Within the Network of the Department of Defense (Dod),

In: Other Topics

Submitted By hoffdogcg64
Words 618
Pages 3
Within the network of the Department of Defense (DoD), AAA is the sole supplier of military products for the U.S. Government. My organization has three different levels of management and of those levels, two different unions exist. 7000 workers encompass AAA over 35 locations in the United States; of these 7000 workers, they include contractors and non-supervisor union workers. The purpose of this academic paper is to show the policy monitoring and enforcement strategy of AAA. Our modified Internet use policy along with a physical access policy will be discussed first, then further detail will be explained going forward.
Internet access is one of the main-stays of AAA. Users constantly will be using the Internet to access their email accounts, work use, and downtime personal use if they are laptop users at home. During business hours, only work related assignments from web usage will be allowed. This will be monitored by web-admins, who can see the browsing activity of these contractors and full time employees at any time. It is imperative to save bandwidth and to provide our end users will quality Internet service. For example, if I am working on an assignment and it is taking longer than usual, someone may be using YouTube for an extended period of time, taking up the available bandwidth that could be used for work purposes.
Physical access is also an issue for AAA. Employees in the past have lost their positions by not having their access badges available upon entering into the building; simply using other employee’s badges to access certain areas of the building is unacceptable. A standard needs to be in place for employees to operate on the highest level in a structured IT Security organization. Every time a user swipes their badge at a door to access a certain area, a record is kept of when, how and a potential why if the employee is asked as to what area…...

Similar Documents

The Department of Defense Should Implemented Mandatory Foreign Language Training for All Members

...COLLEGE Newport, R.I. IT’S ABOUT TIME THAT THE DEPARTMENT OF DEFENSE IMPLEMENTED MANDATORY FOREIGN LANGUAGE TRAINING FOR ALL MEMBERS By Samuel W. Bettwy Lieutenant Colonel, Judge Advocate, U.S. Army Reserve A paper submitted to the Faculty of the Naval War College in partial satisfaction of the requirements of the Department of Joint Military Operations. The contents of this paper reflect my own personal views and are not necessarily endorsed by the Naval War College or the Department of the Navy. Signature: s/ Samuel W. Bettwy 28 January 2013 _______________________________ John F. Sussilleaux, Professor INTRODUCTION It is generally recognized that future U.S. military operations will be multinational. As the Naval War College instructs: “There is no reason to believe American military forces will ever undertake a major operation alone without some other nations participating.”[i] As the Army states in its field manual on Training for Full Spectrum Operations, leaders must prepare to operate at the tactical level in operations involving multinational forces.[ii] And as Joint Publication 3-16 states, “US forces cannot assume that the predominant language will automatically be English”[iii] in coalition operations. Recognizing that multinational operations are the inevitable way of the future, the Department of Defense (DOD) acknowledges the importance of language......

Words: 3586 - Pages: 15

Network Security

...changed the way governments view internet cyberspace. The hacking attacks of Estonia in 2007, the Georgia cyber attacks during the Georgia-Russia War in 2008, and the release of the Stuxnet worm to hinder Iran’s nuclear program in 2009 all enhanced the support for military protection solutions for internet cyber security issues. (Brust, 2012) As a result, the USA established a Cyber Command subunit within the Department of Defense (DOD) to take the lead role on combating issues such as these. (Lynn, 2011) From these actions it was believed that DOD would become the US point agency leading the war against cyber-attacks. Challengers against the military view believed cyberspace was considered international space and therefore all activities that took place in it should be subjected to international law. On the other hand defenders of the military believe that international law can’t be applied to the Internet especially when it comes to defending a nation’s sovereignty. A strong advocate of the military view is former Assistant Secretary for Policy and Technology in the Department of Homeland Security (DHS) Stewart Baker. He believes that international law has no place in cyber security and clearly expressed that “Lawyers have raised so many legal questions that our military is not only unable to fight, but cannot even plan effectively for a war in cyberspace.”(Baker, 2012). Most scholars agree that when it comes using force for cyber attacks, international law rules......

