comsifter manual

comsifter manual

LINK 1 ENTER SITE >>> Download PDF
LINK 2 ENTER SITE >>> Download PDF

File Name:comsifter manual.pdf
Size: 2891 KB
Type: PDF, ePub, eBook

Category: Book
Uploaded: 26 May 2019, 16:16 PM
Rating: 4.6/5 from 800 votes.

Status: AVAILABLE

Last checked: 13 Minutes ago!

In order to read or download comsifter manual ebook, you need to create a FREE account.

Download Now!

eBook includes PDF, ePub and Kindle version

✔ Register a free 1 month Trial Account.

✔ Download as many books as you like (Personal use)

✔ Cancel the membership at any time if not satisfied.

✔ Join Over 80000 Happy Readers

comsifter manualThis software will provide a secure session between Comsift and your PC via a unique and one-time ID and password that is shared with Comsift Technical Support. If a Domain Controller is available this is considered a best practice as the program is installed once and is installed from a secure source. As part of configuring ComSifter usernames must be entered in the User List and a filter level associated with the username. During normal operation when a user computer requests a web site the ComSifter will query the IP of the requesting computer and ask for its IDENTD. The IDENTD program will respond with the username of the user currently logged into the computer. ComSifter then matches the username with the filter associated in the User List and applies the filter settings appropriate for that filter. By using IDENTD, multiple users may log into and out of a computer during the day and they will be filtered based on their username, not the computer. If a user computer that does not have IDENTD installed is queried, and thus does not respond, ComSifter will automatically assign that computer user the username nousername. By default, nousername is automatically routed to the non-identd filter. This default behavior may be changed by adding nousername to the ComSifter user list and assigning an appropriate filter. Port 113 Exception For the Identd protocol to operate properly Port 113 TCP must be open in both directions on client computers. This may be accomplished by making a port exception in the client firewall. If the client computers are under the control of a Windows 2003 or greater Domain Controller then this may be easily pushed out with a Group Policy rule. Warning: Identd listens on Port 113 of the client computer. If client computers have personal firewalls Port 113 must be opened. If Port 113 is not opened Internet access will fail.http://menuiserie-sainte-anne.fr/userfiles/dodge-durango-1998-manual.xml

Tags:
• comsifter manual.

