The two tabletop training exercises were entitled Intrusion Forensic Experiment 1 (IFX 1) and Intrusion Forensic Experiment 2 (IFX 2). In IFX 1, developers created a fictitious credit union, including employees, a Web site, a network diagram, and information technology policies and procedures such as an incident response plan, acceptable network usage policy, and an operations manual. IFX 1 was a heavily scripted exercise that had strategically placed decisions for each participant. In IFX 2, the scenario took on a more free-flowing form. The primary objectives of IFX 2 included raising the awareness level of the participants regarding insider threats, developing and strengthening relationships with and among law enforcement agencies, emphasizing the importance of indications and warnings in identifying cybersecurity issues and stressing the importance of defense in depth, as well as total enterprise/agency security. IFX 2 also had secondary objectives of increasing awareness related to malware capabilities, technology exploitation, insider threats, security countermeasures, and the need for strong audits and awareness programs. Participants and observers represented the Air Force Research Laboratory/Information Directorate, the FBI, the U.S. Secret Service, and the Utica (New York) Police Department, in addition to private sector and academia representatives.
Downloads
Similar Publications
- The Cross-Reactivity of the Cannabinoid Analogs (delta-8-THC, delta-10-THC and CBD) and their metabolites in Urine of Six Commercially Available Homogeneous Immunoassays, Grant Report
- Introduction to Portal Contraband Detection Technology
- Keeping the Peace - The Parameters of Police Discretion in Relation to the Mentally Disordered