topics for
the federal government to reflect the constant changing world of
information systems security (ISS) as it relates to information
technology. The user is introduced to the principles of ISS, its
evolution, ISS-related policies and laws, and critical infrastructure
protection (CIP). The training explains the differences between
threats and vulnerabilities and provides information regarding the
insider threat, social engineering, and peer-to-peer applications.
The user is presented with the concept of Malicious Code, including
its impacts and the methods it uses to infect information systems.
Important guidelines for ensuring a secure system, defining classification
levels, to include personally identifiable information (PII), and
outlining your role as a user in protecting this information is
also provided. The course also introduces the threats associated
with identity theft, spyware, and phishing and how you can protect
yourself, as well as, providing security tips to practice in your
daily routine to increase your home computer security. (1hr) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Public Key Infrastructure
Date 01/09 - Ver 1.0
Upon completing the course, Department of Defense (DoD) information systems users will be able to identify what the Public Key Infrastructure (PKI) is and why it is important to the DoD, as well as which pieces of Congressional legislation, Federal policy, and DoD guidance mandate the use of PKI. This presentation identifies the different components of PKI and how they are implemented in the DoD. Details discussed include systems, software, PKI credentials, certificates, and keys. DoD users will learn how to use PKI to log on to unclassified DoD networks and access DoD information systems, applications, and websites; as well as how to use PKI to send and receive e-mails securely. Users will understand what the Common Access Card (CAC) is, why they use it, and how and when to obtain or return a CAC. DoD users will be informed on what system elements are needed to use their CAC, to include what a CAC personal identification (PIN) number is and what to do if they forget their CAC PIN. (1.0 hrs)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Personal
Electronic Devices / Removable Storage Media
Date 12/08 – Ver 1.1
In this presentation, Department of Defense (DoD) information systems
users will learn about the security risks associated with portable
electronic devices (PEDs) and removable storage media. They will
learn about the specific security risks associated with these devices,
which types of PEDs and removable storage media are of greatest
concern to the DoD, and what must be done to mitigate security risks
to data stored on these devices. Finally, users will be introduced
to DoD policy regarding encryption of data on these devices. (20
min.)
|
|
|
|
|
|
|
|
|
|
Phishing
Date 04/08 – Ver 1.0
This interactive training explains what phishing is and
provides examples of the different types of phishing. It also provides
guidelines to help individuals recognize phishing attempts so that
appropriate actions may be taken to avoid these attacks and their
consequences. It explains that Phishing is a serious, high-tech
scam and that system users are the best line of defense against
phishing. Further, it illustrates why users should always be on
the look out for phishing attempts even from people from within
their organization. (15 Min) |
|
|
|
|
|
|
|
|
|
Personally
Identifiable Information (PII)
Date 10/07 – Ver 1.0
This web-based training identifies what Personally Identifiable
Information (PII) is and why it is important to protect PII. This
training reviews a Department of Defense (DoD) organization's responsibilities
for safeguarding PII and explains individual responsibilities for
PII recognition and protection. Major legal, Federal, and DoD requirements
for protecting PII are presented, to include the Privacy Act of
1974, E-Government Act of 2002, and the Federal Information Security
Management Act, or FISMA. Federal guidance from the Office of Management
and Budget, or OMB, publications is discussed. This training introduces
the DoD Privacy Program and reviews PII protection measures mandated
by recent Office of the Secretary of Defense memoranda. Significant
requirements are reviewed for handling PII and reporting any theft,
loss, or compromise of this information. This training is intended
for DoD civilians, military members, and contractors using DoD information
and information systems. (45 min) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Domain Name System (DNS) Basic Concepts Overview
Date 04/09 - Ver 1.0
This training is intended for Managers and Systems Administrators working
with the Domain Name System, DNS. The training presents the basics
concepts of DNS from both operational and security perspectives.
In this lesson, you will learn about the functions and components of DNS,
DoD policy requirements, basic DNS server administration and basic mechanisms
for DNS security. This lesson has four main content topics, and should take
approximately 60 minutes to complete, depending on your familiarity with the
material and your learning style. Following the lesson introduction, the
first content topic briefly describes the DNS. The next topic covers
policy requirements, namely the information assurance hierarchy. The next two
topics introduce DNS server administration, and basic DNS security mechanisms.