Windows Firewall Click Exceptions Windows Firewall (Group Policy rule) The following rule is applied by way of a Group Policy on Windows 2003 and Windows 2008 servers. This rule will open port 113 inbound on any computer connected to the Domain. As this rule is under Computer Configuration a one time restart of all Domain Computers will be required to activate the rule.The best method of deploying Identd is dependent on the types of operating systems used in your network and if your network is part of a domain. The following matrix described the best method for each type of installation. If you have a mixed environment that includes these unsupported Operating Systems, Comsift suggests the following best practices. Option 1: The identification program Comsift uses, IDENTD, should be executed from a file server or domain controller, which requires proper Without IDENTD, client workstations will be routed automatically to the non-identd filter. Note: Administrator privileges are required for all operating systems to properly install Identd. Open Identd Utilities The installer is designed for silent installation. Once started it will complete unless there is an error. This design allows the.msi file to be used in a Group Policy for automated software installation as defined in the user guide. Comsift Service Local Install. Add New Package to Software Installation Select assigned unless your requirements differ. Select Deployment Method Finished Rule Comsift Connection Local Install Comsift Connection has been deprecated and replaced by Comsift Service. The installer is designed for silent installation. Once started it will complete unless there is an error. This design allows the.msi file to be used in a Group Policy for automated software installation as defined in the user guide. 1. Double click the local Installation as Application folder. 2. Double click the comsiftconnection.msi file 3. When prompted restart the computer.http://eska-lift.ru/userfiles/dodge-durango-2002-service-manual.xml The IDENTD program will now start every time the computer is started. Open Default Group Policy 11.In the Script Name field enter the UNC path to your server (\\your servername\netlogon\identd.bat) (netlogon is case sensitive) 13. There are no Script Parameters The IDENTD program will now be installed and started every time a Domain User logs into a Domain Computer. Contents ilaw Overview How ilaw works Installing ilaw Server on a PC Installing This history can include information about when label formats were edited and printed. In order to save this history, For detailed deployment instructions No parts of this work may be reproduced in any form or by any means - graphic, electronic, or mechanical, including photocopying, recording, All rights reserved. Datacastle is a registered trademark of Datacastle Corporation. Microsoft Windows is either a registered trademark SQL Server 2005 Installation Document No part of the contents of this user guide may be reproduced or transmitted in any form or by any means For more detailed information, please see All Rights Reserved.There are three parts to the network version installation: 1. The installation This FAQ is intended to answer common questions about resolving issues with a Best Practice client not connecting Promap V4 MSI Main Advantage Installation via Group Policy (Windows Server 2000) Installation via Group Policy (Windows Server 2003) What is an About This Manual This manual describes how to install and configure RadiNET Pro Gateway and RadiCS By AD Logon Name AD Logon Name(recommended) By Windows Logon Name IP Address If Windows Firewall is enabled on target systems, it The installation of STATISTICA Enterprise Server entails two parts: a) a server installation, and b) workstation installations on each of It is recommended that you become familiar with the documentation provided by Microsoft about The installation of STATISTICA Enterprise Small Business entails two parts: a) a server installation, and b) workstation installations However, there is still a need for printing directly to the RIP from the Page Layout application. This These IntraNomic Client Controls provide advanced If you are still on MSDE 2000, Applies To: CitectSCADA 6.xx and 7.xx VijeoCitect 6.xx and 7. This document enables you to quickly get started with the installation of Bitdefender This is accomplished by assigning to each of Protected by US Patents 5,573,278; 5,596,652; 5,793,882; 6,761,312; Oce LF Systems. Connectivity information for Scan-to-File No part of this work may be reproduced, copied, adapted, or transmitted in any form Embarcadero Technologies, Inc. 100 California Street, 12th Floor San Francisco, CA 94111 U.S.A. Version 031809 CONTENTS 1. INTRODUCTION. 1 1.1 LAN PREREQUISITES. Requirement: Any version of the Windows 2000 Server. FTP Windows s component. Internet Information Services, IIS. Steps: Deepnines Technologies, Security Edge Platform, Security Edge System, Sleuth9 Security IH Anywhere guide. 