Assignment 4

Instructor: Dr E. Crowley

Student: Victor Wong

Date: 23 September, 2004

NSTISSC / CNSS National Security Telecommunications and

Information Systems Security Committee (NSTISSC)

Committee on National Security Systems (CNSS)

Pre Sept 11 = NSTISSI Post Sept 11 = NCSSI

Reference: http://www.nstissc.gov/html/overview.html

NSTISSI (CNSSI) Certification

4011, 4012, 4013, 4014, 4015, and 4016

4013 – National Information Assurance Training Standard for System Administrators (SA)

Reference: http://www.nstissc.gov/Assets/pdf/cnssi_4013.pdf

CNSS

President has renamed NSTISSC as CNSS under Executive Order (E.O.) 13231 on October 16, 2001

Provides a forum for discussion of policy issues, sets national policy, and promulgates directions, operational procedures, and guidance for the security of national security systems through CNSS Issuance System

CNSSI Certification’s Goal

Entry Level: Given various scenarios and typical situations containing ISS issues, the SA will be able to describe and apply the appropriate actions to manage and administer an IS in a secure manner. To be acceptable, the description & application must be IAW applicable IA regulations, policies, and guidelines.

Intermediate Level: Given various…… SA will be able to explain and implement…..

Advanced Level: Given various….. SA will be able to verify that appropriate actions are implemented …..

Reference: http://www.nstissc.gov/Assets/pdf/cnssi_4013.pdf

CNSSI 4013 Job Functions

Work closely with ISS Officer (ISSO) to ensure IS or network is used securely

Participate in ISS incident reporting program.

Maintain configuration control of system and application software.

Advise security anomalies or integrity loopholes

Administer User ID or authentication mechanism of IS or network.

Other References

http://www.jmu.edu/iiia/education/certification/nstissi_cert.pdf

http://www.nsa.gov/ia/academia/iacmap.cfm?MenuID=10.3.2.5

THE END