Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
32 Cards in this Set
- Front
- Back
|
what is information operations (IO)?
|
IO is the integrated employment of the core capabilities of Electronic warfare (EW), Computer network operations (CNO), psychologicial operations (PSYOP), military deception (MILDEC), and operational security (OPSEC), in concert with specified supporting and related capabilites, to influence, disrupt, corrupt or usurp adversarial human and automated decision making while protecting their own
|
|
|
when was us cyber command (USCYBERCOM) established? by who?
|
sec def
october 2009 |
|
|
what does USCYBERCOM fall directly under?
|
USSTRATCOM
us strategic command |
|
|
what is the naval component of USCYBERCOM?
|
FLTCYBERCOM (10th fleet)
|
|
|
FLTCYYBERCOM mission?
|
to serve as central operational authority for networks, intelligence, cryptology/sigint, information operations, cyber, electronic warfare, and space in support of forces aloat and ashore; operate a secure, interoperable naval network; coordinate navy's operational requirements for intelligence, information operations, networks, cryptology/sigint, and space capabilites
|
|
|
GIG?
|
global information grid
|
|
|
CNO operations?
|
cyberspace
cyberspace operations global information grid (GIG) computer network attack (CNA) computer network defense (CND) computer network exploitation (CNE) |
|
|
cyberspace?
|
global domain within information environment consisting of the interdependent network of information technology infrastures
including: internet, telecom networks, computer systems, processors, controllers |
|
|
cyberspace operations?
|
employment of cyber capabilites where the primary purpose is to achieve objectives in or through cyberspace
|
|
|
global information grid (GIG)?
|
global information cpabilites associated with prcoesses/personnel for collecting, processing, storing, disseminating, and managing information for military personnel
|
|
|
computer network attack (CNA)?
|
actions tken through computer networks to disrupt, deny, degrade, or destroy information resident in computers or networks
|
|
|
computer network defense (CND)?
|
actions taken to defence, detect, moitor, and respond to attacks against our networks
|
|
|
computer network exploitation(CNE)?
|
operations to gather data from enemy's automated informations systems/networks
|
|
|
information assurance (IA)?
|
meausures that protect and defend information and information systems
|
|
|
network defenders strive for?
|
Availability-timely/relable acces to data
integrity-protetion of information against unauthorized changes authentication-verifying the identity of person trying to connect confidentiality- protection of sensitive/classified information non-repudiation-assurance to sender/reciever so neither can deny having processed the data |
|
|
3 main lvl's of classification?
|
confidential
secret top secret |
|
|
confidential?
|
requires protections to unauthorized disclosure
can cause damage to national security |
|
|
secret?
|
requires substantial degree of protection
could cause serious damage to national security |
|
|
top secret?
|
requires highest degree of protection
could cause exceptionally grave damage to national security |
|
|
information may be given to people who.....?
|
have appropriate clearance
valid need to know the information |
|
|
NIPRNET?
|
non secure internet protocol router netwrok
computers with complete access to WWW |
|
|
SIPRNET?
|
secured internet protcol router network
not connected to internet, used to send classified info |
|
|
defense in depth?
|
stationaing of mutually suppporting dfense positions designed to absorb and progressively weken attack, prvent initial observations of the whole position by enemy, and to allow the commander to maneuver the reserve
|
|
|
defense in depth layers?
|
Data
Application Host Internal Network Perimeter Physical Policies/Procedures/Awareness |
|
|
social engineering?
|
description: attacks finds info from sources that when pieced together can break into a system
defense: recognizing available personal public information and controlling it |
|
|
phishing?
|
description:high-tech scam tha uses emails/websites to decieve you into disclosing your credit card numbers, bank account info/social secruity,
defense:pay close attention to emails/web sites asking for personal or system information |
|
|
spoofing and misdirection?
|
description:unauthorized used of legitimated identification and authentication data
defense: check links to make sure they match expected links |
|
|
software vulnerability/malware?
|
description: hackers use vulnerabilites in existing programs or creat their own to break into systems
Defense: keep security patches and antivirus up to date |
|
|
password cracking?
|
description: hackers crack encryption and find out a password
defense: make password crackign more complex by using longer passwords |
|
|
intercepting traffic?
|
description: network traffic that isn't encrypted can be read by attacker including passwords
defense: encrypt your messages |
|
|
security hopping?
|
description:attacker has acces to one machine, use information to gain acces to other machines
defense: use deifferent passwords for different systems |
|
|
improper use of CAC?
|
description: somebody uses your common access card to get into something
defense: if you lose your CAC, report it immediately |
