Task Area 13 - Security Engineering Certification and Accreditation 

This task area addresses planning, design, development, testing, demonstration, rapid prototyping, integration, site survey, installation, operation and maintenance of C2 communications, displays, firewall/guards, intrusion detection systems, and information sensors of computer/network systems and infrastructure operations.  This includes the protection and sustainment of the information assurance requirements for system and information availability, access control, integrity, confidentiality and non-repudiation; protection of the operating environments and software, including network, operating systems and databases; integration and implementation of information assurance features for client-server and web enterprises; participation in the planning and performance of Security Test & Evaluation (ST&E), Modified Developmental Tests (MDT), and other testing scenarios; support for implementation of user, server and object certificates and other identification and authentication infrastructure elements; and support for DoD Public Key Infrastructure (PKI) implementation strategies.

Intrusion Detection and Prevention  Identify how firewall/guards, intrusion detection systems and information sensors of computer/network systems and infrastructure operations will protect and sustain the information assurance requirements for system and information availability, access control, integrity, confidentiality and non-repudiation for these environments.

PKI Environment  Identify standard data formats, translation responsibilities, data storage and access methods, conversion methods from original formats, governance of authoritative sources for conversion, and identify how that impacts the implementation of the DoD PKI environment.

Information Assurance (IA)  Identify information assurance features for client/server and web enterprises; provides for participation in the planning and conduct of ST&E, MDT and other testing scenarios; and support implementation of user, server and object certificates, and other identification and authentication infrastructure elements incorporating automated methods.

Security Engineering  Provide security engineering support for planning, design, development, testing, demonstration, rapid prototyping, integration, site survey, installation, operation and maintenance of command and control communications, displays, firewall/guards, intrusion detection systems and information sensors of computer/network systems and infrastructure operations.