Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
554 Cards in this Set
- Front
- Back
|
in an afsc, what is the functional grouping of personnel requiring basically the same knowledge and skills known as? what combination of digits/letters make up this grouping?
|
Career Field or Family.
Combo of 1st digit and 2nd position letter |
|
|
what is a logical grouping of personnel with related work requirements and qualifications?
|
career field subdivision
|
|
|
which digit of the afsc identifies the skill level?
|
4th digit
|
|
|
describe the three types of afscs
|
Primary - highest skill level
Duty - ids the authorized manning position to which your are assigned. reflects the job you are currently performing Control - used by AFMPC for assignment and training purposes |
|
|
name the 3 main items necessary to accomplish qualification for the 5 skill level
|
CDC training(after 6 mos on job)and passing eoc test
12mos OJT sew on SrA |
|
|
define:
prefix suffix SEIs |
prefix - designates an ability, skill, special qualification that can be applied to any AFSC
suffix - given when a person works with specific equipment/perfomrs special function aka shredout SEIs - awarded based upon completion of formal training, a unique course or experience performing specific duties. |
|
|
what type of training muyst safety observers attend?
|
first aid and cpr
|
|
|
who is authorized to install and maintain communication electronics equip?
|
qualified and authorized comm electronic systems techs
|
|
|
4 basic rules of ORM
|
know the risk
do not accept unnecessary risk make risk decisions at the appropriate level accept risk when benefits outweigh the costs |
|
|
who should you contact to find out the specific safety requirements for a particular situation?
|
supervisor, unit safety rep, wing safety office
applicable AFOSH directives |
|
|
what should you be concerned with when working on computer equipment
|
electrical current
|
|
|
minimum amount of current that can be lethal
|
voltage capable of producing 50 milliamperes (.05 amperes)
|
|
|
why should possible current path be considered?
|
utilizing both hands places the heart in the possible current path
|
|
|
what common sense safety precaustions should you always take when working on computer equipment?
|
turn it off and unplug it
remove all jewelry |
|
|
in what 2 areas does the comm squadron 2000 initiative recognize the need for change?
|
shift to a work force adept at computer networking
need for a work force ready to deploy |
|
|
state the obj of the comm squadron 2000 initiative
|
to develop the commmsq force structure into one that provides the wing with a deployment mission and initial CISI capability it can take to war
|
|
|
what is required to ensure CISI systems interoperability
|
all service and agency programmed systems must be compatible and interoperable to support joint and combined operations across the entire spectrum of conflict
|
|
|
who is responsible and accountable for mission results
|
wing ccs
|
|
|
what was the objective wing designed to do
|
to streamline and consolidate the responsibilites and to move to clear lines of command
|
|
|
normally what groups are assigned to the objective wing organization?
|
the obj wing only has the operations, logistics, support, and medical groups assigned.
|
|
|
what agency serves as the air force execuive agent for the CIS systems integration
|
HQ AFCA (head quarters air force communications agency
|
|
|
name the agency that manages long haul communications
|
DISA (defense information systems agency)
|
|
|
what organization does maintenance, repair, and minor alterations of facilites
|
base civil engineering (BCE)
|
|
|
name the office that administers the support agreements program
|
Wing Planning Office
|
|
|
upon what does the success of a mission depend
|
teamwork among all afscs
|
|
|
name some of the functions for wich 3a0x1s are responsible?
|
publications and forms management, the base info transfer system (BITS) postal management, records management, network workgroup management and the freedom of information act program
|
|
|
what product provides a valuable training tool that allows you to do in-house training
|
QTPs
|
|
|
who must take the QTPs
|
all personnnel in upgrade training or job qualification training
|
|
|
what events and changes led to the develpment of the air and space expeditionary forces
|
threats to natioanl security,the need to advance national policy,
the protection of national and global interests stretched the resources of a military adjusting to decreased manning and reduction in overseas bases. these events and changes led to increase deployments |
|
|
what are air and space expeditionary forces
|
teams of associated forces representing air and space capability in predetermined scheduled sets of forces
|
|
|
name the 2 existing tools for deploying air and space exped forces
|
AMC ( air mobility command)
GMFP (Global military force policy) |
|
|
what is the objective of using total force in air and spcae expeditionary forces
|
the obj is to pre-identify as many deployable people and assets as possible in order to distribute deployment loads
|
|
|
what are the benefits to a unit and its members of knowing the air and space expeditionary forces schedule
|
they'll know when they are in the window for the deplyment, when they are training and when to prepare for the "on-call" rotation. they can plan their lives accordingly.
