Center for Information Security and Assurance Resources

Secure Use

General Security Policy: Cyber Ethics

Cyber Ethics

General Security Policy: Information Technology Security Evaluation Criteria (ITSEC)

ITSEC Definition

General Procedures: Inference

Inference Definition

General Procedures: Rainbow Series

Rainbow Series

General Procedures: NSTISSAM COMPUSEC/1-99 Insider Threat to Government Computer Systems

NSTISS Glossary

General Countermeasures and Safeguards: Computer Law

Computer Law

General Countermeasures and Safeguards: Computer Media

Computer Media

General Countermeasures and Safeguards: Evaluate Security Testing Tools

Security Testing Tools

Administrative Countermeasures/Safeguards: Control Management

Change Control
Control Management

Administrative Countermeasures/Safeguards: Privacy Act

Privacy Act of 1974

Operations Policies/Procedures: Keystroke Monitoring

Keystroke Monitoring

Operations Policies/Procedures: Disaster Recovery Planning

Disaster Recovery


Policy and Procedures: Incident Response

Incident Response

Policy and Procedures: Witness Interrogation

Witness Interrogation

Operations Countermeasures/Safeguard: Computer Attacks

Computer Attacks
Computer Virus Timeline

Operations Countermeasures/Safeguard: Computer Emergency Readiness Teams



Administrative Policies/Procedures: Approval to Operate

Approval to Operate

Administrative Policies/Procedures: Configuration/Change Control

Change Control

Administrative Policies/Procedures: Copyright Protection

Copyright Protection

Administrative Policies/Procedures: Patch Management

Patch Management

Administrative Policies/Procedures: Records Management

Records Management

Administrative Policies/Procedures: Wireless Use Policies

Wireless Use Policy

Anomalies and Integrity

General Risk Management: Computer System Risk Management

Risk Management

Access Control Safeguards: Computer System Access Control

Access Control

Access Control Safeguards: Protected Distribution Systems

Protected Distribution System

Access Control Safeguards: Information Systems Access Restrictions

Access Restrictions


Access Control Mechanisms: KMI Applications

Key Management

Access Control Mechanisms: Single Sign-on

Single Sign On

IA Sites

IA Academic Links

Academic Institution Sites