MO Project: Contextual Branding

Approved Standards for Security Domain


Security Domain

The following Disciplines, Technology Areas and Compliance Components have been approved as Enterprise Architecture blueprints for inclusion in the EA repository. As more documentation becomes a part of the overall governance and product standards, this list will expand accordingly.

Discipline Technology Area Product/Compliance Components
Management Controls Information Security Policy Information Security Policy [CC]
Personnel Security Agency Security Roles and Responsibilities [CC]
Background Screening [CC]
Maintaining User Accounts [CC]
Review of Security Controls Separation of Duties [CC]
System Life Cycle Security Acquisition and Development Phase [CC]
cyberCide [PC]
DBAN [Confidential file, contact CIO]
DataEraser [PC]
DataGone [PC]
DiskWipe [PC]
Disposal Phase [CC]
EastTec [PC]
Eraser [Confidential file, contact CIO]
FDisk [Confidential file, contact CIO]
GDisk, Part of Symantec’s Ghost 7.5 [PC]
Implementation Phase [CC]
Initiation Phase [CC]
KillDisk [PC]
Operation and Maintenance Phase (Security Patch Management) [CC]
Wipe Drive [PC]
Security Risk Management Risk Assessment [CC]
Risk Mitigation [CC]
Security Testing [CC]
WatchFire AppScan [PC]
System Security Certification and Accreditation System Security Certification and Accreditation Process
System Security Planning System Security Planning Procedure [CC]
Data Integrity Data Integrity and Validation [CC]
Hardware & System Software Maintenance Configuration Management [CC]
Incident Response Incident Response Reporting [CC]
Risk Level Awareness - Countermeasures [CC]
Physical Security Physical and Environmental Protection Controls [CC]
Production, Input and Output Controls User Support [CC]
Security Awareness Training and Education Cyber Security Awareness Training[CC]
Security Documentation Minimum System Security Documentation [CC]
Operational Controls Contingency Planning Contingency Plan Development, Documentation and Technical Considerations [CC]
Contingency Plan Testing, Training, Exercises and Maintenance [CC]
Technical Controls Cryptography Cryptography Design/Implementation [CC]
Cryptography for Email [CC]
Cryptography for Stored Data [CC]
Cryptography for VPN [CC]
Cryptography for Wireless [CC]
Cryptography Uses [CC]
Cryptography for Web Servers [CC]
Digital Signature [CC]
Encryption Key Management [CC]
Entrust Secure Messaging Solution [PC]
Hardware vs Software Encryption [CC]
Hashing [CC]
Public Key Infrastructure [CC]
Secret Key Cryptography [CC]
Verisign Digital Certificates [PC]
Identification / Authentication Entity Authentication [CC]
Electronic Signatures [CC]
LexisNexis [PC]
Message Authentication [CC]
Password Controls [CC]
Securing Electronic Transactions [CC]
Strong Authentication [CC]
User Authorization [CC]
Intrusion Detection Systems Application Based IDS [CC]
Encryption for Laptops [CC]
Host Based IDS [CC]
Network Based IDS [CC]
Network Intrusion Prevention Systems (IPS) [CC]
Logical Access Controls Access Controls [CC]
Date/Time Controls [CC]
Inactivity Controls [CC]
Logon Banners [CC]
Remote Access Controls CS-MARS (Cisco Monitoring, Analysis and Response System) [PC]
Securing Remote Computers & Connections [CC]
Securing Mobile Devices [CC]
Security for Voice Over Internet Protocol (VOIP) [CC]
Securing Web Browsers [CC]
Virtual Private Networks (VPNs) [CC]
Secure Gateways & Firewalls Application - Proxy Gateway Firewalls [CC]
Firewall Administration [CC]
Dedicated Proxy Servers [CC]
Firewall Environments [CC]
Firewall Rules [CC]
Firewall Selection [CC]
Packet Filter Firewalls [CC]
Personal Firewalls [CC]
Stateful Inspection Firewalls [CC]
Virus Detection & Eliminations Antigen for Microsoft Exchange (email) [PC]
Antigen for Microsoft Exchange (gateway) [PC]
Antigen for Lotus Notes/Domino (email) [PC]
Antigen for Lotus Notes/Domino (gateway) [PC]
Computer Associates InoculateIT (email) [PC]
Computer Associates InoculateIT (management tool) [PC]
Computer Associates InoculateIT (server) [PC]
Computer Associates InoculateIT (wireless) [PC]
Computer Associates InoculateIT (workstation) [PC]
Criteria for E-mail [CC]
Criteria for Gateways [CC]
Criteria for Server [CC]
Criteria for Wireless [CC]
Criteria for Workstation [CC]
McAfee EPolicy Orchestrator (management tool) [PC]
McAfee Groupshield (email) [PC]
McAfee NetShield (server) [PC]
McAfee VirusScan (wireless) [PC]
McAfee VirusScan (workstation) [PC]
McAfee WebShield (gateway) [PC]
Symantec Norton AntiVirus Corporate Ed (email) [PC]
Symantec Norton AntiVirus Corporate Ed (gateway) [PC]
Symantec Norton AntiVirus Corporate Ed (management tools) [PC]
Symantec Norton AntiVirus Corporate Ed (server) [PC]
Symantec Norton AntiVirus Corporate Ed (workstation) [PC]
Virus Management Tools Criteria [CC]
Virus Policy & Best Practices [CC]