|
|
|
when was the first AF OPSEC program introduced
|
1966 South East Asia
|
|
|
what agency directed the first OPSEC program
|
Joint Chiefs of Staff
|
|
|
when was the present OPSEC program established
|
1970
|
|
|
what was the conclusion of the security study in Southeast Asia?
|
there were no leaks, the enemy was gaining knowledge through unclassified means
|
|
|
Define OPSEC
|
measures taken to detect and correct procedural weakness or indicators that an enemy can exploit
|
|
|
what is the purpose of psychological operations
|
to induce or reinforce foreign attitudes and behaviors favorable to the originator's obj
|
|
|
define vulnerability
|
condition that may be used for exploitations
|
|
|
what is considered our weakest security link
|
phone
|
|
|
define "awe of rank"
|
releasing classified info to a higher ranking individual
|
|
|
what is meant by "talking shop"
|
discussing the job at leisure in an unsecure place
|
|
|
name the two key points to think about in commmunicating sensitive subjects
|
secure method and need-to-know
|
|
|
list some OPSEC weakness in the following area:
operational |
stereotyped sequence of events
agencies w/out proper safeguars abrupt changes rehearsals |
|
|
list some OPSEC weakness in the following area:
administrative |
public affairs releases
distinctive emblems/badges logistics buildup |
|
|
list some OPSEC weakness in the following area:
communications |
plain language
unchanging call signs specialized/unique equipment change in message traffic volume |
|
|
what is the overall goal of OPSEC?
|
increase overall operational effectivenss
|
|
|
define critical information
|
info about a friendly that an adversary needs in order to gain an advantage
|
|
|
who is in the best position to develop critical info
|
the individuals responsible for the development/execution of the operation
|
|
|
who is charged to control critical info and its indicators?
|
subordinate CCs and supporting organizations
|
|
|
name the 4 elements of COMSEC
|
cryptosecurity
emission security physical security transmission security |
|
|
define cryptosecurity
|
using technically sound cryptosystems
|
|
|
define emission security
|
deny info that may be derived from interception and analysis of compromising emanations
|
|
|
define physical security
|
all physcal means to deny prevent
|
|
|
define transmission security
|
protecting transmissions
|
|
|
why is COMSEC important
|
safeguarding classified info is a continuing requirement for maintaining the effectiveness of our national defense and conduct of our foreign relations
|
|
|
what is the "silent war"
|
"trawlers" prowl our shores trying to intercept information
|
|
|
what is Information Assurance?
|
process that integrates measures to protect info sys by preserving the availability, integrity, and confidentiality
|
|
|
what is the entire IA training and indoctrination program established to emphasize?
|
command, control, communications, and computer C4 systems security awareness and to promote consistent application of security principles
|
|
|
list the obj of IA
|
Understand existence of vulnerablities
Take necessary measures to protect info recognize bad practices/potential damage protect against denial of service understand COMSEC implement good practices |
|
|
name the 3 types of insecurities
|
personnel
physical cryptographic |
|
|
define personnel insecurities
|
COMSEC info is available to unauthorized persons; intentional/unintentional
|
|
|
define physcal insecurites
|
COMSEC info is available to unathorized persons through loss, theft, capture, recovery, salvage
|
|
|
define cryptographic insecurities
|
crypto info is available to unauthorized persons thru operator error/equipment malfunction
|
|
|
what is the most dangerous security violation
|
undetected/unreported where no action is taken to correct the condition
|
|
|
who establishes the Information Security Program
|
President
|
|
|
when may classified defense info be withheld from US citizens
|
only when necessary in the interest and removed from the info sec program as soon as that protection is no longer required
|
|
|
when i doubt as to whether or not someone is eligible for access to classified info who do you ask
|
supervisor
|
|
|
what does DOD/ISPR 5200.1-R establish?
