IT0772 Welcome

Welcome to

COMPUTER SECURITY

Subcourse IT0772
Edition D

United States Army Intelligence Center & Fort Huachuca
Fort Huachuca, AZ 85613-6000

Introduction

Overview This is an overview of Computer Security, IT0772.

Proponent This subcourse is issued by the--
U.S. Army Institute for Professional Development (AIPD)
U.S. Army Training Support Center
Newport News, Virginia  23628-0001

Purpose This subcourse is designed to teach you the basic procedures for protecting computers and the information processed on them. Instructions are contained within this subcourse on the fundamental theory underlying computer security, the threats to computer, the accreditation process, and the implementation of computer security countermeasures.

Target
Audience Any eligible person may enroll in the subcourse.

Requirements To receive credit for course or subcourse completion, you must--

Have an Army Correspondence Course Program (ACCP) USER-ID and PASSWORD.
Be formally enrolled in this course/subcourse through the ACCP.
Earn a passing score on the subcourse examination.

Contents The subcourse contains the following parts:

TABLE OF CONTENTS

Subcourse Overview

Lesson 1: Computer Security Overview

     Part A: What is Computer Security

     Part B: How does Computer Security Involve you

     Part C: Computer Security

     Part D: The U.S. Army Computer Security Program

     Part E: Information System Security

     Part F: Major Security Objectives

     Part G: Sensitive Defense Information

     Part H: Responsibilities and Appointments

     Part I: The Commander

     Part J: Security Officers

     Practice Exercise

Lesson 2: The Threats to Army Computers and sensitivity Designations

     Part A: The Threats to Army Computers

     Part B: Methods of Attack

     Part C: Sensitivity Designations

     Practice Exercise

Lesson 3: Security Processing Modes and Accreditation

     Part A: Security Processing Modes

     Part B: Explanation of Terms

     Part C: The Four Security Processing Modes

     Part D: The Accreditation Document/Security Plan

     Part E: Accreditation

     Part F: Initial Accreditation

     Part G: Accreditation Level

     Part H: Designated Accreditation Authority

     Part I: Explanations of Terms

     Part J: Classified Sensitive One (C1)

     Part K: Classified Sensitive Two (C2)

     Part L: Classified Sensitive Three (C3)

     Part M: Unclassified Sensitive One (US1) and Unclassified Sensitive Two (US2)

     Part N: Nonsensitive

     Part O: Preparing the Accrediation Document/Security Plan

     Part P: Reaccreditation

     Part Q: The Accreditation Statement

     Part R: Accreditation Variations

     Part S: Interim Approval to Operate Before Accreditation

     Part T: Accreditation Problems and Corrective Action

     Practice Exercise

Lesson 4: Protecting Computer Storage Area

     Part A: Protecting Computer Storage Media

     Part B: Computer Storage Media Defined

     Part C: Hazards to Computer Storage Media

     Part D: Damage to Computer Storage Media

     Part E: Overall Classification

     Part F: Backup Procedures

     Part G: Technologies of Computer Protection

     Practice Exercise

Lesson 5: Safeguarding Classified Information

     Part A: Safeguarding Classified Information

     Part B: Basic Safeguards for Classified Information

     Part C: Computer-Based Classified Information

     Part D: Marking Classified Storage Media

     Part E: Overall Classification

     Part F: Disposing of Computer-Based Classified Information

     Part G: Explanation of Terms

     Part H: "DELETE," "ERASE," AND "FORMAT"

     Part I: "RESTORE"

     Part J: Approved Methods of Purging Computer Media

     Part K: Declassifying Computer Media

     Part L: Nonremovable Storage Media

     Part M: Destruction of Storage Media

     Part N: Othe Classified Material

     Part O: Recommended Procedures for Processing Classified Information

     Practice Exercise

Lesson 6: Miscellaneous Computer Security Requirements

     Part A: Security Training and Awareness

     Part B: Who is Responsible

     Part C: Required Security Training

     Part D: Initial Security Training

     Part E: Periodic Security Training

     Part F: PC Security Measures

     Part G: Physical Protection

     Part H: Environmental Protection

     Part I: Employee Owned Computer

     Part J: Software Piracy

     Part K: Malicious Software

     Part L: Destructive Program

     Part M: Infection Protection

     Practice Exercise

Appendix A: List of Acronyms

Examination

Informal Access Feel free to preview the subcourse to see if it meets your needs, to study it without committing to formal enrollment, or use it as an on-line desk reference.

Enrollment

Enrollment
Eligibility The Army Correspondence Course Program subcourses are available to U.S. Active and Reserve military officers, warrant officers, and enlisted personnel; Reserve Officers' Training Corps, National Guard Officer Candidate School, West Point cadets, and authorized federal civilian employees.
Military personnel must have enough time remaining in service to complete the course/subcourse(s) in which they request enrollment.
Note:  For detailed eligibility requirements see the course listing found on the AIPD LOGON/REGISTER web site.