Words: 1872 - Pages: 8

Ethical Hacking and Network Defense Unit 2 Assignment

...Ethical Hacking and Network Defense Unit 1 Assignment Kaplan University Table of Contents Scope Goals and Objectives Tasks Reporting Schedule Unanswered Questions Authorization Letter Scope Production e-commerce Web application server and Cisco network described in Figure 1.1. Located on ASA_Instructor, the e-commerce Web application server is acting as an external point-of-entry into the network: • Ubuntu Linux 10.04 LTS Server (TargetUbuntu01) • Apache Web Server running the e-commerce Web application server • Credit card transaction processing occurs • The test will include penetrating past specific security checkpoints. • The test can compromise with written client authorization only. Goals and Objectives John Smith, CEO of E-commerce Sales, has requested that we perform a penetration test on the company’s production e-commerce Web application server and its Cisco network. It is our intention to run various penetration tests at irregular times in order to accurately test security measures that have been put in place. E-commerce Sales will not be aware of any of the penetration measures nor will they be aware of the times that this will be done. Information about the network will be gathered and analyzed for any open network interfaces. Success of the test is determined by determining......

Words: 1705 - Pages: 7

The Strategic Importance of Department Stores Within the Fashion Industry

...Importance of Department Stores Within The Fashion Industry” The main goal of department stores is to provide even more of a variety of brands under one roof for customers who either prefer convenience or have to shop under a certain amount of time, also at a discounted price. Mainly, they consist of clothing, house ware, accessories, furniture and appliances, beauty products, sporting goods, etc. and because of the vast amount of categories a department store contains, it is hence, given the name “department” store. All products sold here aren’t bought directly from their independent standing store but from wholesalers and manufacturers. Furthermore, because of their marked down prices they come into major competition with outlet stores, Internet and mail order retailers, as well as home shopping networks etc. As oppose to any other form of retail branches, department stores tend to own their own economies of scale in the arena of marketing, purchasing and distribution, which automatically gives them major cash flow. The clientele of these stores are generally varied so as to create exposure to vast amounts of persons with different savors. They are normally set up in a way where all products are quick and easy to pick up and purchase. In terms of positioning, which is relevant in the sense that the exposure must be easily attainable to the targeted customers, one must keep in mind a prime location for heavy business. Often when you are thinking about any sort of......

Words: 2939 - Pages: 12

Photography Networks

...RDI PHOTOGRAPHY NETWORK DESIGN PROPOSAL STRAYER UNIVERSITY CIS 532, Network Architecture and Analysis JANUARY 19, 2014 Abstract The analysis and proposed expansion of an existing network can be a daunting task for any company small or large. To be a truly successful company there should be the ability to manage not only the company, but to look to the future and investments in that future. This type of analysis and investment no matter the size of the company should not only be successful, but should be a seamless and virtually transparent operation. This paper will briefly address some elements of this analysis and proposed expansion upgrade starting with a brief history of what will be named the RDI Photography Company or RDI in future reference. This will be followed by a basic introduction for the consulting company followed by their proposed actions. This will include a brief project description and proposal breakdown of services, plan for merging the existing small networks and preparations for a possible company merger. Also included is possible considerations needed to meet project equipment needs, budget and time constraints, and conclusion. An inclusive plan if completely fleshed out could also incorporate the five process areas and nine knowledge areas of the Project Management Body of Knowledge (PMBOK®), as well as a brief description of the projects risk and risk assessment and the monitoring and control plan. For this paper, this......

