A sort of sister set of codes to FPCON
, INFOCON is the Information Operations Condition
level system. The military
characterizes INFOCON as "a comprehensive defense
posture and response system based on the status of information systems
, military operations, and intelligence
assessments of adversary capabilities and intent The INFOCON system presents a structured, coordinated approach to defend against a computer network
As with FPCON, there are five levels of security:
is established if there is no significant threat of terrorist
activity against defense computer networks. All points of access and their operational necessity are identified, as is operational importance of all information and information systems. An effective password
management system is established, normal auditing takes place, and training proceeds as scheduled.
indicates an increased risk of attack. This results in increased intelligence watch and heightened security measures. All Department of Defense
computer end user
s are responsible for keeping their systems secure, and should use caution when accepting information from unknown sources. Use of the Internet is limited to official government business, and access to certain sites may be restricted. End users are also instructed to back up critical files to removable media
. System administrators review audit logs of servers for unusual or malicious activity.
is established when there is specific
risk of attack. The Computer Network Defense
system is set to increased readiness, and an immediate internal security review is performed on critical systems. Unclassified dial-up connections are disconnected.
is used when a limited attack has taken place, but the CND system is not put to full readiness. Mission critical
communications are routed through unaffected systems, and non-critical networks may be disconnected. Alternative modes of communication may be used, and access points will be limited.
is used for general attacks, and the CND system is at maximum readiness. Applicable portions of the Continuation of Operations Plan
are enacted, and procedures are executed for graceful degradation
of information systems. Compromised systems are isolated from the rest of the network.
, many Department of Defense facilities operate at INFOCON ALPHA on a regular basis.