|
categories of classified items
|
|
|
who is responsible for protecting classified info
|
each person is responsible for whatever he posesses
|
|
|
define official info
|
info owned by, produced by, or controlled by us gov
|
|
|
what are the 2 groups of official info
|
classified/unclassified
|
|
|
3 prerequisites in disseminating classified info
|
need to know
security clearance proper ID |
|
|
what indicated that a person is deemed trustworthy
|
valid security clearance
|
|
|
3 categories of classified info
|
top secret
secret confidential |
|
|
defin top secret
|
exceptionally grave damage
|
|
|
define secret
|
serious damage
|
|
|
define confidential
|
reasonably expected to cause identifiable damage
|
|
|
define unclassified info
|
FOU SBU
|
|
|
what does fouo mean
|
for official use only
|
|
|
explain "possible intelligence value"
|
all info that when associated with other info reveals an insight into operations
|
|
|
who is responsible for derivately classifying information
|
creators and apporvers of these documents
|
|
|
what happens if there is any doubt as to whether material should be classified or not?
|
it is not classified
|
|
|
list three purposes of classifed document marking
|
alerts holders to presence of classified info needing protection
guidance on downgrading/declassification gices info on sources for classification warns holders for special access control safeguarding procedures |
|
|
what are th 3 levels of marking for a classified doc
|
overall
page paragraph |
|
|
how can you tell if a particular paragraph in a document is classified
|
TS S C or U placed in parenthesis right before the beginning of the portion
|
|
|
how is the classification of a document title or subject marked
|
abbreviated and placed immedietly after title or subject
|
|
|
what action should you take if you discover a classified doc is improperly marked?
|
bring it to security manager
|
|
|
state the prime obj of EMSEC
|
ID requirements from the standpoint of IP risk management principles and provide the apporpriate protection at no or least possible cost
|
|
|
what the steps to the emsec process
|
determining the required countermeasures, validating and implementing them and then periodically re-evaluation reassessing these requirements
|
|
|
what determines the need to implement EMSEC countermeasures on a system that processes classified info
|
EMSEC Assessments
|
|
|
what does emsec countermeasure reviews determine
|
the needed control of compromising emanations and coutermeasures for systems that process classified info
|
|
|
who is responsible for applying implementing and maintaining the required countermeasures identified by the EMSEC Countermeasures review
|
the sytem user
|
|
|
what are the types of EMSEC waivers and when are they apporved
|
temporary - user can't apply countermeasure but is allowed while steps are taken to complete the implementation process
permanent - an extremely low volume of classified info is process on the sys. a low level of classification is process. disproportionate costs |
|
|
who may waive specific EMSEC countermeasures and what are the conditions that must be met?
|
CTTA (certified tempest technical authority
low level of processing low level of classification disproportionate costs |
|
|
who establishes AF EMSEC policy and doctrine and is responsible for the EMSEC program
|
AFCIC/SYNI
|
|
|
what MAJCOM is assigned the responsiblity of the Certified TEMPEST Technical Authority?
|
HQ AFCA
|
|
|
who provides testing and a quick reaction capability to support emergency testing of facilities?
|
HQ AIA through the AF Information Warfare Center
|
|
|
When does the wing IP office provide HQ 38 EIW with countermeasure requirements for information systems?
|
before engineering and installation begins
|
|
|
who performs shielding effectiveness testing when requested?
|
HQ AFMC
|
|
|
For what does the AF physical security program provide guidelines
|
How to protect mission-essential resources
|
|
|
how are facilites prioritized under the AF Physical Security Program
|
Categorized according to their security priority ABC
|
|
|
Name 4 security measures commo to most restricted areas
|
warning signs
personnel gain access to area granted in writing personnel are issued badges for ID/Authentication |
|
|
What are the rules for displaying the restricted area badge
|
always dsplay badge while in restricted area
put it away when you leave escorted/signed in when "no badge" requires escort challenge those w/out a badge ina restricted area |
|
|
how is security alerting provided for base facilities
|
through Threatcon changes
|
|
|
what type of security message is sent-up channel and usually causes a THREATCON change?