Words: 2609 - Pages: 11

Dod Costs of Not Preparing for Nextgen

...Running head: DOD COSTS OF NOT PREPARING FOR NEXTGEN 1 The potential costs to the DoD of not preparing for the NextGen NAS overhaul: lessons learned from RVSM Casey Richardson Embry Riddle Aeronautical University Author Note The author, Casey Richardson, is a US Air Force Major and F16 test pilot at Edwards Air Force Base, California. He has more than 2000 flight hours in high performance aircraft including the T-38A/C, F-15E, and various models of the F-16. He is a graduate of USAF Test Pilot School and post-graduate student at Embry-Riddle Aeronautical University. DOD COSTS OF NOT PREPARING FOR NEXTGEN Abstract In order to facilitate a significant overhaul of the civilian National Airspace System (NAS), the Federal Aviation Administration (FAA) has partnered with many federal agencies, such as the departments of Transportation (DOT), Defense (DoD), Homeland Security (DHS), 2 and Commerce (DOC) and the National Aeronautics & Space Administration (NASA) through a consolidated Joint Planning and Development Office (JPDO) that was established by Congress in 2003 in the VISION 100 – Century of Aviation Reauthorization Act (JPDO, 2012). The JPDO has proposed replacing the old NAS structure of primarily ground-based navigation with robust satellite-enabled air traffic procedures and to supplement ground-based air traffic controller workload with advanced datalink and trajectory-based operations algorithms for de-conflicting aircraft on the ground and in the air....

Words: 2936 - Pages: 12

Unit 2 Lab Align Auditing Frameworks for a Business Unit with in the Dod

...clear where to start identifying the IA capabilities that should be included and assessed for a particular C&A effort. c. One of the biggest complaints about DITSCAP was that it required too much documentation and took too long to perform. d. DIACAP identifies four spreadsheets that summarize important C&A information. e. A second complaint about DITSCAP was that it only accommodated individual systems. f. DIACAP addresses the need to expand C&A to account for components outside of a site’s control. 2. What is DCID 6/3, and why would you use DCID 6/3 as opposed to DIACAP for Certification and Accreditation of a system? g. It is the policy for “Protecting Sensitive Compartmented Information Within Information Systems”. This directive establishes the security policy and procedures for storing, processing, and communicating classified intelligence information in information systems (ISs). For purposes of this Directive, intelligence information refers to Sensitive Compartmented Information and special access programs for intelligence under the purview of the DCI. An information system is any telecommunications and/or computer related equipment or interconnected system or subsystems of equipment that is used in the acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of voice and/or data (digital or analog); it includes software, firmware, and hardware. ......

Words: 1031 - Pages: 5

The Network Environment Within Xerox Capital Services, Llc

...The Network Environment within Xerox Capital Services, LLC Aaron J Lefort NTC/410 Kimberly Ford Fears February 15, 2003 The Network Environment within Xerox Capital Services, LLC To begin, the name of the place of the writers employment is Xerox Capital Services, LLC (XCS). XCS is a joint venture between GE Capital and Xerox Corporation. The business center is located in St. Petersburg, Florida. In the business center, XCS handles the public sector business. Public sector meaning state and local and government accounts. The customer business center of XCS handles order processing, billing administration, and collection. The writers position is order processing which is called an origination customer business representative. Operating System In the Public Sector Business Center, the personal computers consist of Microsoft Windows NT 4.0 operating system. The security software is Novell. When updates are needed to the personal computers, the network administrator automatically updates the Windows NT operating systems through the local LAN server. The Windows NT platform is really stable. Applications A customer business representative uses eight different software applications to complete its job function. The eight applications are MS Outlook, IE. 5.5, Aspect WinSet, e.power Express Desktop, ValueQuix, Telnet IA, Credit Authorization Tool (CAT), and RUMBA. MS Outlook is used to keep in contact and do business with sales representatives...

