Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
82 Cards in this Set
- Front
- Back
What is IO and what does it accomplish?
|
Information Operations; works to affecting human decision processing to acheive friendly objectives.
|
|
What are the 5 core capabilities of IO?
|
1.) Pshycological Operations (PSYOP)
2.) Military Deception 3.) Operations Security (OPSEC) 4.) Electronic Warfare (EW) Electronic Defense (ED) Electronic Protection (EP) 5.) Computer Network Operations (CNO) Computer Network Attack (CNA) Computer Network Defense (CND) |
|
What is Computer Network Exploitation?
|
Enables operation and intelligence to gather data from target or adversary systems.
|
|
IO allows the joint force to do what?
|
to attain a relative advantage in the information environment
|
|
What is GIG?
|
Global Information Grid
|
|
What does the GIG provide?
|
It provides interconnect-ability, processes, and personnel for collecting for processing, storing, disseminating and managing information
|
|
What is NETOPS?
|
Network Operations; It is an organizational, procedural and technological construct for insuring informational superiority.
|
|
What does IA do?
|
IA integrates an organized, manned, equipped and trained workforce to guard and secure information and information systems by providing the 5 attributes of IA.
|
|
What are the 5 attributes of IA?
|
Confidentiality, Non-repudiation, Integrity, Availability and Authentication
|
|
What does confidentiality do?
|
Information is not disclosed to unauthorized entities.
|
|
What does availability do?
|
Provides reliable, timely access to information by authorized users.
|
|
What does authentication do?
|
Establishes the validity of a transmission
|
|
What does Integrity do?
|
ensure logical correctness and reliability of an operating system, or protection against unauthorized modification or destruction of information
|
|
What does non-repudiation do?
|
Assurance the sender of the data is provided with proof of delivery and the recipient is provided with proof of the sender's identity, so neither can later deny having processed the data.
|
|
IA processes function to:
|
Protect and defend against unauthorized activity
|
|
What is Defense-in-Depth?
|
DOD approach for establishing an adequate IA posture in a shared risk environment that allows for shared mitigation through the layering of IA solutions
|
|
What is Computer Network Defense (CND)?
|
Actions taken to protect, monitor, analyze, detect and respond to unauthorized activity within the DOD information systems and computer networks.
|
|
What is the main method of employment for IA?
|
Defense-in-Depth
|
|
Who coordinates and directs DOD-wide CND?
|
CDRUSSTRATCOM
|
|
What is the DOD CND mission?
|
To coordinate and direct the defense operations of DOD computer networks from unauthorized activity.
|
|
What are the five activities of CND?
|
operations, law enforcement, counterintelligence and Intelligence community, communications
|
|
What recognizes unauthorized network activity?
|
CND
|
|
What is the publication that all DOD information systems and networks will be certified and accredited through (currently known as Dod Information Technology Security Certification and Accreditation Process, or DITSCAP).
|
DOD Instruction 5200.40
|
|
What is the DOD CND Mission?
|
Coordinate and direct defense operations of DOD Computer Networks from unauthorized activity employing communications, law enforcement, Intelligence, counterintelligence and operations.
|
|
What identifies unauthorized network activity including CNA and CNE launched by adversaries?
|
CND
|
|
Name 5 CND service providers.
|
NOC, NOSC, CSIRT, CIRT AND CERT
|
|
CND System Administrators are responsible for what 3 things?
|
Monitor or report suspicious activity, keep track of audit log, safeguard all captured network traffic, and direct and execute protective measures within DOD computer networks
|
|
DOD Information systems for IA purposes consist of what 4 categories?
|
1.) AIS applications
2.) Enclaves (which include networks) 3.) Outsource information technology (IT)-based processes 4.) Platform IT connections |
|
What DOD instruction and DOD directive, respectively, provides policy and details on IA?
|
DOD Instruction 8500.1
DOD Directive 8500.2 |
|
C&A for information systems that process TS information will comply with the requirements of who?
|
Director of Central Intelligence
|
|
What is a MAC?
|
Mission Assurance Category
|
|
When is C&A not required?
|
When a platform develops software or is a test lab that does not process real-world operations information, and are isolated from DOD operational systems.
|
|
Only encryption devices listed in _____ are authorized for classified communications.
|
NSA
|
|
Access:
|
Opportunity to make use of an information system (IS) resource.
|
|
Access Control:
|
Limiting access to information system resources only to authorized users, programs, processes or other systems.
|
|
Accountability
|
Process of tracing information system activities to a responsible source.
|
|
Accreditation
|
Formal declaration by a DAA that an information system is approved to operate in a particular security mode at an acceptable level of risk, based on implementation of an approved set of technical, managerial and procedural safeguards.
|
|
Application
|
Software program that performs a specific function directly for a user and can be executed without access to system control, monitoring or administrative privileges.
|
|
Architecture
|
Configuration of any equipment or interconnected system that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission or reception of data or information; includes computers, ancillary equipment and services.
|
|
Assurance
|
Measure of confidence that the security features, practices, procedures and architecture of an information system accurately mediate and enforce the security policy.
|
|
AS&W
|
Attack Sensing and Warning. That detection, correlation, identification and characterization of intentional unauthorized activity, including computer intrusion or attack, across a large specrum coupled with the notification to command and decision makers so that an appropriate response can be developed. Attack sensing and warning also includes attack/intrusion related intelligence collection tasking and dissemination; limited immediate response recommendations; and limited potential impact assessments.