|
COVERED WAGON
|
|
|
what is the purpose of the RPP (resource protection program)
|
to protect all mission essential/high vlaue resources on the base including arms, ammo, funds, medical facilities
|
|
|
what is a controlled area
|
any building area structure containing AF resources that are lucrative targets for theft compormise or destruction and to which entry must be limited to provide more protection
|
|
|
who si the approval authority for establishing a controlled area
|
installation cc
|
|
|
what are som enty control techniques that may be established by the cc
|
personal recognition
cipher locks badges |
|
|
when would a controlled area warning sign not be posted
|
if the area already has food security circulation/entry control and doesn't need the legal boundary provided by a controlled area designation
|
|
|
why is personal awareness especially important for security of controlled areas
|
without physical barriers, the security depends entirely on the people working in the area
|
|
|
how is sanitized storage media classified
|
end result of sanitization process is media that is no longer classified
|
|
|
what type of software protects classified data by erasing it from the disk so that it is unrecoverable, even with the most sophisticated hardware software recovery techniques
|
WIPEINFO
|
|
|
what action must be done to floppy disks, diskettes and magnetic cards before they are considered sanitized
|
dagaussing
|
|
|
what are the recommended destruction techniques for core memory units
|
pulverising smelting or disintegrating the core arrays
|
|
|
what action does DoD CERT take when a new vulnerability is documented that poses an immediate potentially severy threat to DoD systems
|
1st tier notification (IAVA) disseminated and requires military services and defense agency POCs to report both receipt of the alert and the compliance with the corrective action
|
|
|
within how many days must a unit comply with disseminated IAVAs
|
30days for reporting compliance
|
|
|
who conducts operations involving intrusion detection, incident response, computer security information assistance and vulnerablity assessmnet of AF automated info systems?
|
AFCERT
|
|
|
What types of TCNOs id vulnerabilties not yet being widely exploited in the commmercial world or which have not been extensively targeted against DoD networks
|
Urgent TCNOs
|
|
|
who initiates the notification of a TCNO at base level
|
NCC
|
|
|
what feature of DMS allows the individual components to be remotely managed
|
service management capability
|
|
|
what does writer-to-reader messaging mean
|
you eliminate the middle-man
|
|
|
on what two operating systems does DMS work
|
NT and UNIX
|
|
|
what standards does DMS utilize to ensure application interoperability
|
x.400 x.500
|
|
|
what is the max number of users for each fortezza card
|
27
|
|
|
what is the first step in the process that ensures what we do on our networks stays on our network and isn't readily available for anyone to access or intercept whenever they would choose to do so?
|
risk analysis
|
|
|
define risk analysis
|
process of analyzing threats agians and the vulnerabilities of an info system to determin the risks also includes using the analysis as a basis for identifying appropriate and cost effective countermeasures
|
|
|
list the 4 phases of DITSCAP
|
definition
verification validation post acceditation |
|
|
who provides the CA with the guidelines used to classify or to determine the sensitivity of their data
|
responsible data sources
|
|
|
how long can an AIS operate on the original certification/accreditation with no changes to the baseline before it must be re-registerd/re-accredited?
|
max 3 years
|
|
|
define authentication
|
a measure used to verify the eligibility of a subject and the ability of the subject to access certain information
|
|
|
what identifies a specific user on the system being accessed
|
user ID
|
|
|
how do we categorize passwords
|
something you know
|
|
|
what is the makeup of a valid user ID
|
8 alphanumeric characters etc
|
|
|
what is the name of the AF initiative that defines and drives network information security
|
barrier reef
|
|
|
what is the basic stance of the network security policy
|
allow only authorized (required) mission traffic and deny everything else
|
|
|
what service provides the ability to coordinate communications between network systems such as system backups to a centralized backup device and allows for accurate logging of user access
|
accurate time (netwrok time sourcing)
|
|
|
what is the most common form of a proxy for common services
|
WWW
|
|
|
list 6 actions for which information protection tools are used
|
boundary proctection
viral protection configuration inspection network mapping remote patching vulnerability testing |
|
|
what do we call the practice of encapsulating a message that would be rejected by the firewall inside a second message that will pass through the firewall
|
tunneling
|
|
|
what does a firewall consist of
|
one of more routers and host machines with filtering software containing a series of rules that accept/reject packets of info/connection types/app specific comm attempting to cross it
|
|
|
what is the simplest and least expensive type of firewall and what is its purpose
|
packet filtering firewall -- accepts/rejects a message based on info in the header:
source address, destination addresss and the port |
|
|
what type of firewall is used to separate secure sites networks or network segments from less secure areas
|
bastion host
|
|
|
how can a network manager quickly see any major changes on the network configuration or netowrk status?
|
comparing snapshots and current maps of the network
|
|
|
what does the "network activity:interface statistics" menu provide to the network manager?
