AFI 33-202: Network and Computer Security
AFI 33-202 is the basic Air Force directive for computer and network security. Compliance
ensures appropriate measures are taken to protect all Air Force information system resources and information effectively and efficiently. Appropriate levels of protection against threats and vulnerabilities for information systems prevent denial of service, corruption, compromise, fraud, waste, and abuse.
AFI 33-202 applies to all information systems, including information system components of weapon systems, information systems that provide the management infrastructure and connections among other information systems, and networks that are used to process, store, display, transmit or protect DoD information, regardless of classification or sensitivity.
The full standard may be found in AFI 33-202: Network and Computer Security. Items covered by AFI 33-202include:
- General Information
- Organizational Roles and Responsibilities
- Common Criteria
- Software Security
- Configuration Management
- Malicious Software (Virus, Worm, Trojan Horse, Logic Bomb) Protection
- Training
- Secret and Below Interoperability (SABI)
- Access to Information Systems and Networks
- Certification and Accreditation