Detect, Analyze and Mitigate Intrusions

Abstract

Provide cybersecurity activities including: Federal Incident Response Centers; National Institute of Standards for Technology (NIST) SP 800.53 Implementation; Cyber Threat Analysis; Cyber Continuity of Operations (COOP); Incident Response and Remediation; Forensics and Damage Assessment; and Computer Emergency Response Teams. Specific and/or unique accomplishments to each FY are as follows: Recurring Activities for the Detect, Analyze and Mitigate Intrusions Accomplishment: -Test Risk Management Framework (RMF) controls on all IT supporting research, development, test and evaluation and DoD-controlled IT operated by a contractor or other entity on behalf of DoD and reported. -Conduct RMF analysis and reporting for the BMDS such as evaluation of residual risk by incorporating current and proposed BMDS monitoring and mitigations. -Maintain MDA Computer Emergency Response Team (MDA CERT) as a fully accredited Tier II Computer Network Defense Service provider (CNDSP) in accordance with CJCSI 6510.01F and DoD O-8530.1. -Perform CNDSP services (protect, detect, respond and sustain) for all MDA Admin/General Services, MDA Mission and test networks and enclaves 24 hours per day, seven days a week, 365 days a year. -Conduct application testing that looks for vulnerabilities and issues using a number of tactics, technical and procedures. -Conduct vulnerability scanning of MDA network to assess risks to MDA data from inside and outside sources. -Conduct monthly information assurance vulnerability audits. -Issue and track implementation of Information Assurance Vulnerability Alerts (IAVA), Bulletins and Technical Advisories. -Implement Information Assurance Vulnerability Alerts (IAVA) and Communication Tasking Orders remediation and patches. -Perform network security monitoring of all MDA subscriber networks and enclaves. -Conduct system forensic analysis, review content of compromised system, document files and data, and identify tactics, techniques and procedures used by an attacker to gain access. -Develop and maintain the RMF package for the BMDS Mission System to support a full Authorization to Operation (ATO). -Compile and validate BMDS Mission Element-level certification and accreditation documents to include BMDS Element-level System Implementation Plans (SIPs), DoD Information Assurance Certification and Authorization Process (DIACAP) Implementation Plans (DIPs), Certification and Authorization (C&A) Scorecards, Plan of Action and Milestone (POA&M) artifacts and Control Validation Testing (CVT). -Ensure MDA mission, test, and administrative systems are operated securely in accordance with DoD Information Assurance Certification and Accreditation policies. -Prepare and maintain current certification and accreditation documentation for general service networks reported to DoD and Office of Management and Budget (OMB). Specific and/or unique accomplishments to each FY are as follows:

Document Details

Document Type

Accomplishment

Publication Date

Oct 01, 2021

Source ID

eead05b87215e02140dcc08befb88a77

Tags

Related Documents

• Root: BMD Enabling Programs