Wk2DQ2


430 DQ2 100-150 WORDS

Research and explain the differences between the DISA categories used for STIGS (Mission Critical, Mission Support, Administrative, Classified, Sensitive, and Public). How would you apply these classifications to systems within a public organization?

REPLIES 75-100 WORDS

A Daniel Collura

Hello Class,

The acronym DISA STIG stands for the Defense Information Systems Agency, which produces technical implementation guides called STIGs (Security Technical Implementation Guides). DISA is a component of the Defense Department (DoD). It is a combat support organization that gives all organizations and personnel working for the DoD IT and communication support. DISA oversees managing and organizing information related to defense in an IT and technologically advanced manner. STIGs offer a structured set of guidelines that specify how businesses should securely develop and maintain vendor-specific software and systems. Each piece of technology, from Apple iOS to VMware’s ESXi, has a STIG assigned to it, giving us access to hundreds of STIGs. Every 90 days, STIGs are updated and released via the Public DoD Cyber Exchange. This makes it possible for businesses to efficiently maintain secure hardware and software.

B Yamil Santana

Good Morning Class,

The defense information systems agency is uses to provide support with communications and IT with regulations that have to be followed by the security technical information’s guides. When it comes to applying these into work spaces it comes down to what you need done. Classified information along with mission critical and mission support information can be set to those that only need that access to access that information. Sensitive information also needs approval access to be able to see. Public on the other hand is public and can be seen by all.

C Joshua Skinner

Many computer packages, OSs and even firmware settings are not intended with safety in mind. Default settings also leave the system fairly vulnerable to hacker attacks. Furthermore, due to the complexity of the OS, weaknesses are identified daily as hackers find ways to share areas that were designed to be unavailable. Insert Stigs. Stigs are a series of cybersecurity requirements for IT products deployed with DoD agencies. Stigs are the source of configuration guidance for network devices, software, databases, and operating systems. TypicallyStigs are broken down into three categories. Category 1 – Weaknesses that enable an attacker to have instant access to a machine, enable super remote access, or bypass a firewall. Category 2- Vulnerabilities that provide data with a high potential to give access to an attacker and Category 3 – Security flaws that provide details that could eventually lead to failure. Conforming with DISA standards is the only way to be able to communicated with DoD systems.