Enrollment
Notes Enrollment is electronic. To enroll, click on the ENROLL button below to take you to the ACCP LOGON screen. [NOTE: The following instructions apply to the ACCP web site.]

If you are not already registered with the ACCP, you will need to do so prior to enrolling for this subcourse. Click on the REGISTER button and follow the on-screen instructions. [NOTE: You will be required to create your own USER-ID and PASSWORD. These will allow you to enroll for courses/subcourses, access and update portions of your current personal demographic information, view history records, and take on-line examinations for subcourses in which you are enrolled.]

If you are a registered ACCP participant, enter your USER-ID and PASSWORD in the spaces provided and click on the LOGON button. Follow on-screen instruction for enrolling in a course/subcourse.

When filling in the subcourse number, enter it exactly as follows:  IT0772.
After submitting your application, you will receive verification of your enrollment by e-mail, if available, or first class mail.
IMPORTANT:  You will not be able to access the examination for this subcourse until you have received notification that your enrollment application has been accepted. Until that time, you may informally access the subcourse materials and begin your studies.

Taking the Subcourse On-Line

Taking the
subcourse
You do not have to wait for enrollment verification before beginning. You can start immediately. Everything you need to complete the subcourse is provided on-line. You will need no additional materials, nor will any be sent to you. View and study all materials (including practical exercises), and take the final examination.
REMINDER:  You must have received ACCP subcourse enrollment verification by e-mail before taking the examination.
This document is only available in Microsoft Word.

Taking
the exam

REMINDER:  You must have received ACCP subcourse enrollment verification by e-mail before taking the examination.
Read the examination administrative instructions very carefully prior to beginning the examination.
Once you complete the examination and "submit" your responses, you will receive immediate feedback of your score. If you obtained a passing score, you will also receive subcourse text references for missed questions. Your final official grade (Completion Notice) will be provided by e-mail, if available, or first class mail. If you did not obtain a passing score, you may retake the examination after a time lapse of 24-hours from computer processing of your initial attempt.
IT0772 Edition D Examination

Assistance

Points of
Contact If you have any questions about the subcourse, call or e-mail one of these points of contact:
For questions about subcourse content, contact:

ATZS CLA (IPB)
COMMANDER
US ARMY INTELLIGENCE CTR & FT HUACHUCA
BLDG 61730 RM 111
FORT HUACHUCA, AZ 85613-6000

For questions about subcourse administration, contact:

Section A
DSN: 826-2127/3322
COM: (757) 878-2127/3322
E-MAIL: sectiona@atsc.army.mil


Introduction

Overview	This is an overview of Computer Security, IT0772.

Proponent	This subcourse is issued by the-- U.S. Army Institute for Professional Development (AIPD) U.S. Army Training Support Center Newport News, Virginia 23628-0001

Purpose	This subcourse is designed to teach you the basic procedures for protecting computers and the information processed on them. Instructions are contained within this subcourse on the fundamental theory underlying computer security, the threats to computer, the accreditation process, and the implementation of computer security countermeasures.

Target Audience	Any eligible person may enroll in the subcourse.

Requirements	To receive credit for course or subcourse completion, you must-- Have an Army Correspondence Course Program (ACCP) USER-ID and PASSWORD. Be formally enrolled in this course/subcourse through the ACCP. Earn a passing score on the subcourse examination.

