20111223_US-Army_Regulation_380-53_Communications-Security-Monitoring.pdf

(97 KB) Pobierz
Army Regulation 380–53
Security
Communications
Security
Monitoring
Headquarters
Department of the Army
Washington, DC
23 December 2011
UNCLASSIFIED
SUMMARY of CHANGE
AR 380–53
Communications Security Monitoring
This major revision, dated 23 December 2011--
o
Renames Land Information Warfare Activity to 1st Information Operations
Command (para 1-4e(3)).
Explains specific communications security monitoring activities (chap 2).
Identifies the new military occupational specialties for communications
security monitoring (para 2-4h(2)).
Adds information operations Red Team activities (chap 3).
Removes the requirement to obtain permission from the Assistant Secretary of
Defense for Networks and Information Integration to conduct communications
security monitoring in the National Capital Region (throughout).
Makes administrative changes (throughout).
o
o
o
o
o
Headquarters
Department of the Army
Washington, DC
23 December 2011
*Army Regulation 380–53
Effective 23 January 2012
Security
Communications Security Monitoring
contained in this regulation may be modi-
fied by the proponent.
Proponent and exception authority.
The proponent of this regulation is the
Deputy Chief of Staff, G–2. The propo-
nent has the authority to approve excep-
tions or waivers to this regulation that are
consistent with controlling law and regu-
lations. The proponent may delegate this
approval authority, in writing, to a divi-
sion chief within the proponent agency or
its direct reporting unit or field operating
agency, in the grade of colonel or the
civilian equivalent. Activities may request
a waiver to this regulation by providing
justification that includes a full analysis of
the expected benefits and must include
formal review by the activity’s senior
legal officer. All waiver requests will be
endorsed by the commander or senior
leader of the requesting activity and for-
warded through their higher headquarters
to the policy proponent. Refer to AR
25–30 for specific guidance.
Army internal control process.
This
regulation contains internal control provi-
sions and identifies key internal controls
that must be evaluated (see appendix C).
Supplementation.
Supplementation of
this regulation and establishment of com-
mand and local forms are prohibited with-
out prior approval from the Deputy Chief
of Staff, G–2 (DAMI–CDS), 1000 Army
Pentagon, Washington, DC 20310–1000.
Suggested improvements.
Users are
invited to send comments and suggested
improvements on DA Form 2028 (Recom-
mended Changes to Publications and
Blank Forms) directly to Headquarters,
Department of the Army, Deputy Chief of
Staff, G–2 (DAMI–CDS), 1000 Army
Pentagon, Washington, DC 20310–1000.
Distribution.
This publication is availa-
ble in electronic media only and is in-
tended for command levels A, B, C, D,
and E for the active Army, the Army Na-
tional Guard/Army National Guard of the
United States, and the U.S. Army
Reserve.
History.
This publication is a major
revision.
Summary.
This regulation prescribes
U.S. Army policy for communications se-
curity monitoring. It implements NTISSD
600 and DODI 8560.01.
Applicability.
This regulation applies to
the active Army, the Army National
Guard/Army National Guard of the United
States, and the U.S. Army Reserve, unless
otherwise stated. During mobilization or
national emergency, chapters and policies
Contents
(Listed by paragraph and page number)
Chapter 1
Introduction,
page 1
Purpose • 1–1,
page 1
References • 1–2,
page 1
Explanation of abbreviations and terms • 1–3,
page 1
Responsibilities • 1–4,
page 1
Chapter 2
Objectives and Requirements,
page 2
Introduction • 2–1,
page 2
Objectives • 2–2,
page 3
Authorization to conduct communications security monitoring • 2–3,
page 3
Prerequisites • 2–4,
page 3
Training and standards for communications security monitoring • 2–5,
page 4
*This regulation supersedes AR 380–53, dated 29 April 1998.
AR 380–53 • 23 December 2011
i
UNCLASSIFIED
Contents—Continued
Certification of notification procedures • 2–6,
page 5
Use of monitoring products • 2–7,
page 5
Acquisition of signals during maintenance and testing • 2–8,
page 7
Foreign language communications • 2–9,
page 7
Conduct of communications security monitoring, information operations Red Team activities, and Computer Defense
Assistance Program • 2–10,
page 7
Prohibitions on communications security monitoring, information operations Red Team, or penetration testing • 2–11,
page 7
Communications security monitoring operations • 2–12,
page 7
Communications security monitoring working materials • 2–13,
page 8
Communications security monitoring reports • 2–14,
page 9
Safeguarding communications security monitoring equipment • 2–15,
page 9
Chapter 3
Information Operations Red Team,
page 10
Explanation • 3–1,
page 10
Attributes of effective Red Team activities • 3–2,
page 10
Authorization to conduct red teaming • 3–3,
page 10
Training and standards for Red Team activities • 3–4,
page 10
Red Team operations • 3–5,
page 11
Red teaming reports • 3–6,
page 12
Chapter 4
Computer Defense Association Program,
page 12
Introduction • 4–1,
page 12
Objective • 4–2,
page 12
Scope • 4–3,
page 12
Authorization • 4–4,
page 13
Computer Defense Association Program • 4–5,
page 13
Computer Defense Association Program network assistance visit • 4–6,
page 14
Penetration testing scope • 4–7,
page 15
Computer Defense Assistance Program persistent penetration testing • 4–8,
page 15
Chapter 5
Reporting violations,
page 16
Oversight • 5–1,
page 16
Reporting violations • 5–2,
page 16
Appendixes
A.
