How to achieve DoD 8570 IAT level I compliance
A part of the larger Department of Defense (DoD) Directive to provide guidance and procedures for the training, certification, and management of all government employees working in the DoD’s technical environment, the DoD IAT Level I policy governs the Information Assurance Training (IAT) expected of individuals in specific security positions. Created to be inclusive of both military, contractor, and civilian employees with access to DoD systems and performing information assurance functions, the DoD 8570 directive includes three levels that are cumulative in function. In other words, working at IAT Level II or Level III positions requires mastery of the functions of the preceding levels.
DoD IAT level I requirements
Compliance with DoD IAT Level I can be met by successfully obtaining one of four certifications aligned to the IAT Level I model approved by the DoD. The directive does not outline how an individual must train for the certifications or what specific experience is needed outside of that provided by the body governing the certification itself, including any continuing education required to maintain an active status.
DoD employees and contractors performing IA functions must achieve Level I compliance within 6 months of their assignment to an IA duty unless a waiver is granted. Those unable to meet or maintain DoD IAT Level I compliance standards should lose their privileged access to DoD systems until they can do so.
DoD IAT Level I information assurance functions
The professionals are serving in DoD IAT Level I positions work to make the computing environment less vulnerable by correcting system flaws and implementing basic security controls. Individuals working in positions that fall within Level I normally have 0 to 5 years of experience in information assurance and can apply basic knowledge of security concepts and practices in a computer environment. Staff in these roles work under the supervision of a manager with actions having to be authorized by more senior staff.
Specific IAT Level I functions outlined in the DoD 8570 policy include, among others, the ability to:
- Recognize a potential security violation, take appropriate action to report the incident as required by regulation, and mitigate any adverse impact.
- Provide end-user IA support for all CE operating systems, peripherals, and applications
- Support, monitor, test, and troubleshoot hardware and software IA problems pertaining to their CE.
- Conduct tests of IA safeguards in accordance with established test plans and procedures.
- Comply with system termination procedures and incident reporting requirements related to potential CE security incidents or actual breaches.
- Install, test, maintain, and upgrade CE operating systems software and hardware to comply with IA requirements.
- Implement applicable patches including IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), and technical advisories (TA) for the CE operating system(s).
- Install and operate the IT systems in a test configuration manner that does not alter the program code or compromise security safeguards.
Given the information assurance functions listed above, personnel typically are hired into positions such as:
- Security Analyst
- System Administrator
- Application Administrator
- Network Administrator
- Help Desk Technician
- Information Systems Technician
- IT Support Specialist
- Network Technician/Engineer
- Information Security Consultant
- Network Analyst
- Computer Technician
DoD IAT Level I certifications overview
Certifications that align to IAT Level I include the CompTIA A+, CompTIA Network+, (ISC)2 Systems Security Certified Practitioner (SSCP), and Cisco Certified Network Associate (CCNA) Security, although only achievement of one is needed to reach compliance.
The CompTIA A+ certification is widely seen as a strong starting point for a career in information technology. The exam focuses heavily on the practice of IT operations, including technical support, troubleshooting, and installation of a wide range of hardware, software, mobile devices, and network tools. Holders of the certification have proven they have the ability to explain, use, and maintain the varied types of operating systems, networks, and security devices as well as follow best practices for safety and professionalism. CompTIA recommends at least 9 months of related experience, but, given the wide range of topics and the depth of the material, a CompTIA A+ Learning Path like that offered by Infosec should provide a solid foundation.
The CompTIA Network+ certification ensures that a professional has the knowledge and skills to design and build functional networks, configure and manage network devices, and troubleshoot many network problems. The Network+ also covers emerging technologies such as mobile, cloud, and virtualization with at least 9 months of experience recommended before sitting for the test. The Infosec CompTIA Network+ Learning Path offers on-demand training, resources and practice exams to help prepare for the 90-question exam.
(ISC)2 Systems Security Certified Practitioner (SSCP)
The SSCP certification recognizes individuals have the technical and practical experience needed to implement, monitor, and administer an IT infrastructure using security practices. The certification exam requires candidates to have at least one year of cumulative work experience in one of the seven SSCP Common Body of Knowledge domains or an experience waiver for candidates with a bachelors or masters degree in a cybersecurity program. The domains of knowledge include the basics of cryptography and malware, network monitoring, troubleshooting, and communications, and backup and disaster recovery. Learn more about the SSCP accreditation and what salaries holders can expect to earn via the Infosec SSCP 2018 Salary Survey.
Cisco Certified Network Associate (CCNA) – Security
Obtaining a CCNA Security certification confirms that the holder has the knowledge and skills required to secure Cisco networks and devices. In particular, this certification validates that one has the ability to develop a secure infrastructure, protect against threats and vulnerabilities in networks, and remediate and mitigate them. Other topics include how to install, troubleshoot, and monitor the network and the devices on them to maintain data confidentiality, integrity, and availability. The certification is valid for three years and requires any other Cisco certification as a prerequisite. The Infosec’s CCNA Security Training Boot Camp goes in-depth into the techniques used to thwart attacks with engaging lectures and hands-on lab exercises.