At the end of this lesson, there is a brief summary. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Information
Operations (IO) Fundamentals
Date 10/07 – Ver 2.0
IO Fundamentals provides an overview of the military's need for
information, how information operations (IO) helps achieve information
superiority, and the vital role IO plays in Joint Force operations.
This web and computer based (WBT/CBT) course explains what IO is,
why it is important, and how IO differs from other DoD activities
that involve information. The course also explains the core IO capabilities,
the capabilities that support or are related to IO, what an IO cell
is, and identifies who is responsible for implementing IO. In addition,
this course identifies the key challenges and considerations that
must be understood and assessed when planning IO. This product is
based on Joint Publication 3-13. (2 hrs) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Information
Assurance Awareness Shorts
Date 01/09 - Ver 3.0
This product contains specific information related to the topics
listed below. Insider Threat Short provides awareness about the
Insider Threat and the employee behaviors that may signify the potential
to be an insider threat. (15 min) Telework Short introduces the
basic concept of telework and covers the fundamental procedures
and basic operating guidelines for doing telework from both a government
Telework Center and from the home. (15 min) Wireless Security Short
introduces basic concepts in wireless networking security and allows
the user to explore the security risks inherent in different network
configurations. (15 min) Passwords Short introduces the importance
of complex passwords, including the requirements for creating a
password as well as hints for remembering these passwords. (20 min)
Peer-to-Peer Short provides an in-depth treatment of P2P threats
and the OMB and DoD guidance on P2P for Department of Defense personnel.
(20 min) Social Engineering Short explains what social engineering
is, gives examples of social engineering techniques, describes the
possible consequences of social engineering, and provides guidelines
to enable the user to recognize and deal with social engineering.
(20 min) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
IA
Training for IT Managers |
Designated
Approving Authority (DAA)
Date 03/09 - Ver 6.0
This interactive training provides an understanding of the roles
and responsibilities of the DAA. The user will learn about important
issues associated with the DAA's responsibilities and the key players
that interact with the DAA, including the Principal Accrediting
Authority, Chief Information Officer, Certifying Authority, Program
Manager, User Representative, Information Assurance Manager (IAM),
and Information Assurance Officer (IAO). This presentation also
provides legal guidance relating to information system security,
to include Congressional legislation, as well as Federal and Department
of Defense, or DoD, policy. An overview of DoD certification and
accreditation, to include the new DoD Information Assurance Certification
and Accreditation Process (DIACAP) and the older DoD Information
Technology Security Certification and Accreditation Process (DITSCAP)
is also provided. The DAA's responsibilities in system connection
and in the DoD IA Workforce Improvement Program are reviewed. The
information in this product can also benefit mid-level and senior
managers. (1.5 hrs) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Active
Defense: An Executive's Guide to Information Assurance
Date 02/03– Ver 1.0
This interactive training course is intended for executives in Information
Assurance who are the key decision-makers in building a security
culture. The training serves as a strategic planning guide that
introduces the issues and processes that must be understood in order
to develop a strong commitment to protecting information resources.
This course presents the goals of an information assurance program,
explains why meeting these goals is essential to success, and distinguishes
between the roles and responsibilities of all members of the organization.
The course also explains how to identify and manage risks to information
systems. Valuable checklists are provided at the end of each section.
