ISSEP Definitions Questions and Answer
Acquisition Plan -
The acquisition plan defines the acquisition and installation of the operating environment hardware and software.
AO Designated Rep (AODR) -
Replacement to DAA Rep
Previous
Play
Next
Rewind 10 seconds
Move forward 10 s...
ISSEP Definitions Questions and Answer
Acquisition Plan - - The acquisition plan defines the acquisition and installation of the
operating environment hardware and software.
AO Designated Rep (AODR) - - Replacement to DAA Rep
Application programming interface (API) - - set of routines/protocols/tools for building
software applications. APIs provide standard interfaces so that multiple vendors can
provide interoperable solutions. APIs are a means of isolating a computing platform
from the details of the implementation of cryptographic functions (both the actual
algorithms and the hardware implementations).
Authentication - - The ability to verify the identity of an individual or entity. Authentication
is entity oriented.
Authorizing Official (AO) - - The "authorizing official" is the executive or senior manager
authorized to approve the operation of the information system.
Automated Security Self Evaluation Tool (ASSET) - - automates the process of
completing a system self-assessment. ASSET will assist organizations in completing
the self-assessment questionnaire contained in NIST Special Publication (Special
Publication) 800-26, Security Self-Assessment Guide for Information Technology
Systems.
Availability - - Timely, reliable access to data and information services by authorized
users. Availability is service oriented.
Certified TEMPEST Technical Authority (CTTA) - - The Certified TEMPEST Technical
Authority (CTTA) is the only individual within the U.S. Government to recommend
and/or approve TEMPEST countermeasures.
Clinger Cohen Act of 1996 - - law to improve how government acquires/uses/disposes
information technology
Commercial Off The Shelf (COTS) - - software/hardware ready-made and available for
sale to public
Committee on National Security Systems (CNSS) - - Federal agency that provides a
forum for the discussion of policy issues, sets national policy, and promulgates
direction, operational procedures, and guidance for the security of national security
systems
, Common Criteria (CC) - - for Information Technology Security Evaluation (abbreviated
as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer
security certification.
Common Data Security Architecture (CDSA) - - Is a set of layered security services that
address communications and data security problems in the emerging Internet and
intranet application space
Common Data Security Architecture (CDSA) - - Set of layered security services that
address communications and data security problems in the emerging Internet and
intranet application space.
Computer Fraud and Abuse Act (CFAA) - - was originally enacted to provide a clear
statement of proscribed activity concerning computers to the law enforcement
community, those who own and operate computers, and those tempted to commit
crimes by unauthorized access to computers. Instead of trying to add computer crime to
the multitude of other relevant USC, it was decided to establish the Computer Fraud
and Abuse statute, 18 USC 1030, as a single statute for computer-related offenses.
Computer Misuse Act of 1990 - - Unauthorized access w/intent to facilitate computer
crimes or modify them
Concepts of Operations (CONOPS) - - document describing the characteristics
(Strategies,tactics, policies, and constraints)(responsibilities and authorities delegated)
(Statement of the goals and objectives of the system)(Organizations, activities, and
interactions among participants)
Confidentiality - - Protection of information from disclosure to unauthorized individuals,
systems, or entities. Confidentiality is data oriented.
Defense Advanced Research Projects Agency (DARPA) - - Agency responsible for
funding the development of many technologies such as computer networking, as well as
NLS
Defense Contract Audit Agency (DCAA) - - The DCAA is responsible for performing
contract audits for the Department of Defense.
Defense Information Assurance Program (DIAP) - - To protect and defend DoD
information, information systems, and information networks that are critical to the
Department and the armed forces during day-to-day operations and operations in times
of crisis. Therefore, the DIAP is the Office of the Secretary of Defense (OSD)
mechanism to plan, monitor, coordinate, and integrate IA activities.
Defense Information Services Agency (DISA) - - DoD agency that is responsible for
planning, engineering, acquiring, fielding, and supporting global net-centric solutions
and operating the GIG to serve the needs of the President, Vice President, the
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Pogba119. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
