430 T2DQ2

Riri01
T2DQ2morereplies.docx
Home>Information Systems homework help>430 T2DQ2

Aaron

DISA is part of the DoD which is a combat support agency that provides IT and communication support to all institutes and individuals working for the DoD (Foster, S. 2019). DISA stands for Defense Information Systems Agency and STIG stands for Security Technical Implementation Guide. There are three compliance levels that are called categories that are Category I, Category II, and Category III. Category I is when a vulnerability will directly and immediately result in loss of confidentiality, availability, or integrity. These are the most severe which can result in the loss of life, damage to facilities, or a mission failure. Category II can result in the loss of confidentiality, availability, or integrity. These vulnerabilities can lead to a Category I, result in personal injury, damage to equipment or facilities or degrade a mission. Category III is when any vulnerability degrades measures to protect against loss of confidentiality, availability, or integrity. These vulnerabilities can lead to a Category II, delay in recovering from an outage and affect the accuracy of data and information.

Shauna

DISA is part of the Department of Defense (DoD). It's a combat support agency that provides IT and communication support to all institutes and individuals working for the DoD. DISA oversees the IT and technological aspects of organizing, delivering, and managing defense-related information. There are different categories are category I, category II, and category III. Category I refers to any vulnerability that will directly and immediately result in loss of confidentiality, availability, or integrity. Category II refers to any vulnerability that can result in loss of confidentiality, availability, or integrity. Category III refers to any vulnerability that degrades measures to protect against loss of confidentiality, availability, or integrity. These could be applied in a public organization because these Categories do not just apply to the DoD they can be applied to any organization. One would not want to have their system become vulnerable or have confidential information exposed such as credit card information or addresses.