= External Link
2004
IT Security Awareness Training Course for NOAA Employees.
This course is MANDATORY for all NOAA employees, contractors,
and temporary personnel.
Temporary personnel includes visitors, guest workers,
associates, etc., who plan to work at a NOAA site and use NOAA IT
resources for more than a month. NEW EMPLOYEES must take the course
within THREE DAYS of being assigned use of IT equipment that will
allow them access to the course. Security awareness is crucial to
safeguarding NOAA's information assets. This training course was
developed to meet Federal, Departmental, and individual requirements
to be aware of information security.
NOAA
2002 IT Security Confrerence
Emerging Technologies - ARE YOU VULNERABLE? Archived Slides
and archived webcast available for download
The
Designated Approving Authority Course will provide
you with an awareness of the duties and responsibilities of the
Designated Approving Authority or DAA. The
DAA is the government official with the authority to formally assume
responsibility for operating an information system or network at
an acceptable level of risk. This overview presents high level information
about the DAA’s role within the Defense Acquisition Process,
the Department of Defense Information Technology Security Certification
and Accreditation Process, or DITSCAP, the Risk Management Model,
laws and regulations that govern a DAA’s actions and Information
Security.
SANS Step by Step Guides.
On a related topic, but not concerning other SANS Online Security
training courses, the NOAA ITSO has purchased a NOAA site-wide license
of 6 SANS Step by Step Guides. These guides are available for downloading.
Common
Body of Knowledge Review. This guide is designed to help
you prepare for the Certification for Information System Security
Professional (CISSP) Exam. It gives you some background, points
the way to study material, provides some study strategy, and imparts
some Exam-taking tips.
Essential
Security Measures ( We are now taking registration for December
3rd & 4th or December 5th & 6th courses to be held in Silver
Spring, MD. This course is a hands-on security training course for
UNIX system administrators. The course was created by the N-CIRT
and designed to specifically target the security needs of NOAA system
administrators.
FrontLine
Bulletins -Tips and Techniques to protect your information
systems.
Computer
User's Guide For Protecting Information Resources (Printable
PDF document)
Security
Electronic Magazines, Newsletters, and News Sites -This page
contains a list of online magazines, newsletters and news sites
that provide timely information about computer security.
FedCIRC Bits and Bytes Newsletter
- This newsletter is circulated quarterly by the FedCIRC Management
Center. The newsletter can be viewed using Adobe Acrobat Reader.
Click on the link above and select Documents from the FedCirc Menu.
Security
Wire Digest -- an e-mail newsletter sent out on Mondays and Thursdays
by Information Security magazine. To SUBSCRIBE to Security Wire
Digest, go to:
http://infosecuritymag.bellevue.com
FEDreport.com
-- The FREE Weekly Pay and Benefits Newsletter for Federal and Postal
Employees. To start your own subscription to FEDreport.com, simply
go to
http://www.fedamerica.com.
SecurityPortal's
Weekly Newsletter -- The Focal Point for Security on the Net(tm).
To join, go to
http://securityportal.com/subscribe.html
SANS
Newsbites -- SANS Weekly Security News Overview. To subscribe email
to: digest@sans.org with the subject "NewsBites subscription".
Free
IT Security Training at Office of Personnel Management
http://www.golearn.gov/coursecatalog/index.cfm?catlist=14,13
CyberNotes,
a publication of the National Infrastructure Protection Center
at the FBI. Its mission is to support security and information
system professionals with timely information on cyber vulnerabilities,
exploit scripts, hacker trends, virus information, and other critical
infrastructure-related best practices. CyberNotes is published
every two weeks.
Information
Security Magazine - Information Security magazine is the
industry's leading trade monthly, a one-stop shop for news, analysis,
insight and commentary on today's infosecurity marketplace.
Third-party
Mail Relay - check this site for securing your mail server.
International Information
Systems Security Certification Consortium or (ISC)² was
established as a nonprofit corporation to develop a certification
program for information systems security practitioners.
All information security personnel should take the exam to be a
Certified Information Systems Security professional.
Computer Security
Resource Center - A comprehensive listing of Awareness Materials/Activities
|