Supplemental Budget Request

President's Statement on Supplemental Budget Request
January 25, 2005 STATEMENT BY THE PRESIDENT

When we decided to protect America from a gathering threat by removing Saddam Hussein from power, I made two fundamental pledges: First, our troops will have whatever they need to protect themselves and complete their mission; and second, the United States will stand with the Iraqi people and against the terrorists trying desperately to block democracy and the advance of human rights.

This supplemental budget request will fulfill these important pledges and again makes clear to terrorists that our resolve is firm and we will complete our mission.

Most of these funds will support American troops on the ground by continuing to provide them with the equipment and other supplies they need. The request also provides for the continued pursuit of al-Qaida and other terrorist elements in Afghanistan and elsewhere, while supporting the great progress Afghanistan has made toward joining the community of free nations. And resources are included to accelerate efforts to train and equip Iraqi and Afghan forces, so they can assume greater responsibility for their own security.

The supplemental also includes funding for other important priorities of American foreign policy, such as helping the Palestinian people build a democratic state, improving the economic and humanitarian situation of the Palestinian people, and bridging differences between Israelis and Palestinians.

I am grateful that Congress, in a strong bipartisan fashion, has consistently voted to support our troops, and I urge it to do so again. # # #

For Immediate Release Office of the Press Secretary January 25, 2005

National Security Agency, Central Security Service Extensible Configuration Checklist

National Security Agency, Central Security Service, NSA, CSS, Fort George G. Meade, Maryland 207755-6000

NSA PRESS RELEASE 24 January 2005 For further information, contact: NSA Public and Media Affairs, 301-688-6524

NSA and NIST Announce Public Availability of the Extensible Configuration Checklist Description Format (XCCDF)
The National Security Agency (NSA) and the National Institute of Standards and Technology (NIST) jointly announce the public availability of the specification for the Extensible Configuration Checklist Description Format (XCCDF). To promote the use, standardization, and sharing of effective security checklists, the NSA and NIST collaborated with representatives of private industry to develop the XCCDF specification.

The specification is vendor-neutral, flexible, and suited for a wide variety of checklist applications. The intent of the XCCDF is to provide a uniform foundation for expression of security checklists, benchmarks, and other configuration guidance, thereby fostering a more widespread application of good security practices. Such checklists can markedly reduce the vulnerability exposure of an organization when combined with well-developed guidance, accompanied with tools, and leveraged with high quality security expertise, vendor product knowledge, and operational experience.

The Cyber-Security Research and Development Act of 2002 tasked NIST to “develop and revise, as necessary, a checklist setting forth settings and option selections that minimize the security risks associated with each computer hardware or software system that is, or is likely to become, widely used within the Federal Government.” The XCCDF effort was born out of this mandate. A uniform and widely used format for security benchmarks, checklists, and related documents will help to improve security of government and private IT installations by enabling more timely and effective knowledge sharing and by fostering automated security testing and monitoring. NSA and NIST offer the XCCDF format to the public and the security community as such a format, and are prepared to work with the community to improve the specification.

The XCCDF specification document is available for download from the NIST security checklists web site. The site also offers access to a mailing list where industry and the public can make suggestions and comments about the specification. NSA and NIST look forward to working with the security community to make XCCDF a practical and useful data format for the security needs of the public and private sectors.

About the Organizations:

As a non-regulatory agency of the U.S. Department of Commerce’s Technology Administration, the NIST develops and promotes measurement, standards and technology to enhance productivity, facilitate trade and improve the quality of life.

NSA has served as America’s codemakers and codebreakers for over 50 years. Under its mandate to protect national security communications, the agency conducts research and development activities in the area of information technology and network security.

America's Codemakers and Codebreakers ##