Critical infrastructure : homeland security and emergency preparedness

Content: Introduction to Critical Infrastructure Preparedness    Homeland Security Presidential Directives (HSPD)   What Is Critical Infrastructure?   What Is the Private Sector?   What Is the Public Sector?   What Is Critical Infrastructure Protection?    What Is Critical Infrastructure Preparedness?    Critical Infrastructure Functions    Origins of Critical Infrastructure     Regulations and Legislation    What Are the Categories of the Laws Listed?    Border Security and Immigration    Communications and Network Security   Cyberterrorism    Infrastructure    Domestic Safety and Security   Economic and Financial Security    Emergency Preparedness and Readiness    Medical and Health Care Security    Transportation Security (Includes Maritime Security)   Hazardous Materials      National Response Plan (NRP)    What Is the National Response Plan (NRP)?   NRP Training    How Does the NRP Tie in with Emergency Management?   NRP Subcategories   Emphasis on Local Response    What Is the Purpose of the NRP?    Tie between NRP and NIMS   Multiagency Command Structure Coordination   Coordination Responsibilities    Updates to the NRP    Incident Command Structure of the NRP    Levels of Authority    Key Concepts in the Implementation of the NRP    Roles and Responsibilities    Roles of the Federal Government   NRP Emergency Support Functions (ESFs)   Scope of ESFs      National Incident Management Systems (NIMS)   What Is NIMS?    Compliance   Flexibility    Standardization   NIMS Represents Best Practices    Components of NIMS   Command and Management    Preparedness   Benefits from Using NIMS   Resource Recovery   Communications and Information Management    Supporting Technologies   Ongoing Management and Maintenance   Command Structuring under NIMS    Incident Command System (ICS)   ICS Features   Common Terminology    Organizational Resources   Manageable Span of Control    Accountability    Integrate Communications Capabilities   Incident Action Plan   Management Command, Coordination, and Control Structures   Unified Command   Area Command    Multiagency Coordination Systems   Emergency Operations Centers   Incident Responsibilities    Postincident Responsibilities    Public Information Systems   Joint Information Systems (JIS)    Joint Information Centers (JIC)   JIC Levels   JIC Organizational Structure   Preparedness and Readiness    Preparedness Organizations    Preparedness Planning and Coordination    Types of Preparedness Plans   Emergency Operations Plan    Training and Exercise Drills    Personnel Qualification and Certification   Equipment and Hardware Certification    Mutual-Aid Agreements   Standby Contracts    Publication Management   Resource Management   Effectively Managing Resources    Communications and Information Management Principles     Incident Command Systems (ICS)   What Is NIMS and ICS?   What Is an Incident?    What Is an Incident Command System (ICS)?   What Is NIMS ICS?   History of ICS   FIRESCOPE   National Interagency Incident Management System (NIIMS)   Weaknesses Addressed by Using an ICS   Benefits of Using an ICS   ICS Framework    Applications for the Use of ICS    ICS Management Characteristics   Understanding the ICS Organization   ICS Management Functions   ICS Sections   What Is Span of Control?    ICS Position Titles    ICS Organizational Components    Unified Command   The Incident Commander    Command Staff    General Staff    Operations Section    Planning Section    Incident Action Plan   Logistics Section    Finance/Administration Section   ICS Area Command   Communications within the ICS   Incident Facilities    Differences between NIMS ICS and FIRESCOPE/NIIMS ICS   NIMS ICS Training   How ICS Integrates with Critical Infrastructure      Emergency Preparedness and Readiness (EMR)    Office for Domestic Preparedness    First Responder    First Responder Classifications   Guideline Classifications   North American Emergency Response Guidebook (NAERG)    Awareness Level Guidelines    Performance Level Guidelines   Operational Levels Defined    Level A: Operations Level    Level B: Technician Level    Know Protocols to Secure, Mitigate, and Remove Hazardous Materials   Additional Protective Measures   Understand Development of the Incident Action Plan   Know and Follow Procedures for Protecting a Potential Crime Scene    Know Department Protocols for Medical Response Personnel    National Fire Prevention Association 472   Occupational Safety and Health Administration Hazardous Waste Operations and Emergency Response   Skilled Support Personnel   Specialist Employee    Department of Transportation (DOT) Hazardous Materials (HAZMAT) Classifications   Importance of Implementing an Emergency Response Plan     Security Vulnerability Assessment (SVA)   What Is a Risk Assessment?   Methods of Assessing Risk   Threat Risk Equations   Comparison of Quantitative vs. Qualitative Risk Assessments    Challenges Associated with Assessing Risk   Other Factors to Consider When Assessing Risk   What Is an SVA?   Reasons for Having an SVA   What Is a Threat?   What Is Vulnerability?    Countermeasures    Vulnerability Assessment Framework (VAF)    Reasons for Using the VAF    Federal Information Systems Control Auditing Manual (FISCAM)   General Methodologies of FISCAM Auditing    What Are General Controls?   What Are Application Controls?   