B.
C.
References,
page 17
Forms of Monitoring Notification,
page 20
Internal Control Evaluation,
page 20
Figure List
Figure 4–1: Program organization and structure,
page 15
Glossary
ii
AR 380–53 • 23 December 2011
Chapter 1
Introduction
1–1. Purpose
This regulation sets forth policies, responsibilities, and procedures for conducting communications security (COMSEC)
monitoring, information operations (IO) Red Team activities, and Computer Defense Association Program (CDAP)
activities within the Army and in support of Joint and combined operations and activities. This regulation implements
Department of Defense instruction (DODI) 8560.01 and National Telecommunications and Information Systems
Security Directive (NTISSD) 600. The principles of this regulation apply to all forms of COMSEC monitoring
conducted by Army elements.
1–2. References
Required and related publications and prescribed and referenced forms are listed in appendix A.
1–3. Explanation of abbreviations and terms
Abbreviations and special terms used in this regulation are explained in the glossary.
1–4. Responsibilities
a. General Counsel.
The GC will—
(1) Review Department of the Army COMSEC monitoring policy for compliance with public law and national and
Department of Defense (DOD) policies and regulations.
(2) Review and certify, in writing, biennially, that COMSEC monitoring notification procedures in effect are
adequate throughout the Army.
(3) Review and approve COMSEC monitoring results for court use, in the event such results must be used for
criminal prosecution.
(4) Review all requests for proposed COMSEC monitoring exercises, to include requests that are not based on an
Army command (ACOM), Army service component command (ASCC), or direct reporting unit (DRU) request for
approval (granted by the Deputy Chief of Staff, G–2 (DCS, G–2)).
b. The Judge Advocate General.
TJAG will review all ACOM, ASCC, and DRU requests to conduct COMSEC
monitoring exercises prior to DCS, G–2 approval.
c. The Inspector General.
TIG will provide oversight of the Army’s COMSEC monitoring program to ensure
regulatory compliance.
d. Deputy Chief of Staff, G–2.
As the Secretary of the Army’s single designee for COMSEC monitoring, the DCS,
G–2 will—
(1) Develop, promulgate, and maintain Army COMSEC monitoring policy.
(2) Grant waivers and exceptions to Army COMSEC monitoring policy after obtaining legal review from the GC
and TJAG.
(3) Review and approve biennial requests from ACOMs, ASCCs, and DRUs to perform COMSEC monitoring.
(4) Certify the adequacy of Army COMSEC monitoring notification procedures of other DOD agencies when the
Army monitoring elements operate jointly with DOD in support of Joint, combined, or multinational operations.
(5) Represent and defend the Army’s interests pertaining to COMSEC monitoring at national and DOD Service
meetings and working groups.
(6) Notify ACOM, ASCC, and DRU commanders before authorizing COMSEC monitoring that is not based on an
ACOM, ASCC, or DRU request.
e. Commanding General, U.S. Army Intelligence and Security Command.
The CG, INSCOM will—
(1) Provide Army support to the Joint COMSEC monitoring activity according to the most current Joint COMSEC
monitoring activity memorandum of agreement.
(2) Develop and disseminate the Army’s techniques for conducting COMSEC monitoring.
(3) Through the commander, 1
st
Information Operations Command (1
st
IO CMD), develop and disseminate for the
Army, techniques and procedures for conducting Information System (IS) security penetration and verification testing
as it pertains to applicable phases of CDAP (see chap 4).
f. Commanding General, U.S. Army Training and Doctrine Command.
The CG, TRADOC will—
(1) Develop, produce, and maintain an exportable standardized COMSEC monitoring training package to address the
provisions of this regulation.
(2) Coordinate with the CG, INSCOM to incorporate results outlined in paragraphs 1–4e(2) and 1–4e(3) into the
standardized training package.
g. Chief Information Officer/G–6.
The CIO/G–6 maintains overall responsibility and oversight for policy and
management of the Army computer emergency response team (ACERT) program. The CIO/G–6 will—
AR 380–53 • 23 December 2011
1

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin