Information Security Certifications: To ensure that information technology worke
ID: 3812795 • Letter: I
Question
Information Security Certifications: To ensure that information technology workers maintain up-to-date knowledge about information security, many employers require periodic certification. An ever-growing list of information security certifications is offered by a variety of vendors. Some commonly sought certifications are administered by ISC 2 , SANS, and CompTIA. U.S. Department of Defense directive DoD 8570 includes certification requirements for both DoD workers and support contractors. The directive defines employee position levels and certifications required at these levels. As of this writing, the latest version of the directive is 8570.01-M (www.dtic.mil/whs/directives/ corres/pdf/857001m.pdf). For this project, summarize the requirements of DoD 8570 in your own words. Include a definition of the three IAT (Information Assurance Technical) position levels. Describe the typical tasks performed by these workers, list the certification requirements for these levels, and include a summary of the objectives of each certification required at these levels.
Explanation / Answer
Information Assurance Technical (IAT)
There are three categories of IAT Levels such as level I, II, and III and personnel required to perform any technical category IA functions at any level must be certified to the highest level functions performed, an IAT position’s functions for a particular level establish the basis for the individual’s certification requirement. IAT Category Training Requirements are participation in initial training such as classroom, distributive or blended before or immediately on assignment of IA responsibilities. Training need not result in award of a military specialty code but must be sufficient to meet minimum certification standards and completion of an on the job skills practical evaluation to meet functional requirements.
The certification program for IAT category positions must include the functions identified for that level and all IAT category personnel must be certified based on the IA functions of the position within 6 months of assignment of IA duties, all military and Government civilian IAT personnel must achieve the appropriate IA certification.
IAT Level I certification is the minimum requirement prior to IA Managers authorizing unsupervised privileged access for personnel performing IAT Levels I through III functions. Designated Accrediting Authorities (DAAs) may waive the certification requirement under severe operational or personnel constraints, uncertified IAT Level I are not authorized to have unsupervised privileged access.
IAT category personnel must be fully trained and certified prior to deployment to a combat environment. The DAA may approve a waiver for certified IAT-I’s to fill level IATII or IAT-III billets without attaining the appropriate certification while deployed to a combat environment. The DAA may grant an interim waiver limited to the period of the deployment. The interim waiver places an individual in a suspense status and must be time limited and include an expiration date not to exceed 6 months following date of return from combat status.
IAT LEVEL I:
IAT Level I personnel make the CE less vulnerable by correcting flaws and implementing IAT controls in the hardware or software installed within their operational systems.
IAT Level I Position Requirements:
IAT Level I position requirements are normally has 0 to 5 or more years of experience in IA technology or a related field, system environment should be CE, applies basic knowledge of IA concepts, practices, and procedures within the CE, works under supervision and typically reports to a CE manager, actions usually authorized and controlled by policies and established procedures and certification meet within 6 months of assignment to position and mandatory for unsupervised privileged access.
The specific functions associated with the IAT Level I position, regardless of their occupational title shall be identified as part of the IA workforce and must comply with the requirements.
IAT Level I Functions:
Recognize a potential security violation, take appropriate action to report the incident as required by regulation, and mitigate any adverse impact. Apply instructions and pre-established guidelines to perform IA tasks within CE. Provide end user IA support for all CE operating systems, peripherals, and applications. Support, monitor, test, and troubleshoot hardware and software IA problems pertaining to their CE. Apply CE specific IA program requirements to identify areas of weakness. Apply appropriate CE access controls. Install and operate the IT systems in a test configuration manner that does not alter the program code or compromise security safeguards. Conduct tests of IA safeguards in accordance with established test plans and procedures. Implement and monitor IA safeguards for CE systems in accordance with implementation plans and standard operating procedures. Apply established IA security procedures and safeguards and comply with responsibilities of assignment. Comply with system termination procedures and incident reporting requirements related to potential CE security incidents or actual breaches. Implement online warnings to inform users of access rules for CE systems. Implement applicable patches including IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), and technical advisories (TA) for the CE operating systems. Install, test, maintain, and upgrade CE operating systems software and hardware to comply with IA requirements. Understand and implement technical vulnerability corrections. Enter assets in a vulnerability management system. Apply system security laws and regulations relevant to the CE being supported. Implement DoD and DoD Component password policy. Implement specific IA security countermeasures.
IAT LEVEL II:
IAT Level II personnel provide network environment (NE) and advanced level CE support and they pay special attention to intrusion detection, finding and fixing unprotected vulnerabilities, and ensuring that remote access points are well secured. These positions focus on threats and vulnerabilities and improve the security of systems. IAT Level II personnel have mastery of the functions of the IAT Level I position.
IAT Level II Position Requirements:
Normally has at least 3 years of experience in IA technology or a related area, system environment as NE and advanced CE, knowledge should be mastery of the functions of the IAT Level I position and applies knowledge and experience with standard IA concepts, practices, and procedures within the NE, works under general supervision and typically reports to network manager, relies on experience and judgment to plan and accomplish goals within the NE and certification should be within 6 months of assignment to position.
The specific functions associated with the IAT Level II position regardless of their occupational title shall be identified as part of the IA workforce and must comply with the requirements.