Words: 670 - Pages: 3

Network

...2.1.1 Network History The history of computer networking is complex. It has involved many people from all over the world over the past 35 years. Presented here is a simplified view of how the Internet evolved. The processes of invention and commercialization are far more complicated, but it is helpful to look at the fundamental development. In the 1940s computers were large electromechanical devices that were prone to failure. In 1947 the invention of a semiconductor transistor opened up many possibilities for making smaller, more reliable computers. In the 1950s mainframe computers, which were run by punched card programs, began to be used by large institutions. In the late 1950s the integrated circuit that combined several, then many, and now millions, of transistors on one small piece of semiconductor was invented. Through the 1960s mainframes with terminals were commonplace, and integrated circuits were widely used. In the late 1960s and 1970s, smaller computers, called minicomputers came into existence. However, these minicomputers were still very large by modern standards. In 1977 the Apple Computer Company introduced the microcomputer, also known as the personal computer. In 1981 IBM introduced its first personal computer. The user-friendly Mac, the open-architecture IBM PC, and the further micro-miniaturization of integrated circuits led to widespread use of personal computers in homes and businesses. In the mid-1980s users with stand-alone......

Words: 2656 - Pages: 11

New Networks

...detailed information of the projects' purpose and what it actually accomplished. All commands within the Department of Defense (DoD) are directed to implement the Host-Based Security System (HBSS). This is a multifaceted software security application used within the DoD to protect vital network resources from exploitation. Protecting vital data on information systems by ensuring the information’s availability, integrity, authentication, confidentiality and non-repudiation is called Information Assurance (IA). The process used within the DoD to certify information systems meet documented IA requirements is known as the DIACAP process. The DIACAP process was established in order to comply with the Federal Information Security Management Act 2002 (FISMA). The DIACAP directly supports and identifies the IA security tool, HBSS and fully implements those practices as prescribed in accordance with DoD I 8500.1M. All organizations within the DoD are mandated to comply with DoD I 8500.1M and Fragmentary Order (FRAGO) 13 to remain connected to the DoD’s GRID. This project envelops all applicable DIACAP processes necessary to obtain the accreditations for the Centrixs-M software application. This project outlines the process used to develop a complete set of HBSS policies for the Centrixs-M software application. The development phase of this project includes the site configuration within the ePO system tree, deployment of the McAfee agents, and the configuration of secure site......

Words: 527 - Pages: 3

Network Defense and Coutnermeasures

...Language) injection attacks to access web servers. Buffer overflow is used to exploit vulnerabilities within software. Software customized for companies are more difficult to attack so they have less vulnerabilities. On the other hand, commercial software, webservers and databases are more susceptible to buffer attacks. Attackers discover poorly written code then inject malicious code causing buffer overflows. To discover any codes they must first access the code structure and find the weaknesses and errors located in the source code which is how buffer overflow attacks begin. The source code may be wrapped in a “black box” which provides protection from tampering, however, many attackers have the skills need to access the code nevertheless. There are different buffer attacks that can be used by attackers. A stack-smashing attack usually aims at the critical buffer component known as the stack. Stacks' memory is set to a certain size and stores information about the processes an application is running at that time. A buffer overflow happens when if the stack consumes all of the allocated space for it. In order for a an attacker to cause a buffer overflow, data is written larger size than the size allocated. Relational database management system, such Oracle and MySQL, use SQL to communicate. SQL is a favorable target for attackers due to it being used widely, especially within e-commerce databases. If a web site has not been sanitized correctly, the change of......

Words: 1130 - Pages: 5

Department of Defense (Dod) Ready

...Department of Defense (DoD) Ready The task is establish security policies for my firm of approximately 390 employees and make them Department of Defense (DoD) compliant. To achieve this goal, a list of compliance laws must be compiled to make sure we me the standard. I will outline the controls placed on the computing devices that are being utilized by company employees. I will develop a plan for implementation of the new security policy. The task of creating a security policy to make my firm DoD complaint starts with knowing what laws to become complaint with. There an array of laws to adhere to, but I have listed the majors laws that the firm must comply with. The following is a list of laws that the firm must become complaint with Defense Federal Acquisition Regulation Supplement (DFARS). The DFARS contains requirements of law, DoD-wide policies, delegations of FAR authorities, deviations from FAR requirements, and policies/procedures that have a significant effect on the public (DPAP, 2014). The following is a list of standards for handling unclassified DoD information retrieved from Hogan Lovells website (2016). • prohibiting the posting of any DOD information on websites unless they are restricted to users that provide user ID/password, digital certificate, or similar credentials • using the “best level of security and privacy available” for transmissions of any DOD information transmitted via email, text messaging, and similar......