0 P a g e SQL Server Express SQL Server BES12 Cloud Directory Connector SonicWALL Directory Services Connector 3.1.http://drbillbaker.com/images/computer-programming-manual-for-the-jovial-j73-language.pdf7 These instructions are not provided Pcounter Web Report Installation Guide Version 3.4 All rights reserved. Use of this product and this It is recommended that you become familiar with the documentation provided by Microsoft about their Unless otherwise If not, then we recommend you look at one of the The goal of To use this website, you must agree to our Privacy Policy, including cookie policy. Advanced Search Login Sign Up Advanced Search Newsfeed Followed Companies Comsifter Overview Competitors Contact Summary FAQ Comsifter's Competitors, Revenue, Number of Employees, Funding and Acquisitions Oops. Nobody has contributed to Comsifter's profile yet. Annual Revenue Est. Employees Sector Update Industry Headquarters Update Address Weigh-in. Yes Somewhat No I don't know Headquarters Where in the world is Comsifter. If you have a Comsift Internet content filter and if you subscribe to the update service for it, Comsift has decided to make an important change which may affect you. For example, on Facebook, YouTube, and MySpace, anyone can use language or publish imagery or videos that would be inappropriate for some audiences to view. However, inappropriate published images or videos or even user profile photos may be displayed. Follow this entry via RSS 2.0. EKMS-1, EKMS-3 and EKMS-5 2) Maintenance and Operator Manuals: All cryptographic maintenance manuals (KAMs), and Cryptographic Operators Manuals (KAOs) 3)Miscellaneous Material: Status of COMSEC Material Report (SCMR), and controlling authority status messages. What type of message will a CONAUTH send to promulgate effective and supersession info. Material can vary from hours, to years Reserve on Board (ROB): ROB is material that is part of your allowance but is not yet effective and is held in reserve for later date. Range from 2 - 6 with varying quantities for each level. ROB are in addition to effective edition being used 2-7 months. Superseded COMSEC received in a ROB much be destroyed in 12 hours of opening equipment. Also releases Authority Status Message for all keys under their control. Grant privileges to User Representatives (URs) and associated key ordering privileges. Validates CF Form 1206 prior to submission to Central Facility (CF) Who manages modern Key. Decryption key: Private and kept secret (Anyone who knows it can decrypt the message) What type of info is needed by an adversary to develop measures or tactics to increase their ability to exploit our vulnerabilities. Mission Critical Information Ordering closed partition key requires CF Form 1205 and 1206 True Modern key tracker. Available for download to track modern key expiration Modern Key Registration: Central Facility (CF) uses forms for management of modern keys. Don't require wet signature. Can be digitally signed by DOD CAC or interactive key. True CF Form Soup 1205 and 1206. Required to order closed partition key Who is responsible for preparing 1202 and 1207. Account Manager Whats a DAO code? 6 digit code which associated ordering privileges. Order for new modern Keys? (Modern Key is obtained through an order) Submitted within a minimum of 30 days prior to expiration of current key Key Support Website: CF provides website. Use to obtain forms, instructions, order keys, find documentation and training material for COMSEC systems. DAO Code (Department, Agency, Organization) Identify a caller during a secure session and identify those privileged to order modern keying material. DAO Code - 6-digit number representing 2 lines of data associated with that code. Line 1, one of the following: USN - Navy MSC - Military Sealift Command USCG - Coast Guard USMC - Marine Corps Than org title i.e. USNUSSSHIP Line 2: Geographic location or deployed. COMSEC is the prevention of unauthorized access to telecommunications traffic or to any written info that is transmitted or transferred. True Traditional vs. Modern Key? Traditional (Symmetric): Used to share info between a set of people that ALL have access to it. 1) Managed by Controlling Authority 2) Distributed 3) Effective and Supersession dates 4) Copies Modern (Asymmetric): Used when a large subset of people share info. 1) Managed by CMDAUTH 2) Ordered 3) Expiration (12 months) 4) Moved (When issued) CMDAUTH An individual responsible for appointment and management of of User Representatives for a department, agency, or organization and their SDNS key ordering privileges. CMDAUTH Duties: 1) Establish user representatives 2) Review and approve new requests for closed partions and DAO codes 3) Assist User Reps on submission of orders and other CF forms 4) Provides guidance related to modern key and