Information Assurance (IA) … to the Security of Our Data UNCLASSIFIED Information Assurance (IA) User Training FY 05 You Share the Key… … to the Security of Our Data
Information Assurance MNF-I and MNC-I IA User Training Overview: What is IA? References The Three Local Networks User Responsibilities Passwords Security Classified Spills Electronic Media Wireless Viruses Designated Approving Authority (DAA) Instant Messaging (IM) and Peer to Peer (P2P)
What is IA and Why is it Important? In simple terms, IA means ensuring that the data to which you have been given access is there, correct, and available to you when you need it. We ensure the good guys get the information they need to fight the war and the bad guys don’t. You are an absolutely critical part of ensuring this happens.
References DOD Directive 8500.1, “Information Assurance,” October 24, 2002 DOD Instruction 8500.2, “Information Assurance (IA) Implementation,” February 6, 2003 CENTCOM CCR 25-206, “Information System Management, Command, Control, Communication, and Computer (C4) Services, and Support and Network Management,” December 27, 2001 MNF-I Directive R25-1, “Information Assurance Implementation,” Draft
The Three Local Networks NIPRNET– The unclassified network to which most people have access. This network connects to the Internet and allows you to surf the web. SIPRNET– This is a closed network classified at a SECRET level, used by US personnel only. CENTRIXS-MCFI – This is a closed network classified at SECRET//REL TO USA AND MCFI. This network is the coalition classified network.
User Responsibilities You, as the user, are responsible for the systems you operate. This includes all computers, components, peripherals, and electronic media you may have. If your system breaks or is used maliciously through your negligence, you are responsible. This means that if you are logged on to a computer and leave your computer unlocked, and someone uses your computer under your account, you are responsible for their actions. This is the same as if you gave them your password. (And don’t do that either!)
Passwords Strong passwords are the first line of defense Passwords must have ALL the following parameters: At least 8 – 12 characters A combination of numbers and letter At least one special character (*&^%$#@!) UPPER and lower case Here’s an example : Z4af$Qk@m1 Passwords must be protected at the same classification as the systems they are used on. DO NOT GIVE YOUR PASSWORD TO ANYONE!
Security Computers and media must be clearly marked with the classification of the data carried on the device. Your SECRET diskette should have a SECRET label. Your CENTRIXS-MCFI computer should have a SECRET//REL TO USA AND MCFI label in a clearly marked area. These devices must be controlled at the level of their classification. The security classifications used are TOP SECRET, SECRET, SECRET//REL TO US AND MCFI, and UNCLASSIFIED.
Security (cont’d) You as the user are not authorized to move any data down in classification. You as the user CAN NOT move data from the SIPRNET to the CENTRIXS or NIPRNET network. If data needs to be moved, the only person authorized to do so is your foreign disclosure officer (FDO). FDOs have the ability to lower the classification of data, if possible, allowing the data to be placed on the lower classification network.
Classified Spills When information of a higher classification is placed on a network or device of lower classification, regardless of how it got there, that is known as a spill. When a classified information spill occurs, IA teams are sent to identify the those affected and remove the information from any computer involved. If the spill is sent over email, the account of the originator, and all recipients will be locked down until they are cleaned, then all accounts except the originator’s will be released.
Classified Spills (cont’d) The originator may be subject to a UCMJ article 92 investigation per MNF-I Policy 05-04 Originator of the spill will lose their domain privileges for a minimum of 14 days, The account will only be restored through authorization from the first General Officer in their chain of command. At that point, they will have limited privileges.
Electronic Media Thumb Drives (removable media USB, thumb, pen drives) will have a Read/Write switch and marked visibly, physically controlled, and safeguarded as required by it’s highest classification, until properly destroyed. This means that your classified thumb drive plugged into an unclassified computer is a SECURITY VIOLATION. You can move data up to a higher classified system while the lock on the device is enabled to prevent writing to the device, but you can’t go from a higher classification to a lower classification.
Wireless Devices Wireless devices such as cell phones or PDA’s are not authorized in areas that process classified materials. Exceptions to this policy must be written and approved by the DAA. This is why cell phones must be turned in prior to entering the JOC. Wireless devices are not authorized to connect to any of the theater computer networks.
