Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
28 Cards in this Set
- Front
- Back
|
Define information Assurance.
|
Information Operations that protect and defend data and Information Systems (IS) by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation.
|
|
|
Define Certificatin in regards to IA.
|
Certification – Comprehensive evaluation of the technical and non-technical security features of an information system and other safeguards, made in support of the accreditation process, to establish the extent that a particular design and implementation meets a set of specified security requirements.
|
|
|
Define Accreditation in regards to IA.
|
Accreditation – Formal declaration by the DAA that an information system is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk.
|
|
|
Define DAA in regards to IA.
|
DAA (Designated Approving Authority) – the official with the authority to formally assume responsibility for operating a system at an acceptable level of risk. DAAs accredit IT system security postures throughout the system development lifecycle and in accordance with risk-management principles.
|
|
|
Define System Security Plan in regards to IA.
|
System Security Plan - A formal document that fully describes the planned security tasks required to meet system or network security requirements.
|
|
|
Define ATO in regards to IA.
|
ATO (Approval To Operate)- The formal declaration by the DAA that an Information System is approved to operate in a particular security mode using a prescribed set of safeguards.
|
|
|
Define IATO in regards to IA.
|
IATO (Interim Approval To Operate) - Temporary authorization granted by a DAA for an information system to process classified information based on preliminary results of a security evaluation of the system.
|
|
|
Define Configuration Management in regards to IA.
|
Configuration Management – Identifies, controls, accounts for, and audits all changes to a site or information system during its design, development, and operational lifecycle.
|
|
|
Discuss security procedures involved when performing cross-domain transfers.
|
-The DAA Rep/SCO and ISSPM/ISSM must approve the procedures and individuals involved.
-The media to be used in the process must be new or an approved transfer disk that has been virus checked. -Transfer information onto the media. -Perform scanning of the media for viruses. -When possible, ensure the transfer media is adequately write-protected if it is to remain classified at the lower level. -If the write-protect mechanism on the media is securely maintained, the media may remain at its lower classification level. -If the write protect mechanism is not correctly maintained, the media must be marked and handled at the highest classification level with the most restrictive handling caveats of the information processed by the IS. -Before transferring information to the higher classified system, perform scanning of the media for viruses. -Transfer the data from the media to the higher classified IS. -Following transfer, examine the write-protect device to validate that it is still securely intact. |
|
|
Discuss risk management.
|
is the process that allows IT managers to balance the operational economic costs of protective measures and achieve gains in mission capability by protecting the IT systems and Data that support their organizations missions.
|
|
|
Define Confidentiality in regards to the five attributes of IA.
|
Confidentiality – assurance that information is not disclosed to unauthorized persons, processes, or devices. It includes both the protection of operational information and the protection of IA-related system information such as password or configuration files.
|
|
|
Define Integrity in regards to the five attributes of IA.
|
Integrity – assurance that information is not modified by unauthorized parties or in an unauthorized manner. Integrity supports the assurance that information is not accidentally or maliciously manipulated, altered, or corrupted. Additionally, integrity implies the ability to detect when information has been altered.
|
|
|
Define Availability in regards to the five attributes of IA.
|
Availability – Availability is assurance of timely, reliable access to data and information systems by authorized users. Availability focused IA controls protect against degraded capabilities and denial of service conditions.
|
|
|
Define Non-repudiation in regards to the five attributes of IA
|
Non-repudiation – Non-repudiation is assurance that the sender of data is provided with proof of delivery and the recipient is provided with proof of the identity, so neither can later deny having processed the data.
|
|
|
Define Authentication in regards to the five attributes of IA.
|
Authentication - assurance of the identity of a message sender or receiver. Authentication is the security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual's authorization to receive specific categories of information.
|
|
|
List and define 9 categories of computer incidents.
|
-Root Level Intrusion – Unauthorized privileged access to a DOD system. This includes unauthorized access to information or unauthorized access to account credentials that could be used to perform administrative functions.
-User Level Intrusion – Unauthorized non-privileged access to a DOD system. If the system is compromised with malicious code that provides remote interactive control, it will be reported in this category. -Denial of Service – Activity that denies, degrades or disrupts normal functionality of a system or network. -Malicious Logic – Installation of software designed and/or deployed by adversaries with malicious intentions for the purpose of gaining access to resources or information without the consent or knowledge of the user. -Unsuccessful Activity Attempt – Deliberate attempts to gain unauthorized access to a DOD system that are defeated by normal defensive mechanisms. -Non-Compliance Activity – Activity that potentially exposes DOD systems to increased risk as a result of the action or inaction of authorized users. This includes administrative and user actions such as failure to apply security patches, connections across security domains, installation of vulnerable applications, and other breaches of existing DoD policy. -Reconnaissance – Activity that seeks to gather information used to characterize DOD systems, applications, networks, and users that may be useful in formulating an attack. This includes activity such as mapping DoD networks, systems devices and applications, interconnectivity, and their users or reporting structure. This activity does not directly result in a compromise. -Investigating – Events that are potentially malicious or anomalous activity deemed suspicious and warrant, or are undergoing, further review. -Explained Anomaly - Suspicious events that after further investigation are determined to be non-malicious activity and do not fit the criteria for any other categories. This includes events such as system malfunctions and false alarms. |
|
|
Describe the DoN World Wide Web Security Policy.
|
All DON Web sites must have a clearly articulated purpose, approved by the commander, and supporting the command’s/activity’s core competency mission.
Only unclassified material is approved for public release may appear on a publicly accessible Web site. All Web sites published by or under the aegis of Navy/Marine Corps commands are considered official sites. |
|
|
Define IAVA.
|
IAVA (IA Vulnerability Alerts) – An announcement of a high risk computer software, or operating system, vulnerability in the form of an alert. Provides corrective actions.
|
|
|
Define IAVB
|
IAVB (IA Vulnerability Bulletins ) – An announcement of a medium risk computer software, or operating system, vulnerability in the form of a bulletin.
|
|
|
Define IAVT
|
IAVT (IA Vulnerability Technical) - address new vulnerabilities that are generally categorized as low risk to DON systems.
|
|
|
Define CTO.
|
CTO (Communications Tasking Orders) – A DoD-wide instruction that promulgates mandatory changes in standing instructions on how communications are handled. They also are used to cover the adoption of new technologies in regular and secure communications.
|
|
|
Define NTD
|
NTD (Navy Telecommunications Directive) – A widely disseminated Naval Message giving an order or direction about a certain IT function that needs to be complied with.
|
|
|
Define Service Pack.
|
Service Pack – a single update, fix and/or enhancement to a program or firmware (hardware).
|
|
|
Define vulnerability assessment.
|
Systematic examination of an information system or product to determine the adequacy of security measures, identify security deficiencies, provide data from which to predict the effectiveness of proposed security measures, and confirm the adequacy of such measures after implementation.
|
|
|
Explain the difference between vulnerability and threat.
|
Vulnerability is the weakness in an information system, system security procedures, internal controls, or implementation that could be exploited by a threat source.
Threat is any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. |
|
|
State the duties and responsibilities of the IAM.
|
IAM is responsible for the information assurance program within a command, site, system, or enclave. The IAM is responsible to the local IA command authority and DAA for ensuring the security of an IT system, and that it is approved, operated, and maintained throughout its life cycle in accordance
with IT system security certification and accreditation documentation |
|
|
Define CCRI.
|
Command Cyber Readiness Inspector- a formal inspection conducted under the direction of uscybercoms enhanced inspection program.
|
|
|
State NAVCYBERFOR's role in an CCRI.
|
NAVYCYBERFOR performs CCRI on behalf of USCYBERCOM
|
