Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
49 Cards in this Set
- Front
- Back
|
what is a measure used to verify the eligibility of a subject and the ability of the subject to access certain info?
|
authentication
|
|
|
what are 3 primary ways to authenticate ones self?
|
something you know, are, have.
|
|
|
knowledge based identification and authentication methods require the user to provide something you?
|
know
|
|
|
the AF requires a network password to be atleast how many characters long?
|
9
|
|
|
what regulation covers remanence security?
|
AFSSI 8580
|
|
|
storage media that retains data after power is removed is considered?
|
sensitive
|
|
|
which standard form is used to annotate storage media has been sanitized?
|
711
|
|
|
who can declassify storage media that has been sanitized?
|
Infomation Owner
|
|
|
what is the process of physically damaging the media to render is unusable in a computer and render the data on the media irretrievable by any known exploitation methods?
|
destroying
|
|
|
what is the process of erasing magnetic media by reducing the magnetic flux to virtual zero by applying a reverse magnetizing field?
|
Degaussing
|
|
|
what is the preferred method of sanitizing magnetic media?
|
Degaussing
|
|
|
what is a comprehensive evaluation and validation of an air force info system to establish the degree to which it complies with assigned info assurance controls based on standardized procedures?
|
Certification
|
|
|
what is a formal declaration by a designated approving official (DAA) that an info system is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk?
|
Accredidation
|
|
|
what is the DOD process for certifying and accrediting info systems to operate on the global info grid (GIG)?
|
Department of Defense Information Assurance Certification and Accreditation Process (DIACAP)
|
|
|
what documentation is required to permanently connect to the global info grid system?
|
Authorization to Operate (ATO)
|
|
|
what doc signifies that a system is not allowed to connect to the global info grid?
|
Denial of Authorization to Operate (DATO)
|
|
|
what process, along with AFI 33-210, air force certification and accredidation (C&A) program (AFCAP), provides the basic framework of the certification and accredidation?
|
Information Technology (IT) lean reengineering
|
|
|
what do you call the consolidated list of requirements that a program office must adhere to when fielding a system?
|
department of defense info technology system cert and accreditation process (DITSCAP)
|
|
|
what is the database of record for registering all systems and applications?
|
DITSCAP
|
|
|
what is a collection of computing environments connected by one or more internal networks under the control of a single approval authority and security policy?
|
Enclave
|
|
|
how many non-secure internet protocol router network (NIPRNET) gateways does the af possess?
|
16
|
|
|
which agency must approve all info protection tools prior to their use?
|
HQ USAF
|
|
|
what device is placed outside the boundary protection mechanism to monitor all attempted attacks?
|
Intrusion Detection System (IDS)
|
|
|
what are examples of network attacks that bypass the firewall?
|
Tunneling and application based attacks
|
|
|
what is the intrusion practice of encapsulating a message that would be rejected by the firewall inside a second message that will pass through the firewall?
|
Tunneling
|
|
|
a base web server that inferfaces with the public must be placed in what area of a base network?
|
DMZ
|
|
|
what is the simplest and least expensive way to stop an inappropriate netowork address?
|
packet filtering
|
|
|
what type of firewall consists of a screening router and a set of rules that accept or reject a message based on information int he messages header (a packet): the source address, the destination, and the port?
|
Packet Filtering
|
|
|
what type of firewall is used to separate secure sites, networks, or network segments from less secure areas?
|
Bastion Host
|
|
|
what type of firewall generates audit trails of all network related activity for monitoring and intrusion detection purposes?
|
Bastion Host
|
|
|
what network dvice performs regorous examinations of systems to identify weaknesses that might allow security violations?
|
Vulnerability Scanners
|
|
|
what action represents one of the greatest vulnerabilities to internal networks?
|
network connected computer systems with modems that make calls to accept calls from the public switched network
|
|
|
what do you call a current and percieved capability, intention, or attack, directed to cause denial of service?
|
threat
|
|
|
an ainformation system on your network that is not to require the use of a common access card or password would be considered a?
|
vulnerability
|
|
|
a program that replicates by attaching itself to a program is a?
|
virus
|
|
|
what type of malicious logic can form large networks that can be used to launch a varitety of attacks without an info systems owners knowledge?
|
bot
|
|
|
what type of malicious logic can become active on an information system without the need to infect a file?
|
worm
|
|
|
what is a cryptographic key and certificate delivery system that makes possible secure electronic transactions and exchanges of sensitive information between relative strangers?
|
Public Key Infrastructure (PKI)
|
|
|
what is an electronic document that officially links together a user's identity with his public key?
|
PKI certificate
|
|
|
what is a file that is kept with you and will allow you to decrypt files encrypted specifically for you using your openly available encryption code?
|
private key
|
|
|
what is an electronic document that officially links together a users identity with his public key?
|
PKI certificate
|
|
|
Which component of the PKI responsible for establishing, authenticating, maintaining, and revoking certificates?
|
certificate authority
|
|
|
the 2 ways key establishment can occur are key?
|
transfer and aggreement
|
|
|
which public key algorithm is exclusively a key establishment protocol?
|
diffie and hellman
|
|
|
what is the primary unclassified PKI token for individual PKI keys and certificates in the air force?
|
CAC
|
|
|
which team provides a communication link between forces securing the area and setting up support facilities?
|
initial communications support teams
|
|
|
sustained communications support becomes a part of the deployment if it exceeds how many days?
|
30 days
|
|
|
who provides uninterrupted flow of mission critical information to field and in-garrison units for the duration of a contigency?
|
sustained communications support teams
|
|
|
what program is known as a state of the are ground to ground communications infrastructure designed to provide base level full spectrum communications to the commander and all agencies on base?
|
Theater Deployable Communications (TDC)
|