|
lists the interfaces on selected devices, provides data on incoming/outgoing SNMP traffic and any associated errors, lists the status of the interfaces
|
|
|
what protocol must network nodes support to allow HP OpenView to monitor them
|
SNMP
|
|
|
what typ of info do we gather from a monitored inerface by using HP OpenView
|
packets recieved, errors received, packets transmitted, errors transmitted
|
|
|
what menu option is used as a history of requested info for the defined graph
|
messages option
|
|
|
what info does HP OpenView provide for TCP connections on selected nodes
|
local address
remote address state |
|
|
what is the min amount of time to acquire network info to establish a performance baseline
|
24 hrs
|
|
|
what parameters does a standard network analyzer automatically track
|
average, current, max of both percentage of bandwidth used and frames per second. The percent of each protocal seen in the traffic. total # of frames and the # of frames that are short or have bad CRCs
total # of data frame collisions |
|
|
what are the primary capabilites provided by a protocol analyzer?
|
digital network diagnostics and software development
|
|
|
what is the difference between a protocol analyzer NIC and other NICs
|
the NIC in a protocol analyzer is configured to process all frames
|
|
|
what function of the protocol analyzer excludes specific types of frames?
|
the capture filters option
|
|
|
list 4 types of specific occurences that can be displayed by counters
|
packets transmitted, CRC errors, undersize packets, oversize packets, ARP requests, data fram collisions, and bit errors
|
|
|
what menu is best used to report errors that occur at the physical layer such as bad FCS, short frames, and jabbers?
|
MAC node statistics
|
|
|
What kind of info does the connection statistics menu provide
|
info with bandwith utiliaztion and # of connections related to nodes
|
|
|
what are the 3 types of active tests that are conducted with a protocol analyzer?
|
Ping
Trace Route Traffic Generator |
|
|
what are 4 categories of WIN NT adminsrtation policies
|
account policies
user rights policies audit policies system policies |
|
|
what does account policies allow adms to do
|
control max length of time before users are forced to change passwords
control min password length, account lockouts, and # failed login attempts before account lockout control min length of lockout duration |
|
|
what can the user rights policies be set-up to track
|
both successful and failed events
|
|
|
what is a combo fo user and computer settings that control a user's working environ
|
system policy
|
|
|
what does and admin select to creat a new user account
|
user manager for domains\user\new user
|
|
|
how is the naming convention the AF uses for user accounts set up
|
last name, first initial
|
|
|
at what point in time must a user creat a unique password for the first time
|
user must change password at next logon
|
|
|
what is an extension of the local disk space from the user's computer
|
home directory
|
|
|
what allows the user to have the same setting regardless of which computer they log onto within the domain?
|
profile stored on server
|
|
|
how can admins apply permissions to a large number of users simultaneously rather than having to assign permissions to individual users
|
using groups
|
|
|
why do we use global groups to organzie user accounts
|
for domain wide assignment of permissions
|
|
|
name the 3 built-in groups created by the WINNT server OS installed ona computer that is the PDC
|
domain admins
domain users domain guests |
|
|
explain the difference between user rights and permissions
|
rights - customizable powers granted to tusers\groups to control the specific activites ona computer\apply to system a s a whole rather than specific objects
Permissions - apply to specific resources such as files, directories, printers |
|
|
define permissions
|
define the rules by which operations can be performed on a particular resource
|
|
|
between the read and change permissions, which one is the most restrictive
|
READ
|
|
|
what permissions always overrides all other permissions
|
no access
|
|
|
what group is automatically assigned full control permission to a volume when it is formatted with NTFS
|
Everyone
|
|
|
are there clear-cut instructions to file management
|
no
|
|
|
how can we categorized user's in realtion to file management
|
by job or duty position
|
|
|
how do we determin the max folder size for file server users
|
server technology and size vs # of users and their importance
|
|
|
what is usually the last step in file management
|
archiving
|
|
|
after the power-on-self-test is complete, what is loaded into memory
|
Master Boot Record
|
|
|
what 2 things must the partition boot record accomplish prior to a system load
|
must be able to recognize enough of the file system to find NTLDR
Loads and executes NTLDR |
|
|
what file contains the names and disk locations of the different bootable operating systems
|
boot.ini
|
|
|
what is the function of teh NTOSKRNL.EXE program
|
creates the registry key strings for hardware from the information passed to it by the boot loader
|
|
|
what type of action is a network sign-on sequence
|
query/response
|
|
|
list the 7 steps of highly effective network troubleshooting
|
define the problem
gather facts consider all possible causes create plan of action implement plan observe results problem resolved |
|
|
what is fault detection
|
includes receipt of indicators of system faults, as well as the recognition of abnormal conditions inferred from performance measures. may also be predictive
|
|
|
what should be considered a critical network event
|
failure of a link, the restart of a device, lack of response from a host
