• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/37

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

37 Cards in this Set

  • Front
  • Back
107.1 Define IA.
Information Operations that protect and defend data and Information Systems (IS) by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation.
107.2 Define Certification.
Comprehensive evaluation of the technical and non-technical security features of an information system and other safeguards, made in support of the accreditation process, to establish the extent that a particular design and implementation meets a set of specified security requirements.
107.2 Define Accreditation.
Formal declaration by the DAA that an information system is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk.
107.2 Define DAA (Designated Accrediting Authority).
The official with the authority to formally assume responsibility for operating a system at an acceptable level of risk. DAAs accredit IT system security postures throughout the system development lifecycle and in accordance with risk-management principles.
107.2 Define System Security Plan.
A formal document that fully describes the planned security tasks required to meet system or network security requirements.
107.2 Define ATO (Approval To Operate).
The formal declaration by the DAA that an Information System is approved to operate in a particular security mode using a prescribed set of safeguards.
107.2 Define IATO (Interim Approval To Operate).
Temporary authorization granted by a DAA for an information system to process classified information based on preliminary results of a security evaluation of the system.
107.2 Define Configuration Management.
Identifies, controls, accounts for, and audits all changes to a site or information system during its design, development, and operational life-cycle.
107.3 Discuss security procedures involved when performing cross-domain transfers.
The DAA Rep/SCO and ISSPM/ISSM must approve the procedures and individuals involved.
The media to be used in the process must be nor an approved transfer disk that has been virus checked.
Transfer information onto the media.
Perform scanning of the media for viruses.
When possible, ensure the transfer media is adequately write-protected if it is to remain classified at the lower level.
If the write-protect mechanism on the media is securely maintained, the media may remain at its lower classification level.
If the write protect mechanism is not correctly maintained, the media must be marked and handled at the highest classification level with the most restrictive handling caveats of the information processed by the IS.
Before transferring information to the higher classified system, perform scanning of the media for viruses.
Transfer from the media to the higher classified IS.
Following transfer, examine the write-protect device to validate that it is still securely intact.
107.4 Discuss risk management.
The process that allows IT managers to balance the operational and economic costs of protective measures and achieve gains in mission capability by protecting the IT systems and data that support their organizations’ missions.
107.5 List the five attributes of IA.
CAAIN

Confidentiality
Integrity
Availability
Non-repudiation
Authentication
107.5 Define the Confidentiality attribute of IA..
Assurance that information is not disclosed to unauthorized persons, processes, or devices. It includes both the protection of operational information and the protection of IA-related system information such as password or configuration files.
107.5 Define the Integrity attribute of IA..
Assurance that information is not modified by unauthorized parties or in an unauthorized manner. Integrity supports the assurance that information is not accidentally or maliciously manipulated, altered, or corrupted. Additionally, integrity implies the ability to detect when information has been altered.
107.5 Define the Availability attribute of IA..
Assurance of timely, reliable access to data and information systems by authorized users. Availability focused IA controls protect against degraded capabilities and denial of service conditions.
107.5 Define the Non-repudiation attribute of IA..
Assurance that the sender of data is provided with proof of delivery and the recipient is provided with proof of the identity, so neither can later deny having processed the data.
107.5 Define the Authentication attribute of IA..
Assurance of the identity of a message sender or receiver. Authentication is the security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual’s authorization to receive specific categories of information.
107.6 Define Malicious Logic (computer incident).
Installation of software designed and/or deployed by adversaries with malicious intentions for the purpose of gaining access to resources or information without the consent or knowledge of the user.
107.6 Define User Level Intrusion (computer incident).
Unauthorized non-privileged access to a DOD system. If the system is compromised with malicious code that provides remote interactive control, it will be reported in this category.
107.6 Define Denial of Service (computer incident).
Activity that denies, degrades or disrupts normal functionality of a system or network.
107.6 Define Investigating (computer incident).
Events that are potentially malicious or anomalous activity deemed suspicious and warrant, or are undergoing, further review.
107.6 Define Root Level Intrusion (computer incident).
Unauthorized privileged access to a DOD system. This includes unauthorized access to information or unauthorized access to account credentials that could be used to perform administrative functions.
107.6 Define Unsuccessful Activity Attempt (computer incident).
Deliberate attempts to gain unauthorized access to a DOD system that are defeated by normal defensive mechanisms.
107.6 Define Non-Compliance Activity (computer incident).
Activity that potentially exposes DOD systems to increased risk as a result of the action or inaction of authorized users. This includes administrative and user actions such as failure to apply security patches, connections across security domains, installation of vulnerable applications, and other breaches of existing DOD policy.
107.6 Define Explained Anomaly (computer incident).
Suspicious events that after further investigation are determined to be non-malicious activity and do not fit the criteria for any other categories. This includes events such as system malfunctions and false alarms.
107.6 Define Reconnaissance (computer incident).
Activity that seeks to gather information used to characterize DOD systems, applications, networks, and users that may be useful in formulating an attack. This includes activity such as mapping DOD networks, systems devices and applications, inter-connectivity, and their users or reporting structure. This activity does not directly result in a compromise.
107.7 Describe the DoN World Wide Web Security Policy.
-Establishes what can and can not be posted on a publicly accessible official Navy website (PAONWS).
-Establishes what must be present on an UNCL publicly accessible official Navy website.
-Sets a requirement for an annual self assessment of UNCL PAONWS.
-Everything posted on a PAONWS must be approved by a PAO.
-Can not post any content considered to be UNCL FOUO or above.
-Can not be identified as an "unofficial website."
-Can not endorse any commercial entity.
107.8 Define IAVA (IA Vulnerability Alert).
An announcement of a high risk computer software or operating system vulnerability in the form of an alert. Provides corrective actions.
107.8 Define IAVB (IA Vulnerability Bulletin).
An announcement of a medium risk computer software or operating system vulnerability in the form of a bulletin.
107.8 Define CTO (Communications Tasking Order).
A DoD-wide instruction that promulgates mandatory changes in standing instructions on how communications are handled. They also are used to cover the adoption of new technologies in regular and secure communications.
107.8 Define NTD (Navy Telecommunications Directive).
A widely disseminated official Naval Message giving an order or direction about a certain IT function that requires compliance.
107.8 Define Service Pack.
A single update, fix and/or software enhancement.
107.9 Define vulnerability assessment.
Systematic examination of an information system or product to determine the adequacy of security measures, identify security deficiencies, provide data from which to predict the effectiveness of proposed security measures, and confirm the adequacy of such measures after implementation.
107.10 Explain the difference between vulnerability and threat.
Vulnerability - the weakness in an information system, system security procedures, internal controls, or implementation that could be exploited by a threat source.
Threat - any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
107.11 State the duties and responsibilities of the IAM.
Information Assurance Manager (IAM) - A designated individual responsible for the information assurance program within a command, site, system, or enclave. The IAM is responsible to the local IA command authority and DAA for ensuring the security of an IT system, and that it is approved, operated, and maintained throughout its life cycle in accordance with IT system security certification and accreditation documentation.
107.12 Define CCRI.
Command Cyber Readiness Inspection (CCRI) - A formal inspection conducted under the direction of USCYBERCOM’s Enhanced Inspection Program.
107.13 State NAVCYBERFOR’s role in an CCRI.
To conduct readiness inspections ensuring all IA policies are enforced within a command.
107.13 State NAVCYBERFOR’s role in an CCRI.
To conduct readiness inspections ensuring all IA policies are enforced within a command.