Words: 2282 - Pages: 10

Defense Attacks

...The Department of Defense (DoD) manages one of the largest and most targeted networks, up to 250,000 attacks per day. (Daniel Gouré, 2015) As a member of this organization, I see the low level applications set forth by the strategic minds of the DoD Chief Information Officer and Secretary of Defense. As the organization that laid the foundation for the internet, the DoD has evolved over the years reacting to the vulnerabilities and threats to their vast information systems. Past breaches have illustrated how vulnerable the networks are, and we can look at history to see the development of the defense networks and security. The DoD made a large impact across the computer security field with their security handbook called the “Orange Book”. The official name for the Orange Book is “DoD 5200.28-STD, Department of Defense Trusted Computer System Evaluation Criteria”, which was first written in 1983 and further updated in 1985. (Department of Defense, 1985) It is the computer system criteria book within a series of security related guides and directives called the “Rainbow Series,” which are the numerous standards and guidelines published by the Department of Defense. The document laid the foundation for the communication between the developers and the customers. The model was based on systems meeting six security requirements: security policy, marking of objects, identification of subjects, accountability, assurance, and continuous protection. After evaluation, the system is......

Words: 2282 - Pages: 10

Defense Aquisitions

...MN 3301 Midterm 1. Briefly describe the purpose of the Pre-System Acquisition and Systems Acquisition phases of the Defense Acquisition Management System. Explain the entrance and exit criteria for each of the phases of the Defense Acquisition Management System. Additionally, discuss the relevant Technology Readiness Levels associated with each phase. The Defense Acquisition System is a management process which the Department of Defense (DoD) can provide effective, affordable, and timely systems to users. DoD 50000.01 The three core elements, pre-system acquisition, system acquisition, and sustainment, consist of five phases, milestones and reviews acquisition programs must advance through. The five phases of the Defense Acquisition Management System are Material Solution Analysis (MSA), Technology Development (TD), Engineering & Manufacturing Development (EMD), Production & Deployment (P&D), and Operations & Support (O&S). Prior to advancing into the next phase a program must pass a Milestone review, by the Milestone Decision Authority (MDA), to ensure it meets both Department of Defense (DoD) and federal relguations. The pre-system acquisition element consists of the MSA and TD phases. Prior to entering into the MSA phase a Material Development Decision (MDD) will be made for a program and an Initial Capabilities Document (ICD) must be issued. This helps to determine which acquisition phase it will enter based on user needs, technology...

Words: 1123 - Pages: 5

The Effects of Social Network Within Business Environment

...The Effects of Social Network within Business Environment Absolutely, using the social networks as a great facility might have some advantages and also some disadvantages, just like other thing. The impacts and benefits of using social networks within business environment as follow. Business Risks of Social Networking: 1) Productivity losses: a) Addictive and time-consuming. b) Over-use during work time is a genuine issue. c) Can actually increase the productivity and effectiveness for some roles. 2) Legal risks a) Generally employers can monitor their employees’ web use and email, but notice is needed. Can result in legal liability. b) Potential for legal liability due to customer actions. 3) Reputation risk a) A risk to the business’s reputation. b) Many examples of gaffes & negative comments. c) Difficult to remove the comments. 4) Viruses and spyware a) Frequently a platform for malicious attacks using viruses and spyware. 5) Privacy breaches and identity theft a) Can promote identity theft, even where private. b) Third party applications usually get access to data. 6) Social engineering a) Use online information to commit targeted acts of fraud. b) Could profess to be the assistant to a high-level staff member, and know enough internal’ information to convince a staff member to provide cheques or goods. c) Convincing identity cards/business cards used to gain access to the business or its customers. d) Grandparent......

Words: 925 - Pages: 4

Lord Marksman and Vanadis | Meetgereedschap | Naqaab (2018) Bengali Full Movie 480p HDRip 350MB Download