Designated Approval Authority (DAA) The MNF-I DCS CIS is the Iraqi theater DAA. The DAA is responsible for accepting the risks associated with running a tactical network. Changes to the security posture of the network must be approved by the DAA.
Virus Virus and worm activity are always a present danger on any network. Many of these malicious programs will open holes into the network that allow control from outside or delete data. Each computer should have an anti-virus program on it, watching for and stopping virus activity before they cause any harm. Contact your IMO or IA shop if your anti-virus is out of date. When a new virus is found, automatic updates are sent to your computer to provide you protection from any new threats.
Virus (cont’d) The most common way for computers to be infected with a virus is via email. DO NOT open email attachments from someone you don’t know. Email with suspicious content or attachments should be reported to your IMO and the help desk. Should your computer become infected with a virus, or you are notified that your computer is infected, immediately contact your local IMO and the help desk and follow their instructions.
Instant Messenger IM applications (AOL, MSN, Yahoo!, etc.) are PROHIBITED Exceptions: Intelligence collections assets AKO, Air Force Portal, DCTS, IWS, CENTRIXS-MCFI and SIPRNET
Peer-to-Peer (P2P) P2P Networking applications (Gnutella, KaZaa, Morpheus, Napster, Limewire, etc.) OR any file sharing applications for movies, music, pictures, gaming, etc. are PROHIBITED. P2P applications are treated as viruses. These applications are known to contain spyware and other malicious payloads.
Click NEXT to see the correct answer. User Test What is the most common way for computers to be infected with a virus? A. Surfing the Web B. Transmissions from cell phone towers C. E-mail D. Downloading music Click NEXT to see the correct answer.
User Test (cont’d) What is the most common way for computers to be infected with a virus? A. Surfing the Web B. Transmissions from cell phone towers C. E-mail D. Downloading music
Click NEXT to see the correct answer. User Test (cont’d) Can you give your password to your colleague before going on R&R? A. Yes B. No Click NEXT to see the correct answer.
User Test (cont’d) Can you give your password to your colleague before going on R&R? A. Yes B. No
Click NEXT to see the correct answer. User Test (cont’d) If you open your Hotmail account and have an electronic greeting card from someone you do not know, what do you do? A. Do not open attachments from unknown addressees on government computers B. Download it, and scan “BEFORE” opening C. Call your Help Desk D. Any of the above Click NEXT to see the correct answer.
User Test (cont’d) If you open your Hotmail account and have an electronic greeting card from someone you do not know, what do you do? A. Do not open attachments from unknown addressees on government computers B. Download it, and scan “BEFORE” opening C. Call your Help Desk D. Any of the above
Click NEXT to see the correct answer. User Test (cont’d) Why can’t you load music, movies, photos and games using P2P software? A. You cannot install unapproved software B. You cannot download freeware or shareware or other non-approved executable programs for P2P file-sharing for music/movies/photos/gaming, instant messaging or Unlicensed software C. You cannot take a chance on disrupting the network or introducing a virus D. All of the above Click NEXT to see the correct answer.
User Test (cont’d) Why can’t you load music, movies, photos and games using P2P software? A. You cannot install unapproved software B. You cannot download freeware or shareware or other non-approved executable programs for P2P file-sharing for music/movies/photos/gaming, instant messaging or Unlicensed software C. You cannot take a chance on disrupting the network or introducing a virus D. All of the above
Click NEXT to see the correct answer. User Test (cont’d) If you receive a message that your system is infected with a virus, what do you do? A. Ignore it B. Contact your IMO or the helpdesk immediately C. Reboot your system D. Keep working until you have time to deal with it Click NEXT to see the correct answer.
User Test (cont’d) If you receive a message that your system is infected with a virus, what do you do? A. Ignore it B. Contact your IMO or the helpdesk immediately C. Reboot your system D. Keep working until you have time to deal with it
Click NEXT to see the correct answer. User Test (cont’d) What forms of instant messaging are authorized on the MNF-I network? A. Yahoo! B. AKO C. Air Force Portal D. B and C Click NEXT to see the correct answer.