Caveats with Using an SVA   How the SVA Is Used   Audience of an SVA    Initial SVA Plan    Necessary Steps of an SVA    Critical Success Factors    VAF Methodology   Initial Steps of the VAF    VAF Step 1: Establish the Organization Minimum Essential Infrastructure (MEI)    VAF Step 2: Gather Data to Identify MEI Vulnerabilities    VAF Step 3: Analyze, Classify, and Prioritize Vulnerabilities     Standards and Guidelines    About the National Fire Prevention Association (NFPA)   North American Electric Reliability Council (NERC)    American Gas Association (AGA)    Instrumentation, Systems, and Automation Society (ISA)    American Petroleum Institute (API)   Chemical Industry Data Exchange    ISO 15408    NIST PCSRF   Health Insurance Portability and Accountability Act (HIPAA)   Patient Safety and Quality Improvement Act (PSQIA)    Gramm-Leach-Bliley Act (GLBA)    Sarbanes-Oxley Act    The American National Standards Institute (ANSI)   Federal Information Processing Standards (FIPS)    National Standards Systems Network    BSR/ASCE/AEI XX-2006   BSR T1M1-27-200X   BSR X9.49-200X    ASTM F1756-97A (2002)      Information Sharing and Analysis Centers (ISAC)    What Is a Critical Infrastructure Asset?    What Is an ISAC?    Advantages of Belonging to an ISAC   Access to ISAC Information   Expanded ISAC Services    Surface Transportation ISAC (ST-ISAC)    Public Transportation ISAC (PT-ISAC)    American Public Transportation Association (APTA)    Association of American Railroads (AAR)   Transportation Technology Center, Inc. (TTCI)   Railinc    Water ISAC    Association of State Drinking Water Administrators (ASDWA)   Water Environment Research Foundation (WERF)    Association of Metropolitan Water Agencies (AMWA)    Association of Metropolitan Sewage Agencies (AMSA)    National Association of Water Companies (NAWC)    American Water Works Association (AWWA)   AWWA Research Foundation (AWWARF)   Financial Services ISAC (FS-ISAC)    Science Applications International Corporation (SAIC)   Electricity Sector ISAC (ES-ISAC)   Emergency Management and Response ISAC (EMR-ISAC)    Information Technology ISAC (IT-ISAC)    National Coordinating Center for Telecommunications (NCC-ISAC)   Communications Resource Information Sharing (CRIS)   Government Emergency Telecommunications Service (GETS)    Telecommunications Service Priority (TSP)    Shared Resources High Frequency Radio Program (SHARES)    Network Reliability and Interoperability Council (NRIC)    National Security Telecommunications Advisory Committee (NSTAC)   Wireless Priority Services (WPS)   Alerting and Coordination Network (CAN)   Energy ISAC    Chemical Sector ISAC (CHEM-ISAC)    Chemical Transportation Emergency Center (CHEMTREC)    Healthcare Services ISAC (HCISAC)    Highway ISAC   Cargo Theft Information Processing Systems (CargoTIPS)    American Trucking Associations (ATA)   HighwayWatch   Food and Agriculture ISAC   Food Marketing Institute (FMI)   Multi-State ISAC (MS-ISAC)   ISAC Council (ISAC-ISAC)   World Wide ISAC (WW-ISAC)   Real Estate ISAC (RE-ISAC)    The Real Estate Roundtable    Research and Educational Networking ISAC (REN-ISAC)    Biotechnology and Pharmaceutical ISAC (BioPharma ISAC)    Maritime ISAC (M-ISAC)    Maritime Security Council (MSC)    Marine Transportation System National Advisory Council     Supervisory Control and Data Acquisition (SCADA)   What Are Control Systems?    Types of Control Systems   Components of Control Systems    Vulnerability Concerns about Control Systems    Adoption of Standardized Technologies with Known Vulnerabilities    Connectivity of Control Systems to Unsecured Networks   Implementation Constraints of Existing Security Technologies    Insecure Connectivity to Control Systems   Publicly Available Information about Control Systems    Control Systems May Be Vulnerable to Attack   Consequences Resulting from Control System Compromises    Wardialing   Wardriving   Warwalking    Threats Resulting from Control System Attacks    Issues in Securing Control Systems   Methods of Securing Control Systems    Technology Research Initiatives of Control Systems    Security Awareness and Information Sharing Initiatives   Process and Security Control Initiatives    Securing Control Systems    Implement Auditing Controls    Develop Policy Management and Control Mechanisms   Control Systems Architecture Development    Segment Networks between Control Systems and Corporate Enterprise   Develop Methodologies for Exception Tracking   Define an Incident Response Plan   Similarities between Sectors     Critical Infrastructure Information (CII)    What Is Critical Infrastructure Information?    How Does the Government Interpret CII?   Exemption 3 of the Freedom of Information Act   Exemption 4 of the Freedom of Information Act   Section 214 of the Homeland Security Act    Enforcement of Section 214 of the Homeland Security Act   What Does Sensitive, But Unclassified Mean?    Information Handling Procedures    Freedom of Information Act   Need-to-Know    \"For Official Use Only\" (FOUO)   Enforcement of FOUO Information   Reviewing Web Site Content   Export-Controlled Information   Enforcement of Export-Controlled Information    Source Selection Data   Enforcement of Source Selection Data    Privacy Information    Enforcement of Privacy Information   Unclassified Controlled Nuclear Information (UCNI)    Enforcement of UCNI    Critical Energy Infrastructure Information (CEII)   Enforcement of CEII    Lessons Learned Program    INFRAGARD    Index