related devices 5) Assists user rep in conducting cryptonet reviews 6) Assuming responbility for operational management of a partition for a newly fielded system 7) Authorizing cryptoperiod extensions when operationally necessary 8) Records maintenance and retention User Representative (UR) Key Management Entity (KME) authorized by an organization by the CMDAUTH and registered by CF to order modern key. Self assessments Conducted at least semi annually Explain requirements for COs and Account Manager Spot Checks COs: 1) Quarterly 2) Must personally perform 2 of 4. Can delgate 2 others to XO or Communications Officer Account Manager: 1) Monthly (at minimum) 2) Ensure to answer EVERY question for EVERY LE each year How often must a COMSEC Account review their holdings to ensure continuing need for quantity and all types of COMSEC material held? Annually. Explain self-assessment process and periodicity 1) Semi-annual by account manager 2) Perform on Vault and each LE 3) Maintain on file for minimum of 2 years Unannounced Spot Checks 1) Requirement for COs spot checks 2) Should be done this way when possible 3) Provides honest look and feedback Announced Spot Checks 1) Reality in most commands 2) Allows managers to prepare 3) Effective because gives people time to prepare SCMSRO (Staff CMS RO Staff CMS Responsibility Officer) Flag or general officer in command status or deputy commander or chief of staff. May assume responsibility for COMSEC matters or designate to staff officer (0-4 or select. GS-12 Pay band 2 or above) Must have security clearance equal to or higher than highest classification of COMSEC held by account and be senior to COMSEC manager. CPSO (Client Platform Security Officer) Designated in writing by CO. Monitors and reviews audit data associated with Management Client (MGC). Requires Type 1 Token Can't be done by Key Management Infrastructure Operational Account Manager (KOAMI) or Client Platform Administrator (CPA). Requires Additional Training. Client Platform Administrator (CPA) Designated in writing by CO. Responsible for system admin involving KMI Management Client. Must be registered and enrolled in KMI but do not require Type 1 Token. Can't be concurrently assigned to Client Platform Security Officer (CPSO) Requires additional Training. All COMSEC Users are REQUIRED to complete SD Form 572 acknowledging their access. Access Lists Required for ALL spaces that handle COMSEC Can but not required to have Legend Code specifying access inside a space. Must be signed by current CO. Must be updated when status of anyone on list changes, COC, or at least annually. Working Copies of inventory reports must be retained in accordance with EKMS 1, they allow resolution of discrepancies should any occur during CORs inventory review. Situational Awaraness only All comsec is listed and invetoried by: 1) Sighting Short title 2) Edition (if none, than quantity only) 3) Accounting Number 4) Quantity All comsec is listed and invetoried by: The Short title, edition, ALC, and quantity must be listed on an invetory. What Tier are all LEs and from how many accounts may they recieve COMSEC. Stored separately from other classified material. What standard form is used to document Transfers, Possession, and Destruction, and is know as a Hand Receipt. SF-153 LEs are responsible for maintaining copies of destruction documents. True Status COMSEC Material Report (SCMR) Is classified as SECRET NOFORM, produced by COR and provided to Tier 2 accounts automatically each month. Non Watch Station Environment: 1) Conducted each time safe is opened 2) If material requires TPI 2 personnel must sign 3) All COMSEC material must be on the inventory and sighted each time. Document issuing of KEY to LE Account Manager must provide LEs with what regarding proper handling of COMEC. Local Written. How long is spotcheck paperwork kept? 2 years or until completion of next COR audit. Manager Spot Checks: 1) Must spot check at least 1 LE each month 2) Manager will ensure that each LE gets a thorough check 3) Should increase the number of spot checks in case of large accounts 4) Can use the CO Handbook or EKMS 3 seires to do spot checks CO Spot Checks 1) Requires quarterly for external LEs 2) Use COs handbook Describe requirements for selection of and access to combinations, passwords and PINs: Unless an emergency, only MANAGER and ALTERNATES know combinations to COMSEC Managers vault. No 1 person can either know both combos for TPI container, or change both combinations on it. Passwords and Pins are classified at level of holder. Part 1 - Top sheet and carbon copy used in the event someone finds the container open (Inside safe with PII cover safe and no classification level) Part 2A - Envelope that Part 2A will be placed in before being sealed (Must be marked with appropriate classification and declassification instructions) Part 2B - Designed to be detached from part 2 and