|
|
|
what is the action of identifying options for minimizing the effects of predicted or detected faults
|
fault correction
|
|
|
what action checks the conditoin of network nodes
|
status policy
|
|
|
what is a network alarm
|
an indication that a noteworthy event has occurred on the network
|
|
|
how can the help desk detect deveopling trouble and start resolving it before users encounter network failures
|
if NMS is configured to post threshold alrms from mission critical devices
|
|
|
what are the two factors that determin if a map is opened with read/write access or with read-only access
|
only 1 user @ a time can have specific map open w read\write
use file systems to purposely allow only read or Read\Write acess |
|
|
How is the 32-bit value in the FCS field calculated
|
computed as a function of the contents of all the frame's field (source address, destination address, length/type data) except the preample, start of frame delimiter, and FCS
|
|
|
what algorithm is used to detect multiple frames within the same collision domain
|
CSMA/CD algorithm
|
|
|
how are problems that are caused by high network utilization resolved
|
further subdividing the network/eliminating impairements that cause collisions
|
|
|
what is the primary cause of jabbers on a network
|
faulty NICs or transceivers constantly transmitting frames onto the network
|
|
|
what happens when oversize packets are sent across a network
|
discarded, otherwise may cause a node to fail
|
|
|
what is the primary cause of undersize packets
|
software errors generated by incompatible network protocols
|
|
|
what are runts
|
frames smaller than the minimum size the network protocol requires
|
|
|
how will IP fragment a 3,500-byte packet transmission by Ethernet frames
|
3 packets 3 frames
|
|
|
name 2 utilities that can be used to determine around trip delay
|
PING and TRACEROUTE
|
|
|
list the types of errors that are displayed in the line vital statistics table
|
local collisions, remote collisions, late collisions, bad FCS, runts
|
|
|
what can be done to eliminate collision that are the result of too many nodes on the network
|
additional bandwidth/network must be further subdivided
|
|
|
Ideally what should the average network utilization value be?
|
less than 30%
|
|
|
Ideally what should the maximum network utilization be?
|
less than 70%
|
|
|
what is a good indication that there are jabbers on the network
|
Collisions increase
|
|
|
after running a PING test, what information is shown int he display window
|
RASP#
Delay Result each response is numbered and the target nodes network and MAC node addresses are displayed |
|
|
which protocol analyzer feature identifies errors that are associated with a specific node
|
MAC node statistics feature
|
|
|
what typeof information does the MAC node statistics summary window show
|
current # recorded erros and the average number of errors per second for each MAC node address
|
|
|
What resolves most of the problems we find with a computer
|
diagnostic software
|
|
|
what is usually the first indication that a NIC should be replaced
|
if either a software/hardware loopback fails
|
|
|
what TCP/IP diagnostic tool displays the current configuration of a computer
|
winipcfg for windows
ipconfig for windowsNT |
|
|
if duplicate IP addresses are found, what does the ipconfig utility do for you
|
tells you the MAC address of the other
|
|
|
what is the main difference between the PING and TRACERT commands
|
TRACERT will show the devices it talks to in between your device and the host divice you are trying to contact while ping shows if it connected to distant end
|
|
|
what is the easiest way to check for cmmunications connection problem
|
hardware diagnostics
|
|
|
if the comm lights on a NIC is not on, what is this an indication of
|
no communication handshake
|
|
|
what is one of the most common hardware devices used for troubleshooting
|
loopback plug
|
|
|
what are the four elements of information that COMPUSEC is designed to ensure we have
|
availability
integrity confidentiality accountablitiy |
|
|
what is a COMPUSEC vulnerability
|
anything that causes availabilitiy, intergrity, confidentiality, and accountablitiy to suffer where automated systems are concerned
|
|
|
what are you 2 primary contact points on system security matters
|
NCC or IPO
|
|
|
Describe security vulnerability
|
a wekness in security measures
|
|
|
how can an equipment malfunction casuse a vulnerablility
|
may allow unauthorized access
|
|
|
what can lead to a dire threat to national security
|
inadvertent disclosure of classified info
|
|
|
how do you sanitize a workcenter
|
cover remove classified info from view so that uncleared workers/visitors w/out need to know may enter the area
|
|
|
define computer virus
|
program designed as a joke, prank or vandalism
|
|
|
name 3 types of viruses
|
mild
malignant time bomb |
|
|
what is the solution to a virus
|
program removal tool
delete infected program/replace with clean version |
|
|
what symbols are used to represent numbers in the binary numbering system
|
0 and 1
|
|
|
what radix is used in the binary numbering system
|
base 2
|
|
|
what determines the decimal value of a binary digit in the binary numbering sys
|
the placement of each symbol in the sequence
|
|
|
in the binary numbering sys, what happens to the power of a digit as the exponent increases by 1
|
as the exponent increases by 1 the power doubles
|
|
|
state the advantage of using a correctly constructed PLACE value chart when you work with numbering sys
|
visual representation of each digit of a number and can be used to convert one numbering system to another
|
|
|
when you convert decimal numbers to binary numbers, which binary digit do you identify first?