|
|
Audit
|
Independent review and examination of records and activities to ***** the adequacy of system controls, and to recommend necessary changes.
|
|
Audit Trail
|
Chronological record of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event.
|
|
Backup
|
Copy of file and programs made to facilitate recovery, if necessary.
|
|
Category
|
Restrictive label applied to classified or unclassified information to limit access.
|
|
CTTA
|
Certified TEMPEST Technical Authority; An experienced, technically qualified US Gov employee who has met established cert. requirements in accordance with CNSS approved criteria and has been appointed by a US Gov Department/Agency
|
|
Classified Information
|
Information that has been determined pursuant to Executive Order 12958 or any predecessor Order, or the by the Atomic Energy Act 1954.
|
|
Communications Security
|
Measures/controls taken to deny unauthorized individuals information information derived from telecommunications.
|
|
During COMSEC monitoring, whose transmissions do you listen to?
|
Your own
|
|
Community Risk
|
Probability that a particular vulnerability will be exploited within an interacting population and adversely impact some members of that population.
|
|
CERT
|
Computer Emergency Response Team: Personnel with technical expertise and organic equipment that may deploy to assist remote sites in the restoration of computer services.
|
|
Computer Network Attack (CNA)
|
Operations to disrupt, deny, degrade or destroy information resident in computers and computer networks, or computers themselves.
|
|
Computer Network Exploitation (CNE)
|
Intelligence collection operations that obtain information resident in files of threat automated information systems (AIS) and gain information about potential vulnerabilities, or access critical information resident within foreign AIS that could be used to the benefit of friendly operations.
|
|
Computer Network Defense
|
Actions taken to protect, monitor, analyze, detect and respond to unauthorized activity within DOD information systems and computer networks.
|
|
What are the 3 tiers of Computer Network Defense (CND) Operational Hierarchy?
|
Tier One provides DOD-wide CND operational direction to all CC/S/As.
Tier Two provides DOD Component-wide (i.e., CC/S/As) operational direction or support and responds to direction from Tier One. Tier Three provides local operational direction or support and responds to direction from a designated Tier Two entity. |
|
What are some Tier One entities?
|
US Strategic Command, CND Service Certification Authorities, Defense Criminal Investigative Organization Law Enforcement and Counterintelligence Center, and the National Security Incident Response Center.
|
|
What is a Tier Two entities?
|
CND Service providers that are designated by Heads of Components to coordinate Component-wide CND.
|
|
What are Tier Three entities?
|
All entities responding to direction from DOD Component Tier Two CND Service (local control centers that manage and control information systems, networks and services, either deployed or fixed at DOD installations).
|
|
What are CND RA's?
|
Deliberate, authorized defensive measures or activities that protect and defend DOD computer systems and networks under attack.
|
|
Configuration Management
|
Management of security features and assurances through control of changes made to hardware, software, firmware, documentation, test, test fixtures and test documentation throughout the life cycle of the information system.
|
|
Connection Approval
|
Formal authorization to interconnect information systems
|
|
Contingency Plan
|
Plan maintained for emergency response, backup operations, and post-disaster recovery for an information system
|
|
Counterintelligence
|
Information gathered and activities conducted to protect against espionage or other intelligence activities from foreign governments
|
|
What are the major characteristics of Controlled Access Protection?
|
Individual accountability, audit, access control and object reuse.
|
|
Data
|
Representation of facts, concepts or instructions in a formalized manner suitable for communication, interpretation or processing by humans automatic means.
|
|
Data Integrity
|
Condition existing when data is unchanged from its source and has not been accidentally or maliciously modified, altered or destroyed.
|
|
Defense Information Systems Network (DISN)
|
The DOD consolidated worldwide enterprise level telecommunications infrastructure that provides the end-to-end information transfer network for supporting military operations.
|
|
Evaluated Products List (EPL)
|
Equipment, hardware, software and/or firmware evaluated by the NCSC in accordance with DOD TCSEC and found to be technically compliant at a particular level of trust.
|
|
Event
|
Occurrence, not yet assessed, that may effect the performance of an IS
|
|
Firewall
|
System designed to defend against unauthorized access to or from a private network.
|
|
Firmware
|
Program recorded in permanent or sem-permanent computer memory.
|
|
The Directory, Defense Information Systems Agency, serves also as what?
|
DOD Computer Executive Agent for DOD Computer Forensics
|
|
Who develops an IA education and awareness program?
|
DISA
|
|
Common infrastructures such as CAC, PKI, biometrics, and KMI (Key Management Infrastructure) can be found within ____
|
IA
|
|
DOD Information Systems for IA purposed consist of what 4 categories?
|
AIS, enclaves, outsourced IT-processes, and Platform interconnections
|
|
What is a guard?
|
Information assessed occurrence having potentially or actually adverse affects on information systems
|
|
Identification
|
Process an IS uses to recognize an entity.
|
|
What is a defense posture and response system for DOD information systems and networks?
|
INFOCON
|
|
What is the capability of an IS network to collect, process and disseminate an uninterrupted flow of information while exploiting an adversary's ability to do the same?
|
Information Superiority
|
|
What is intrusion?
|
Unauthorized act of bypassing the security mechanism of a system.
|
|
What is level-of-concern?
|
Rating assigned to an information system that indicates the extent to which protective measures, techniques and procedures must be applied.
|
|
What is open-source software?
|
Products that are copyrighted and distributed under a license that provides everyone with the ability to use, modify and redistribute the source code of the software.
|