Which of the following DoD policies establishes policies and assigns responsibilities to achieve
DoD IA through a defense-in-depth approach that integrates the capabilities of personnel,
operations, and technology, and supports the evolution to network-centric warfare?
A.
DoDI 5200.40
B.
DoD 8500.1 Information Assurance (IA)
C.
DoD 8510.1-M DITSCAP
D.
DoD 8500.2 Information Assurance Implementation
Explanation:
DoD 8500.1 Information Assurance (IA) sets up policies and allots responsibilities to
achieve DoD IA through a defense-in-depth approach that integrates the capabilities of personnel,
operations, and technology, and supports the evolution to network-centric warfare. DoD 8500.1
also summarizes the roles and responsibilities for the persons responsible for carrying out the IA
8500.1. It provides assistance on how to implement policy, assigns responsibilities, and prescribes
procedures for applying integrated, layered protection of the DoD information systems and
networks. DoD Instruction 8500.2 allots tasks and sets procedures for applying integrated layered
protection of the DOD information systems and networks in accordance with the DoD 8500.1
is incorrect. DoDI 5200.40 executes the policy, assigns responsibilities, and recommends
procedures under reference for Certification and Accreditation(C&A) of information technology
accreditation, and establishes a process and management baseline.