(1 hr) |
|
|
Not
Available Online |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
IA
Training for IA Professionals |
Physical Security for SIPRNet
Date 05/09 - Ver 1.0
This course is for Security Managers, Information Assurance Managers, or others tasked with providing guidance for the installation of a new or expanded SIPRNet system. This course provides guidance for the physical protection of information systems assets connected to the SIPRNet. It includes concepts of recognizing and protecting classified material in all forms, and physical and technical measures required for end-to-end protection of classified data residing on SIPRNet-connected systems. Subjects covered include the establishment and maintenance of secret secure rooms, protected distribution systems, and wall jack security.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Information
Assurance Policy & Technology (IAP&T)
Date 01/09 - Ver 4.0
The Information Assurance Policy and Technology (IAP&T) training
has been created for Information Assurance Officers (IAOs), Information
Assurance Managers (IAMs) and System Administrators (SAs) to aid
them in successfully performing their duties in accordance with
DOD guidance, pertaining to the defense of DoD information and DoD
information systems. Individuals whose duties include IA policy
and oversight, inspection and audit, or other functions supporting
the Information Assurance mission, will find this course useful
and meaningful. Depending on your Command, Service, or Agency, the
completion of this online course could help the student meet the
standards for Level 1 System Administrator certification. This product
updates and replaces the IAP&T Dated 10/03 version 1.0. (8 hrs) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Information
Assurance for Professionals Shorts
Date 12/08 – Ver 4.0
This product contains specific information related to the topics
listed below. IA Roles and Responsibilities Short introduces the
Information Assurance hierarchy, including the roles and responsibilities
of key leadership positions as well as the responsibilities of all
Authorized Users. (25 min) Auditing Logs for IA Managers Short introduces
the auditing responsibilities of IA Managers. It describes the audit
log and event information displayed by the system's auditing software.
(20 min) Security Technical Implementation Guides (STIGs) Short
introduces the purpose and uses of STIGs. SCADA Short describes
how Supervisory Control and Data Acquisition systems function and
significant cyber-security issues associated with DoD SCADA systems.
(15 min) FISMA Short explains what the FISMA is, why it is important,
how it is implemented within the Federal government and the DoD,
and identifies where to obtain guidance for FISMA responsibilities.
(20 min) IA Vulnerability Management Short describes the vulnerability
management process in DoD and the tools that support the process.
(20 min) The DoD 8570.01-M IA WIP Short presents an overview of
the IA Workforce Improvement Program, defines the DoD IA workforce,
and outlines the IA workforce training and certification requirements.
(1 hr) The Zero Day Attack Short provides an introduction to the
steps an IA professional needs to follow if they suspect that their
system has been compromised by an attack which otherwise is unknown
to the IA technical community (aka Zero Day Attack). (20 min) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
IA
Hot Subjects
Date 11/06 – Ver 1.1
These six short courses are designed for use by individuals who
are identified by DoD 8570.01-M, Information Assurance Improvement
Program as IAT Levels I and II, as well as IAM Level II. The courses
review vulnerabilities which have been around for some time, and
which are commonly overlooked in the press of new technology and
new threats. These vulnerabilities still provide a foothold for
an enemy. Each subject briefly covers the nature of the problem
and its general resolution, and is designed to be finished in a
half hour or less. The subjects are Transmission Control Protocol
(TCP) reset, Distributed Denial of Service (DDoS) attacks on routers,
spoofing attacks, remote access/remote control, physical security
review, and Simple Network Management Protocol, or SNMP. (1.5 hrs) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Computer
Network Defense (CND)
Date 12/06 – Ver 2.0
This product is designed for high-level managers who need to acquire
a Computer Network Defense Service Provider (CND SP) for their organization,
information assurance (IA) professionals who want to transition
into a CND SP career path, and individuals who desire a general
knowledge of computer network defense (CND) and CND SPs. This interactive
web-based training defines CND, identifies CND requirements for
DoD components, key requirements that CND SPs must meet, and the
principal services provided by CND SPs. This training presents a
high-level explanation of the certification and accreditation (C&A)
process for CND SPs. The CND SP principal services are enumerated,
to include system protection services, antivirus, system scanning
tools, Information Operations Conditions (INFOCON) Program support,
Information Assurance Vulnerability Management (IAVM) support, vulnerability
assessment monitoring, analysis, and detection services, as well
as incident response. An explanation of the training and future
certification requirements for those who work as CND SPs is also
included. (1 hr) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Securing
the Mobile Network
Date 02/06 – Ver 1.2
The freedom allowed by wireless communications over the Internet
comes with a price - an increased risk of interception. Methods
of protecting information in the computer network environment need
to be reinforced to make these methods second-nature in the more
dangerous wireless environment. Securing the Mobile Network Web-based
Training (WBT) provides an overview of the protection measures provided
in the Security Technical Implementation Guides (STIGs) as a basis
for minimizing the exposure of operational information to the enemy.
