|
|
| ACADEMICS: Course List - CS4680 |
CS4680: Introduction to Certification and Accreditation (C&A) (3-2)
Instructor: Burke
This course provides an in-depth instruction on the DoD/DoN security certification process. It provides an introduction to the Certification and Accreditation (C&A) process as applied to procurement and lifecycle management of DoD/DoN and federal government information systems, with a focus on the role of the Certifier. Topics include the principal C&A roles, functional components, and artifacts of the C&A process. Also included is a comparison of the Government C&A process specifications currently in use (DITSCAP/DIACAP, NIACAP, NIST/FIPS, DCID 6/3) and the emerging effort aimed at producing a unified process. In the laboratory portion of the course, students will do 2 or 3 case studies of information systems that have been evaluated under the current DoD criteria in preparation for accrediting to carry sensitive information. The students will study each system from concept through final system certification and accreditation. They will look at and evaluate such things as the security policies, system architecture, the system security architecture, design, implementation, deployment, management, evolution assurances, etc., through available documentation and other evidence, to determine whether the systems were secure enough to handle the classified information at the appropriate levels of assurance. The case studies will be based on the information available about deployed systems.
PREREQUISITES: CS3600, CS3670, and CS3690
|
|
|