|
first position
|
|
|
what is the general process used to convert decimal numbers to binary numbers
|
successively divide the decimal number by powers of 2 values until the remainder is reduced to 0 recording the divisor from each step as successive binary digits
|
|
|
during decimal to binary conversion, what symbol is assigned as a binary digit for a power of two that will not divide into the decimal number?
|
placeholder (0)
|
|
|
after you converta decimal number to its binary equivalent, how is the new binary number correctly displayed
|
MSD to far left
LSD to far right successive digits falling between the two and subscript base affixed to LSD |
|
|
convert decimal to binary
5 |
101 sub2
|
|
|
convert decimal to binary17
|
10001 sub 2
|
|
|
convert decimal to binary
40 |
101000 sub 2
|
|
|
convert decimal to binary
68 |
1000100 sub 2
|
|
|
what 2 methods are used to convert binary numbers to decimal numbers
|
powers of two method and using a place value chart method
|
|
|
briefly describe the process for converting binary numbers to decimal numbers using the powers of two method
|
multiply each binary digit by its power of 2 place value decimally add all products and affix decimal radix
|
|
|
convert binary to decimal
10 sub2 |
2 sub 10
|
|
|
convert binary to decimal
011 sub 2 |
3 sub 10
|
|
|
convert binary to decimal
1110 sub 2 |
14 sub 10
|
|
|
convert binary to decimal
10100 sub 2 |
20 sub 10
|
|
|
what does the sum of a column that contains an even number of binary 1s always equal?
|
0
|
|
|
what does the sum of a column that contains an odd number of binary 1s always equal
|
1
|
|
|
describe what takes place during binary addition when two binary 1s are added together
|
value 0 is recorded and binary 1 is carried to the next column
|
|
|
when you perform binary addition with mulitple numbers, which column must you add first
|
right hand, so carries go to next higher column
|
|
|
during binary subtraction, what condition would require you to borrow from the next higher column of numbers
|
borrow from the next higher column anytime you are required to subtract 1 from 0
|
|
|
what is the value of a borrow that is used during binary subtraction
|
= the place value of column it comes from
|
|
|
how many binary digits are required to represent a number as compared to the number of decimal digits it takes to represent that same number
|
3-4 times as many binary digits
|
|
|
how many octal digits are required to represent a number as compared to the number of binary digits it takes to represent that same number
|
1/3 of digits in octal system
|
|
|
is it easier to convert decimal numbers to binary or octal to binary
|
octal to binary
|
|
|
what symbols does the octal numbering system use to represent numbers
|
0,1,2,3,4,5,6,7
|
|
|
what is the base(radix) of the octal numbering system
|
base 8
|
|
|
what determines the value of a single digit in an octal number
|
value of a digit is equal to digit times the power of teh place it occupies
|
|
|
briefly describe the process for converting octal numbers to decimal numbers
|
convert octal digits to powers of 8 expressions, decimally add results, affix decimal subscript radix
|
|
|
convert octal to decimal
73 sub 8 |
3x8power0=3
7x8power1=56 59 sub 10 |
|
|
460 sub 8
|
6x8power1=48
4x8power2=256 304 sub 10 |
|
|
what are some drawbacks to ICMP pinging as a network management tool
|
unreliable delivery of packets - needs for polling -- limited information derived from responses
|
|
|
what is MIB
|
hierarchical, structured format that defines the network management information available from network devices
|
|
|
what are the 2 parts of teh labeled node
|
object identifier
short text description |
|
|
what are the 2 nodes that make up the MIB tree
|
depicts labeled nodes and leaf objects
|
|
|
what are some examples of nodes that SNMP can support
|
workstation, client, network user, personal computer, server, printer, or other devices attached to a data network
|
|
|
into what 2 categories can SNMP fall
|
managers
agents |
|
|
managers
|
a computer used to run one or more NMS applications
|
|
|
agents
|
monitors, collects, reports management data to management system
|
|
|
what does the Get operation do
|
asks for a specific piece of information the operation retrieves the value of one instance of management information
|
|
|
what does the Set operation do
|
modifies the value of one or more instances of management information