IAT Level II Functions:
Demonstrate expertise in IAT Level I CE knowledge and skills. Examine potential security violations to determine if the NE policy has been breached, assess the impact, and preserve evidence. Support, monitor, test, and troubleshoot hardware and software IA problems pertaining to the NE. Recommend and schedule IA related repairs in the NE. Perform IA related customer support functions including installation, configuration, troubleshooting, customer assistance, and/or training, in response to customer requirements for the NE. Provide end user support for all IA related applications for the NE. Analyze patterns of non-compliance and take appropriate administrative or programmatic actions to minimize security risks and insider threats. Manage accounts, network rights, and access to NE systems and equipment. Analyze system performance for potential security problems. Assess the performance of IA security controls within the NE. Identify IA vulnerabilities resulting from a departure from the implementation plan or that were not apparent during testing. Provide leadership and direction to IA operations personnel. Configure, optimize, and test network servers, hubs, routers, and switches to ensure they comply with security policy, procedures, and technical requirements. Install, test, maintain, and upgrade network operating systems software and hardware to comply with IA requirements. Evaluate potential IA security risks and take appropriate corrective and recovery action. Ensure that hardware, software, data, and facility resources are archived, sanitized, or disposed of in a manner consistent with system security plans and requirements. Diagnose and resolve IA problems in response to reported incidents. Research, evaluate, and provide feedback on problematic IA trends and patterns in customer support requirements. Ensure IAT Level I personnel are properly trained and have met OJT program requirements. Perform system audits to assess security related factors within the NE. Develop and implement access control lists on routers, firewalls, and other network devices. Install perimeter defense systems including intrusion detection systems, firewalls, grid sensors, etc., and enhance rule sets to block sources of malicious traffic. Work with other privileged users to jointly solve IA problems. Write and maintain scripts for the NE. Demonstrate proficiency in applying security requirements to an operating system for the NE or CE used in their current position. Implement applicable patches including IAVAs, IAVBs, and TAs for their NE. Adhere to IS security laws and regulations to support functional operations for the NE. Implement response actions in reaction to security incidents. Support the design and execution of exercise scenarios. Support Security Test and Evaluations (Part of C&A Process). Obtain and maintain IA certification appropriate to position.
IAT LEVEL III:
IAT Level III personnel focus on the enclave environment and support, monitor, test, and troubleshoot hardware and software IA problems pertaining to the CE, NE, and enclave environments, and IAT Level III personnel have mastery of the functions of both the IAT Level I and Level II positions.
IAT Level III Position Requirements:
Normally has at least seven years experience in IA technology or a related area, system environment to be enclave environment, advanced NE, and advanced CE. Knowledge level should be expert in all functions of both IAT Level I and IAT Level II positions and applies extensive knowledge of a variety of the IA field’s concepts, practices, and procedures to ensure the secure integration and operation of all enclave systems. Works independently to solve problems quickly and completely, lead and direct the work of others and typically reports to an enclave manager. Relies on extensive experience and judgment to plan and accomplish goals for the enclave environment, supports, monitors, tests, and troubleshoots hardware and software IA problems pertaining to the enclave environment and must be a U.S. Citizen. The certification should be within 6 months of assignment to position.
The specific functions associated with the IAT Level III position regardless of their occupational title shall be identified as part of the IA workforce and must comply with the requirements.
IAT Level III Functions:
Mastery of IAT Level I and IAT Level II CE/NE knowledge and skills. Recommend, schedule, and/or implement IA related repairs within the enclave environment. Coordinate and/or provide support for all enclave applications and operations. Lead teams and/or support actions to quickly resolve or mitigate IA problems for the enclave environment. Formulate or provide input to the enclave's IA/IT budget. Support the installation of new or modified hardware, operating systems, and software applications ensuring integration with IA security requirements for the enclave. Identify and/or determine whether a security incident is indicative of a violation of law that requires specific legal action. Direct and/or implement operational structures and processes to ensure an effective enclave IA security program including boundary defense, incident detection and response, and key management. Provide direction and/or support to system developers regarding correction of security problems identified during testing. Evaluate functional operation and performance in light of test results and make recommendations regarding C&A. Examine enclave vulnerabilities and determine actions to mitigate them. Monitor and evaluate the effectiveness of enclave IA security procedures and safeguards. Analyze IA security incidents and patterns to determine remedial actions to correct vulnerabilities. Support development and/or implementation of the enclave termination plan to ensure that IA security incidents are avoided during shutdown and long term protection of archived resources is achieved. Implement vulnerability countermeasures for the enclave. Provide support for IA customer service performance requirements. Provide support for the development of IA related customer support policies, procedures, and standards. Write and maintain scripts required to ensure security of the enclave environment. Implement and maintain perimeter defense systems including, but not limited to, intrusion detection systems, firewalls, grid sensors. Schedule and perform regular and special backups on all enclave systems. Establish enclave logging procedures to include: important enclave events; services and proxies; log archiving facility. Provide OJT for IAT Level I and II DoD personnel. Analyze IAVAs and Information Assurance Vulnerability Bulletins for enclave impact and take or recommend appropriate action. Obtain and maintain IA certification appropriate to position.