The course provides an overview of the wireless environment, its
elementary technical aspects, and generally accepted operational
practices. (8 hrs) |
|
|
Not
Available Online |
|
|
|
|
|
|
|
|
|
|
|
|
Enhancing
Information Assurance through Physical Security
Date 10/07 – Ver 1.0
This interactive course is designed for employees needing a general
awareness of how the Department's Information Assurance (IA) program
is enhanced through physical security. The course consists of four
sections. The first section discusses the discipline of physical
security, defines terms, and looks at site selection, physical perimeter,
and facility controls. The second section describes some of the
threats and vulnerabilities involved in protecting the Department's
IA, as well as ways to protect the resources. The third section
defines the various types of equipment, and addresses what some
of the risks are in using them. The last section introduces policy
and best practices for protecting the Department's equipment and
information. (2 hrs) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
DIACAP
Date 01/09 – Ver 1.0
This training presents separate DIACAP Overview and DIACAP Implementation
courses.
In the DIACAP Overview course, you will learn that Department of Defense
(DoD) information systems,
in order to operate, must be certified and accredited, using a standard set
of activities defined within the DoD Information Assurance Certification and
Accreditation Process, or DIACAP. You will also learn about the DIACAP's
purpose, objectives, and implementation, as well as the crucial role that
enterprise risk management plays in the certification and accreditation
process. DIACAP roles and responsibilities will be explained, to include the
DoD enterprise governance structure, DoD Component responsibilities, and
DIACAP implementation responsibilities. Further, you will be introduced to
the key components of the five DIACAP activities used for DIACAP
implementation. Finally, you will learn about transition to the DIACAP from
the previous DoD Information Technology Security Certification and
Accreditation Process, or DITSCAP. (1 hr.)
The DIACAP Implementation course is designed for IA professionals
responsible for implementing or involved in supporting activities in
different capacities in the certification and accreditation, or C&A, of
Department of Defense (DoD) information systems. You will learn about the
complete DoD Information Assurance Certification and Accreditation Process,
or DIACAP, and how the contents of the DIACAP package are generated. This
instruction covers, in detail, the five activities of the DIACAP and the
tasks that occur within each DIACAP activity. How to access the tools and
resources used to execute DIACAP tasks is illustrated. Finally, the course
walks through the roles of the key players involved in implementing the
DIACAP activities and tasks that lead to the certification determination and
accreditation decision that are needed in order to operate a DoD information
system. (1 hr.)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Information
Assurance for DoD Auditors and IGs
Date 09/06 – Ver 1.0 (DoD PKI
Cert req'd)
This interactive web-based training introduces the role of the auditor
and inspector in information assurance (IA) in the Department of
Defense (DoD), to include practical challenges concerning the protection
of DoD information systems. This training emphasizes the importance
of IA to the DoD's mission, key DoD IA operational roles, and Federal
Government, as well as DoD, legal and policy guidance for IA. Use
of IA and IA-enabled technology in compliance with the International
Common Criteria is detailed. Application of mission assurance category
(MAC) and confidentiality level for a DoD information system and
enclave is explained. The presentation includes an overview of certification
and accreditation of information systems in the DoD, with an amplifying
discussion of DoD risk management validation. The basic principles
of DoD connection approval processes are addressed. The training
concludes with a practical exercise using an audit or inspection
of a DoD organization at a forward-deployed location to review the
knowledge and IA audit techniques presented. (8 hrs) |
|
|
Not
Available Online |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Windows
Server 2003 Incident Preparation & Response (IP&R): Part
I, Date 02/06 – Ver 1.0
This course is intended for Information Assurance (IA) Level II
Technicians and Managers and for review by Level III Technicians
and Managers. Level I IA Technicians and Managers can use the course
to prepare for the network responsibilities of Level II positions.
Part I of the course focuses primarily on the Information Assurance
mechanisms used in Microsoft® Windows® Server 2003. The
course describes file systems, some administrative procedures, server
management, and folder and file permissions. Topics on security
policy, archiving, logs, host- and network-based intrusion detection,
as well as third-party tools are provided. A module on Response
presents information about preparation, reaction, notification,
recovery options, and working with law enforcement. (5 hrs) |
|
|
Not
Available Online |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Windows
Server 2003 Incident Preparation & Response (IP&R): Part
II, Date 10/07 – Ver 1.1
This course is designed for individuals who are identified by DoD
8570.01-M, Information Assurance Improvement Program, as IAT or
IAM Level II. IAT and IAM Level I personnel who are preparing for
the responsibilities of Level II may also find this courseware useful.