placed inside after the combination or PIN is recorded on it. (Detach part 2A and wrap in Aluminum Foil, store in part 2, laminate part 2, and store in another safe) How do you store a SF-700 with PWs or PINs vs an SF-700 with combinations. In part 2A only system admin or operator account name followed by PW or PIN) When must SF-700s be inspected. When a real life even occurs that may jepordaize security. (Lock placed in use, someone whos knows combo no longer needs its, combo compromised, combo taken out of service, repair work on safe, at least 1 every two years etc.) Describe procedures to record and protect combinations, passwords, and PINs. Explain procedures for emergency access to containers and combinations To allow Emergency access, all COMSEC related combination, PWs, and PINs, must be recorded on SF-700 and the form properly stored. (To allow, part 2A from SF-700 is stored in another GSA approved container in a different location from where COMSEC is stored) What are combinations classified to. If individual letter access is used it is good Until the status of the individual changes If an access list is used It must be updated whenever the status of an individual changes or annually. Documents each time secure container lock is opened or closed. Optional Form 89: Security Container Records Form. Document repairs or mods to security container. True EX The process to access a TPI Space. DS The waiver Process 1) Allows account operations and management at times when certain matters of policy can not be otherwise sastitife 2) Strictly limited to duration of NO MORE THAN 1 YEAR by CNO 3) Are never auto renewed. Options: Zip lock bag, or binder with plastic documnet protector pages. True EX guidelines for emergency protection planning a. fire reporting and initial fire fighting by assigned personnel b. assignment of on the scene responbility for ensuring protection of COMSEC c. security or recmong classified comes material and evacuating d. protection of material when admission of outside emergency personnel into secure areas e. assessment and reporting of probale exposure of classiefed COMSEC material f. post emergency ivnetory of class comsec and CCI and reproting any losses or auanth exposure to appro authorities EX procedures to prepare for emergency protection. Guidelins for Emergency Protection Planning 1) Commands with classified comsec or CCI will prepare and maintain current written EAP 2) Person most familar writes EAP 3) COMSEC Manager is responsible for COMSE material portion of EAP 4) Any detachment must have own EAP (Plane, comms vehicle) 5) OCONUS commands must also have EDP for hostile actions 6) CONUS and OCONUS commands must have EAP for protection of COMSEC for natural disaster, 2 types of emergency destruction Precautionary: Not immediateley needed for continued operational effectiveness.COMSEC keying material, comsec related material, equipment 5 categories of emergency destruction Printed matter, classified crypto equipment, emergency destruction in aircraft, destruction aboard ship, and emergency destruction in mobile comm vehicles. Try to evacuate equipment but primary goal is make unusable and un repairable Procedures to Prepare for Emergency Protection 3 categories of COMSEC destruction: 1) COMSEC keying material 2) COMSEC-related material (maintainance materials, operating instructions) 3) Equipment An access list if the only method allowed for a CO to grant access in writing to a COMSEC user. False Modern Key that is Destroyed and not used is reported as. No, it's prohibited Regularly or inadvertently destroyed or modern seed keying material is not automatically resupplied by the CMIO, NSA, or NCMS? True. It must be ordered by the User Representative Modern key is always destroyed and must always be reordered. True Conversion from seeds to operational is reported back to COMSEC account with. KCN (Key Conversion Notice) Who is instrumental in management of Modern Key. CMDAUTHand User Representatives Are destruction reports required for Seed Key Conversion. No, but they ARE for failed conversion, or unused seed or operational key. Who should track expiration dates of all modern keys to prevent COMSEC incident. One year from the date it was GENERATED (end of month of generation). Not from when downloaded from server or when issued or loaded. Successful conversion of seed key is reflected in a Key Conversion Notice (KCN) from the: CF Can a device that uses a modern key continue to operate on expired key. Yes What type accounts are Command Authorities (CA or CMDAUTH) responsible for establishing and managing. User Representatives (URs) What COMSEC component includes secure storage, limited access, life-cycle accountability, and irretrievable destruction. Command Authority: Manages modern Key assets for a department, agency, or organization What best describes COMSEC. Denies adversaries access to info What is the protective meausre taken to ensure the authenticity of info. COMSEC What tier do LEs Reside? 