User Test (cont’d) What forms of instant messaging are authorized on the MNF-I network? A. Yahoo! B. AKO C. Air Force Portal D. B and C
Click NEXT to see the correct answer. User Test (cont’d) IA is: A. Ensuring information’s Confidentiality, Integrity, Availability, Non-Repudiation, and Authentication B. A pain C. only interested in shutting things down D. only important to the communications personnel Click NEXT to see the correct answer.
User Test (cont’d) IA is: A. Ensuring information’s Confidentiality, Integrity, Availability, Non-Repudiation, and Authentication B. A pain C. only interested in shutting things down D. only important to the communications personnel
Click NEXT to see the correct answer. User Test (cont’d) Who is authorized to move information from a higher classification network (SIPRNET) to a lower classification network? A. Any O-6 or above B. Me, because I’m the subject matter expert C. The Foreign Disclosure Officer (FDO) D. Any IMO Click NEXT to see the correct answer.
User Test (cont’d) Who is authorized to move information from a higher classification network (SIPRNET) to a lower classification network? A. Any O-6 or above B. Me, because I’m the subject matter expert C. The Foreign Disclosure Officer (FDO) D. Any IMO
Click NEXT to see the correct answer. User Test (cont’d) Wireless devices are authorized to connect to the MNF-I network if: A. Wireless devices are not authorized on the MNF-I network B. Approved by an O-6 or above C. I don’t get caught Click NEXT to see the correct answer.
User Test (cont’d) Wireless devices are authorized to connect to the MNF-I network if: A. Wireless devices are not authorized on the MNF-I network B. Approved by an O-6 or above C. I don’t get caught
Click NEXT to see the correct answer. User Test (cont’d) Who is authorized to grant a waiver to security requirements on the MNF-I network? A. Any IMO B. System Administrators C. Only the DAA for the network is authorized to accept the risk D. Any commander Click NEXT to see the correct answer.
User Test (cont’d) Who is authorized to grant a waiver to security requirements on the MNF-I network? A. Any IMO B. System Administrators C. Only the DAA for the network is authorized to accept the risk D. Any commander
Click NEXT to see the correct answer. User Test (cont’d) What should you do if a message pops up on your computer saying your anti-virus definitions are out of date? A. Contact your IMO B. If your IMO isn’t available, contact your IA shop C. Ignore it and keep working as there is no affect on your computer D. A and B Click NEXT to see the correct answer.
User Test (cont’d) What should you do if a message pops up on your computer saying your anti-virus definitions are out of date? A. Contact your IMO B. If your IMO isn’t available, contact your IA shop C. Ignore it and keep working as there is no affect on your computer D. A and B
Click NEXT to see the correct answer. User Test (cont’d) Who is responsible for the computer you work on? A. IMO B. The C6/S6/G6 C. The DAA D. The user of the computer Click NEXT to see the correct answer.
User Test (cont’d) Who is responsible for the computer you work on? A. IMO B. The C6/S6/G6 C. The DAA D. The user of the computer
IA Points of Contact IA CELL 822-2018 Camp Adder IA Team Brian Brooks (IAM) 833-1721 brian.brooks@adder.arfor.army.mil Walter Hodges (IASO) 833-1721 Walter.hodges@adder.arfor.army.mil MNF-I CIS IA Branch Lloyd Samples (Theater IA Manger) 822-2497 Lloyd.samples@iraq.centcom.mil IA CELL 822-2018
Certificate of Completion Click NEXT to open your Information Assurance Awareness Training Certificate of Completion. Print the certificate as it appears on the monitor Handwrite your name and unit on the line below the “is hereby granted to” block Write in the date you completed the training on the line below the “Date Granted” block, Sign at Signature. Have your IMO sign your completion certificate Make a copy for your records Turn in the completed certificate to the Help Desk
MNC/F-I Camp Cedar Certificate of Completion is hereby granted to _________________________________________ (Type Name and Unit) to certify that he/she has completed to satisfaction Information Assurance Awareness Training Date Granted ________________ __________________________ User Signature __________________________ IMO Signature