The course addresses automated check procedures (Gold Disk), checking
for IAVM compliance, Windows Active Directory, implementation of
IA Policy through checklists and security readiness reviews, and
includes an introduction to cyber forensics. (2 hrs) |
|
|
Not
Available Online |
|
|
|
|
|
|
|
|
UNIX
Security for System Administrators
Date 12/04 – Ver 2.0
This course provides an overview of UNIX security basics for Systems
Administrators (SAs) and Information Assurance Officers (IAOs).
Topics covered include: network terminology, a framework of UNIX
security relating to SA duties, security tools and commands, and
reporting mechanisms. The course can be used to provide a conceptual
UNIX Security foundation supporting Department of Defense Technical
and Management Level I Information Assurance Certifications. It
is also appropriate as a refresher for Technical and Management
Level II. The course is designed to help beginning to intermediate
System Administrators and Information Assurance Officers understand
their roles in keeping their system secure; understand vulnerabilities
and threats in terms of their origins, methods, and damage capabilities;
identify, classify, and use system commands and other tools to assist
in keeping the system secure. Because of the wide variety of system
configurations, variations among local policies, and rapid technological
changes, task specifics are not emphasized in this course. (10.5
hrs) |
|
|
Not
Available Online |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
System
Administrator Incident Preparation & Response for UNIX (SAIPR
UNIX), Date 12/04 – Ver 2.0
This product was designed to provide Federal System Administrators
(SAs) or Information Assurance Officers (IAOs), who have three to
five years of experience, with a follow-on course that builds on
“UNIX Security for System Administrators, Version 2”.
It is intended to provide training in preparing for, recognizing,
and responding to information systems security incidents from a
generic law enforcement perspective. The course touches on computer
crimes and laws, system preparation, logs and auditing, mechanics
and indicators of intrusion, and the architectures of some common
but complex attacks. Updates include more and newer tools to assist
the SA, as well as information from newer versions of policies and
resources. Biometrics, steganography and other complex techniques
are introduced. Intrusion reporting is also discussed. Although
some technical aspects of intrusion and malicious code are presented,
this is NOT a “hacker's” course. The course supports
knowledge needed for Information Assurance Technical and Management
Level II, and is appropriate as a refresher at Technical Level III.
(6.5 hrs) |
|
|
Not
Available Online |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Internet
Protocol Version 6 (IPv6)
Date 10/07 – Ver 1.0
The IPv6 course is for entry level System Administrators, Network
Administrators, support staff, and anyone else interested in learning
about IPv6. As computerized equipment, the Internet, and net-centric
operations continue to grow, so too does our dependency upon them.
There is a problem, however, in that we are running out of Internet
addresses. This course provides an introduction to the characteristics
and advantages of IPv6, some of the anticipated problems, and
how it may affect various IA roles. Some early best practices
are introduced as well. (3 hrs)
|
|
|
Not
Available Online |
|
|
|
|
|
|
|
|
|
CyberLaw
I
Date 10/04 – Ver 1.0
CyberLaw I is a web-based training product for DoD lawyers who need
to understand the legal and policy issues, both current and emerging,
associated with IA and Critical Infrastructure Protection (CIP.)
DoD lawyers will gain an increased ability to recognize and properly
analyze legal issues in Cyberspace. The presentation begins with
an introduction to the internet. The second module, “Law in
Cyberspace,” defines computer crime, discusses the First and
Fourth Amendments, and presents statutory considerations to be applied
during investigations. This module also discusses the four distinct
roles or “lanes of the road” pertinent to Computer Network
Defense. References are provided throughout the course for lawyers
to follow evolving areas of the law in Cyberspace. (6 hrs) |
|
|
Not
Available Online |
|
|
|
|
|
|
|
|
|
|
CyberLaw
2
Date 11/06 - Ver 1.01
This product is the second installment in the DoD CyberLaw training
suite of products. This course is designed to aid the DoD attorney
in keeping abreast of policies and laws that pertain to cybercrime.
