Security Works, Inc. has just been awarded a high priority, high visibility contract/project that will require us to develop and maintain a proper DoD security policy that is required to meet DoD standards for delivery of the technology services. Upon winning this high demand contract with the DoD, Security Works, Inc. is now obligated to meet all government standards that the U.S. Air Force Cyber Security Center or AFCSC enforces. Other guidelines within this contract that have to be followed in order for Security Works, Inc. to stay compliant to all laws and security measures falls under the Federal Information Security Management Act (FISMA). FISMA is United States legislation that defines a comprehensive framework to protect government
…show more content…
An application domain is a mechanism (similar to a process in an operating system) used within the Common Language Infrastructure (CLI) to isolate executed software applications from one another so that they do not affect each other. This have established physical domain must control such aspects as doors, locks, security cameras, and fire suppressants. (Wikipedia, 2014) Security Works, Inc. will ensure that at least one firewall is implemented in every necessary security zone set by AFCSC and the DoD to limit unwanted network traffic. The use of NAC devices to restrict which computers and devices can connect to the domain will also ensure DoD …show more content…
and any DoD employee with the need to know in an IT position, part time by a DoD employee in a designated IA role, or by a support contractor. All personnel performing IA functions must satisfy both preparatory and sustaining DoD standard training and certification requirements as a condition of privileged access to any DoD information system. DoD Component-level IA programs shall include a standard convention for naming and describing IA functions; tracking their association with positions, roles, and contracts; and tracking the training and certification of personnel assigned to the positions, roles or contracts. Security Works, Inc. will implement and monitor the approved training programs that all employees and contractors will test through the certification process that is administered through the products offered by AFCSC, and comply with the training standards established by the Committee on National Security Systems (CNSS). 13 Required versus actual IA workforce training and certification shall be a management review item. Required versus actual compliance with qualifying criteria for designated IT position categories and security clearances shall be a management review item. (DoD,
An application domain is a mechanism (similar to a process in an operating system) used within the Common Language Infrastructure (CLI) to isolate executed software applications from one another so that they do not affect each other. This have established physical domain must control such aspects as doors, locks, security cameras, and fire suppressants. (Wikipedia, 2014) Security Works, Inc. will ensure that at least one firewall is implemented in every necessary security zone set by AFCSC and the DoD to limit unwanted network traffic. The use of NAC devices to restrict which computers and devices can connect to the domain will also ensure DoD …show more content…
and any DoD employee with the need to know in an IT position, part time by a DoD employee in a designated IA role, or by a support contractor. All personnel performing IA functions must satisfy both preparatory and sustaining DoD standard training and certification requirements as a condition of privileged access to any DoD information system. DoD Component-level IA programs shall include a standard convention for naming and describing IA functions; tracking their association with positions, roles, and contracts; and tracking the training and certification of personnel assigned to the positions, roles or contracts. Security Works, Inc. will implement and monitor the approved training programs that all employees and contractors will test through the certification process that is administered through the products offered by AFCSC, and comply with the training standards established by the Committee on National Security Systems (CNSS). 13 Required versus actual IA workforce training and certification shall be a management review item. Required versus actual compliance with qualifying criteria for designated IT position categories and security clearances shall be a management review item. (DoD,