Contents	The subcourse contains the following parts: TABLE OF CONTENTS
	Subcourse Overview
	Lesson 1: Computer Security Overview
	Part A: What is Computer Security
	Part B: How does Computer Security Involve you
	Part C: Computer Security
	Part D: The U.S. Army Computer Security Program
	Part E: Information System Security
	Part F: Major Security Objectives
	Part G: Sensitive Defense Information
	Part H: Responsibilities and Appointments
	Part I: The Commander
	Part J: Security Officers
	Practice Exercise
	Lesson 2: The Threats to Army Computers and sensitivity Designations
	Part A: The Threats to Army Computers
	Part B: Methods of Attack
	Part C: Sensitivity Designations
	Practice Exercise
	Lesson 3: Security Processing Modes and Accreditation
	Part A: Security Processing Modes
	Part B: Explanation of Terms
	Part C: The Four Security Processing Modes
	Part D: The Accreditation Document/Security Plan
	Part E: Accreditation
	Part F: Initial Accreditation
	Part G: Accreditation Level
	Part H: Designated Accreditation Authority
	Part I: Explanations of Terms
	Part J: Classified Sensitive One (C1)
	Part K: Classified Sensitive Two (C2)
	Part L: Classified Sensitive Three (C3)
	Part M: Unclassified Sensitive One (US1) and Unclassified Sensitive Two (US2)
	Part N: Nonsensitive
	Part O: Preparing the Accrediation Document/Security Plan
	Part P: Reaccreditation
	Part Q: The Accreditation Statement
	Part R: Accreditation Variations
	Part S: Interim Approval to Operate Before Accreditation
	Part T: Accreditation Problems and Corrective Action
	Practice Exercise
	Lesson 4: Protecting Computer Storage Area
	Part A: Protecting Computer Storage Media
	Part B: Computer Storage Media Defined
	Part C: Hazards to Computer Storage Media
	Part D: Damage to Computer Storage Media
	Part E: Overall Classification
	Part F: Backup Procedures
	Part G: Technologies of Computer Protection
	Practice Exercise
	Lesson 5: Safeguarding Classified Information
	Part A: Safeguarding Classified Information
	Part B: Basic Safeguards for Classified Information
	Part C: Computer-Based Classified Information
	Part D: Marking Classified Storage Media
	Part E: Overall Classification
	Part F: Disposing of Computer-Based Classified Information
	Part G: Explanation of Terms
	Part H: "DELETE," "ERASE," AND "FORMAT"
	Part I: "RESTORE"
	Part J: Approved Methods of Purging Computer Media
	Part K: Declassifying Computer Media
	Part L: Nonremovable Storage Media
	Part M: Destruction of Storage Media
	Part N: Othe Classified Material
	Part O: Recommended Procedures for Processing Classified Information
	Practice Exercise
	Lesson 6: Miscellaneous Computer Security Requirements
	Part A: Security Training and Awareness
	Part B: Who is Responsible
	Part C: Required Security Training
	Part D: Initial Security Training
	Part E: Periodic Security Training
	Part F: PC Security Measures
	Part G: Physical Protection
	Part H: Environmental Protection
	Part I: Employee Owned Computer
	Part J: Software Piracy
	Part K: Malicious Software
	Part L: Destructive Program
	Part M: Infection Protection
	Practice Exercise
	Appendix A: List of Acronyms
	Examination

Informal Access	Feel free to preview the subcourse to see if it meets your needs, to study it without committing to formal enrollment, or use it as an on-line desk reference.

Enrollment

Enrollment Eligibility	The Army Correspondence Course Program subcourses are available to U.S. Active and Reserve military officers, warrant officers, and enlisted personnel; Reserve Officers' Training Corps, National Guard Officer Candidate School, West Point cadets, and authorized federal civilian employees. Military personnel must have enough time remaining in service to complete the course/subcourse(s) in which they request enrollment. Note: For detailed eligibility requirements see the course listing found on the AIPD LOGON/REGISTER web site.

Enrollment Notes	Enrollment is electronic. To enroll, click on the ENROLL button below to take you to the ACCP LOGON screen. [NOTE: The following instructions apply to the ACCP web site.] If you are not already registered with the ACCP, you will need to do so prior to enrolling for this subcourse. Click on the REGISTER button and follow the on-screen instructions. [NOTE: You will be required to create your own USER-ID and PASSWORD. These will allow you to enroll for courses/subcourses, access and update portions of your current personal demographic information, view history records, and take on-line examinations for subcourses in which you are enrolled.] If you are a registered ACCP participant, enter your USER-ID and PASSWORD in the spaces provided and click on the LOGON button. Follow on-screen instruction for enrolling in a course/subcourse. When filling in the subcourse number, enter it exactly as follows: IT0772. After submitting your application, you will receive verification of your enrollment by e-mail, if available, or first class mail. IMPORTANT: You will not be able to access the examination for this subcourse until you have received notification that your enrollment application has been accepted. Until that time, you may informally access the subcourse materials and begin your studies.

Taking the Subcourse On-Line

Taking the subcourse	You do not have to wait for enrollment verification before beginning. You can start immediately. Everything you need to complete the subcourse is provided on-line. You will need no additional materials, nor will any be sent to you. View and study all materials (including practical exercises), and take the final examination. REMINDER: You must have received ACCP subcourse enrollment verification by e-mail before taking the examination. This document is only available in Microsoft Word.

Taking the exam	REMINDER: You must have received ACCP subcourse enrollment verification by e-mail before taking the examination. Read the examination administrative instructions very carefully prior to beginning the examination. Once you complete the examination and "submit" your responses, you will receive immediate feedback of your score. If you obtained a passing score, you will also receive subcourse text references for missed questions. Your final official grade (Completion Notice) will be provided by e-mail, if available, or first class mail. If you did not obtain a passing score, you may retake the examination after a time lapse of 24-hours from computer processing of your initial attempt. IT0772 Edition D Examination

Assistance

Points of Contact	If you have any questions about the subcourse, call or e-mail one of these points of contact: For questions about subcourse content, contact: ATZS CLA (IPB) COMMANDER US ARMY INTELLIGENCE CTR & FT HUACHUCA BLDG 61730 RM 111 FORT HUACHUCA, AZ 85613-6000 For questions about subcourse administration, contact: Section A DSN: 826-2127/3322 COM: (757) 878-2127/3322 E-MAIL: sectiona@atsc.army.mil