This course is divided into three sections. The first section discusses
issues relating to investigating crime, including the applicability
of the Fourth Amendment, honeypots, honeynets, honeygrids, transborder
issues, statutory issues, and online undercover operations. The
second section addresses issues related to prosecuting crimes and
electronic evidence. The third section of this training product
addresses post-trial issues and the disposition of evidence. (5.5
hrs) |
|
|
Not
Available Online |
|
|
|
|
|
|
|
|
|
|
|
|
|
NetOps: An Overview
(DoD PKI Cert req'd)
The NetOps 100 course provides a common understanding of NetOps
functions, roles, responsibilities, and benefits. This course is
designed to provide an overview of NetOps for all of DoD.
The NetOps 100 course provides practical knowledge in the following
areas:
- Evolution of NetOps
- Net-Centric Operations and Warfare
- Global Information Grid (GIG)
- Elements of NetOps
- Command and Control (C2) Requirements for the GIG |
|
|
|
CD Not
Available |
|
|
|
NetOps 200: NetOps Applied to GIG Operations
(DoD PKI Cert req'd)
This course is a follow-on to NetOps: An Overview (NetOps 100), and is designed to expand upon the "how" of NetOps by explaining the DoD NetOps policies, methodologies, and enabling technologies that facilitate Net-Centricity, effective situational awareness, and mission mapping. These are critical prerequisites to establishing and maintaining information systems that are responsive, integrated, and interoperable throughout the full spectrum of DoD operations.
NetOps Applied GIG Operations (NetOps 200) is technical, and focuses on applying the NetOps concepts within the GIG operational environment. This course elaborates on key DoD NetOps concepts, capabilities, tools, and models/frameworks to facilitate effective situational awareness and collaborative command and control (C2) of the GIG.
|
|
|
|
CD Not
Available |
|
|
|
DoD Enterprise
IA Tools Training |
|
-
-
HBSS
(DoD PKI Cert req'd)
-
SCRI
(DoD PKI Cert req'd)
-
SCCVI
(DoD PKI Cert req'd)
|
|
|
|
CyberProtect
Date 07/99 – Ver 1.1
CyberProtect is an interactive computer network defensive exercise
with a video game look and feel. It is intended to familiarize players
with information systems security terminology, concepts, and policy.
Players learn about defensive security tools, which must be judiciously
deployed on a simulated network. They then face a spectrum of security
threats and must make practical decisions for allocating resources
(in quarterly increments) using the elements of risk analysis and
risk management. Play is divided into four sessions (simulating
a fiscal year). After each session, players receive feedback on
how well they are doing. At the end of the last session, players
are given a report detailing their cumulative operational readiness
rating. The report also details every attack by type, origin, and
effectiveness of defensive tools. (2 hrs)
1999 NewMedia Gold INVISION Award (Best Overall Design)
1999 NewMedia Gold INVISION Award (Technical Training)
1999 International Cinema in Industry (CINDY) Competition Silver
Award |
|
|
Not
Available Online |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
CyberOps:
NetWarrior
Date 01/09 - Ver 1.0
CyberOps:NetWarrior is a three-dimensional interactive computer network defense simulation using video game-quality graphics to provide players with an advanced understanding of information assurance (IA) security architecture, terminology, concepts, and policy. Simulation players may create networks using generic hardware, software, and connection tool suites within allocated resource constraints. Players select appropriate generic IA defensive tools for deployment on the networks they have created or on simple, medium, or complex computer-generated networks. Computer-generated attack sequences are used to test the network defenses deployed by exercise players. Simulation play covers IA professional personnel management issues, representing the impact of available IA personnel [system administrators (SAs), information assurance officers (IAOs), and information assurance managers (IAMs)] on the efficiency of system operation. The personnel resource cost of IA professionals can be affected by their training, certification, and experience. CyberOps:NetWarrior is intended to serve as an academic classroom, technical training, and computer network defense exercise support tool. Multiplayer capability permits individual players to assume Blue, Red, and White Team roles in intranet exercise play using realistic exercise architectures. (4 hrs)
|
|
|
Not
Available Online |
|
|
|
|
|
|
|
|
|
|
|
|
|