215 - English, February
215 - English, June
215 - English, September
The EMSEC course is a basic level course providing participants with an awareness of emission and TEMPEST security. The course provides an introduction to Radio-Frequency (RF) and electromagnetic fields and explains how compromising emanations (CE) from Information Technology (IT) equipment processing classified data can be unintentionally exfiltrated from restricted security zones.
Participants will become familiar with some of the techniques used by threat actors to exploit both spatially and conducted emanations, and will be presented with security control measures that could mitigate vulnerabilities and improve the departmental EMSEC posture.
- To recognize the emission vulnerabilities inherent in IT equipment that may allow CE to escape secure GC facilities
- To introduce ITSG-11A as a publication that provides guidance to Departmental COMSEC Authorities (DCAs) concerned with achieving an acceptable EMSEC posture
- To describe basic countermeasures to prevent unauthorized access to and exploitation of CE
- To describe the basic elements of an EMSEC Facility Evaluation
This course is non-technical in nature and requires only a basic understanding of RF and electromagnetic fields. Any GC employee or contractor who work at facilities where IT systems process classified or sensitive information would benefit from this course. GC employees who work at such facilities, especially in urban areas in close proximity to public areas, should also consider taking this course.
- Course 104 - IT Security Risk Management: A Lifecycle Approach (ITSG-33)
- Harmonized Threat and Risk Assessment (HTRA) offered by Canada School of Public Service #A341