3 What entity operates as part of NSA and functions as high volume key generation and distribution center. Central Facility (CF). Provides commands with keys currently produced by NSA that cannot be generated locally. Who is the end user responsible for proper use, accountablity, destruction, of material assigned to their control by COMSEC manager. LE CMCS consists of production facilities, COMSEC COR, distribution facilities, and COMSEC accounts. Operational Requirements Types of COMSEC equipment Encrypts and Descypts voice and data transmission. SKL Allowances Submit official message to request allowance increase CNO establishes allowances based on standard config Articles 402 and 403 in EKMS 5 ref equipment allowance increase You are authorized to recieved COMSEC from non DOD Accounts True Transfer equipment to non DON: NCMS authos transfers to non DON accounts Managers can be autho to transfer to non DON accounts Others componenets use SF-153 when sending equipment Relief of accountability is processed after autho from NCMS INE equipment designed specifically to secure both tactical and strategic network environments is knows as INE A short title consists of which type unique nomenclature. DD-1348 is used for faulty units) 2) Chapter 5 EKMS 5 NCMS Role in equipment Middle management, coordinates disposition, replacement, gives disposition instructions on failed equipment, authorization to ship COMSEC NAVSUP WSS Mechanicsburg Control center for NAVSEA NAVSUP WSS Phildelphia Control center for NAVAIR How many ways in embedded COMSEC handled? 2 COMSEC Accounting and Supply Develop SOP, supply generates requisition number, account manager and supply must work together, ship failed equipment with copy of DD-1348 and SF-153 Relationship between COMSEC Manager and Supply. Procedures to request disposition of failed or excess Embedded COMSEC equipment. Which of the following is not an essential player in Embeded COMSEC program Combat Weapons System Officer Article 610, EKMS 1 Guidance on validation Process Validation Requests Include type of transmission medium Commands for Validation message TO: line COMUSFLTFORCOM and COMPACFL PEARL HARBOR HI USN and MSC commands CMC C FOUR CY WASHINGTON DC USMC command COGARD C4ITSC Alexandria VA USCG command US contractors When valide need and clearly in best interest of Navy and Government, crypto, keying material, related COMSEC and access to classified US government trafic may be provided to US contractors PCO Responsible for submitting cryptographic material loan requests to NCMS NCMS Coordinates with CNO N2N6F14 to ensure their data remains in sync Also responsible for providing weekly status reports to CNO regarding temporary loans to contractors Is the ALC (Accounting Legend Code (ALC) a classification marking. Incoming CO should perform spot-check Consolidated inventory can only contain 2 types of inventories. Prior approval required and 30 day time frames required Failure to correct deficiencies in IRST results in delay of RCC and overall reconciliation of account During SAIR, Tier 2 will print and conduct inventory then submit completion to COR via Naval message or Physical Inventory Completion Notification Document (PICN) What material are inventoried and how often is the semi-annual inventory conducted. ALL, twice per year What best describes the purpose of the Inventory Reconciliation Status Transaction (IRST). Sight and report all items in units AIS and rectify discrepancies with the COR. False Not a required to gain access to classified COMSEC keying material. Designation as LE EAPs don't cover. Hostile Action Who must you receive authorization from to transfer equipment to non DON accounts. NCMS Storage containers for COMSEC material require a Form. Form 700, SF-702, OPNAV Form 89 Crosscut shredders are listed in NSA approved EPL The embedded COMSEC equipment will normally be a? CCI Semi annual inventory based on Account Number TPI must be applied to COMSEC material from time of receipt through time of destruction? !!!!That doesn not permit extraction of key. Whom do primary contracting officers submit requests for contractors to hold COMSEC. False Accounting Codes 1 2 4 6 7 SF-153 Inventory requires whos signature. CO Who required to sign Inventory for COC Outgoing CO, SCMSRO, or OIC equivalent who performs semi annual inventory. COMSEC account manager and a witness To initiate semi annual inventory, COR sends what. Complete Address COR Audit Teams Subject matter experts worldwide network COnduct account audits when requested by immediate superior in command (ISIC) Provide training to the CO Unauthorized absence of personnel who have access to keying material: Assess as NO COMPROMISE unless there is evidence of theft, loss of keying material, or defection True Which report is submitted for each COMSEC incident.