Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
15 Cards in this Set
- Front
- Back
Define IA
|
1. Protect and defend DOD info and info systems, and networks
|
|
What is certification
|
Eval of technical and non technical security features of an IS.
- part of the accredidation process. |
|
DAA?
|
DESIGNATED APPROVING AUTHORITY (NETWARCOM)
-authority to assume responsibility for an OS at an acceptible level of risk |
|
WHAT IS A SYSTEM SECURITY PLAN?
|
-SECURITY TASKS REQUIRED TO MEET SYSTEM OR NETWORK SECURITY REQUIRMENTS
|
|
ATO...WHAT IS IT?
|
DECLARATION BY THE DAA THAT AN INFO SYSTEM IS APPROVED TO OPERATE IN A PARTICULAR SECURITY MODE
|
|
WHAT IS AN IATO?
|
INTERAM AUTHORITY TO OPERATE: MAY BE ISSUED WHEN REQUIRMENT FOR FULL ACCREDIDATION CAN'T BE MET
|
|
CONFIG. MANAGEMENT
|
PROCEDURES TO ASSURE PHYSICAL AND TECHNICAL PROTECTION OF THE BACKUP AND RESTORATION HARDWARE, FIRMWARE, AND SOFTWARE
|
|
LOW TO HIGH CONNECTIONS?
|
INFO FROM LOW SIDE WILL NOT HAVE A CONFIDENTIALITY REQ.
|
|
HIGH TO LOW CONNECTIONS?
|
MUST BE SANITIZED
|
|
WHAT ARE THE 5 ATTRIBUTES OF IA?
|
CIA - N-R A
1. CONFIDENTIALITY 2. INTEGRITY 3. AVAILABILITY 4.NON- REPUDIATION 5.AUTHENTICATION |
|
WHAT ARE COMPUTER INCIDENTS ?
|
1.ROOT LEVEL-UNAUTH PRIVELAGE
2. USER LEVEL INTRUSION- UN-AUTH NON- PRIVELAGED ACCESS TO DOD 3.DENIAL OF SERVICE- DENIES,DEGRADES, OR DISRUPTS NORMAL FUNCTION OF A SYSTEM OR NETWORK. 4. MALICIOUS LOGIC- INSTILLATION OF SOFTWARE DESIGNED OR DEPLOYED BY ADVERSARIES W/ MALICIOUS |
|
USER LEVEL INTRUSION ?
|
UNAUTHORIZED NON PRIVILEGED ACCESS TO A DOD SYSTEM
|
|
DENIAL OF SERVICE
|
INCIDENT INVOLVING ACTIVITY THAT DENIES, DEGRADES OR DISRUPTS NORMAL FUNCTIONALITY OF A SYSTEM OR A NETWORK.
|
|
MALICIOUS LOGIC ?
|
INCIDENT INVOLVING INSTALLATION OF SOFTWARE DESIGNED AND/ OR DEPLOYED BY ADVERSARIES WITH MALICIOUS INTENTIONS FOR THE PURPOSE OF GAINING ACCESS TO RESOURCES OR INFORMATION W/O THE CONSENT OF THE USER
|
|
DON WEB SITE SECURITY POLICY ...
|
1. PROTECTED FROM MODIFICATION
2. OFFICIAL MAILING ADDRESS 3. HYPERTEXT LINK WITH PRIVACY POLICY LINK 4. ACCESSIBLE TO US CITIZENS AND DISABLED VETS |