|
|
|
what is a trap
|
an unsolicited message from an agent to the manager and therefore does not have a corresponding request message
|
|
|
what are community names
|
each SNMP community is a group that contains at least one agent and one management system. the logical name assigned to such a group we call the community name
|
|
|
what are the 2 types of community names
|
Read
Write |
|
|
what are the 5 area that must be considered and decided upon during network installation planning
|
file system, licensing mode, role in the domain, protocols to activate, and services
|
|
|
what are the two licensing schemes used with MS WINNT Server 4.0
|
Per Server
Per Seat |
|
|
what device authenticates logons for clients by validating the supplied user name and password in the account database
|
PDC
|
|
|
what protocol is typically used in small LAN implementations of 50 nodes or less
|
NETBIOS extended user interface
|
|
|
what is the most common method for loading WIN NT 4.0 on a stand-alone server or small domains set up with a min number of servers
|
from CD
|
|
|
what is network management
|
process of using hard/software by trained personnel ot monitor the status of network components and line facilites question end-user and carrier personnel and implement/recommend actions to alleviate outages and/or improve communications performance as well as conduct administrative tasks associated with the operation of the network.
|
|
|
what is a network management server
|
a bundle of apps designed to sig improve network efficiency and productivity
specifically runs simple network management protocol (SNMP) based management apps |
|
|
where should the network management server be located
|
placed in a controlled area
on a subnet that is separate from teh busy user subnets but where it still has access to the information produced by the managed devices on those subnets |
|
|
what are the three most common network management architectures?
|
centralized, hierarchical, distributed
|
|
|
what are the 4 levels of activities that one should understand before applying management to specific services or devices
|
inactive
reactive interactive proactive |
|
|
what is config man
|
process of obtaining data from the network and using that data to manage the setup of all managed devices
|
|
|
what are the 2 features built into an NMS that alleviate manually configuring a network's devices?
|
automatic discovery
auto mapping features |
|
|
briefly describe performance management
|
consists of the facilities needed to evaluate the behavior of network objects and the effectiveness of communications activities
|
|
|
list the steps that you must take to provide accurate performance management
|
1. gather statistical info
2. maintain/examine logs of sys state 3. determine sys performance under natural/artificial conditions 4. alter sys modes of operation for the purpose of conducting performance management |
|
|
what are the 2 functional categories of performance management?
|
monitoring
tuning |
|
|
what is security management
|
encompasses protecting sensitive info on devices attached to a data network by controlling access points to that info
|
|
|
what are the 2 subsections of security management
|
network security
network management |
|
|
what is fault management
|
process of i.d.ing, locating, correcting network problems
|
|
|
what is the diff between a fault and an error
|
faults are abnormal conditions requiring NCC personnel to take actions to correct/repair
Errors arise on a normal functioning network and do not necessarily require attention |
|
|
define a network OS
|
OS that manages network resources and allows those resources to be shared across the net
|
|
|
what type of network server configurations do we install network operating systems on
|
client server and peer-to-peer
|
|
|
what is the major concern that must be considered prior to attempting to install a NOS
|
hardware/software compatibility
|
|
|
what do we call a logical grouping of user accounts, user groups, servers, workstations, and printers
|
domains
|
|
|
what do we call the central repository for the entire soft/hardware configuration settings within a computer running the WINNT OS
|
the registry
|
|
|
what are the 2 tools available that are utilized to access the registry
|
regedit
regedt32 |
|
|
why is it important to constantly monitor a NOS installation or SP upgrade
|
many errors during installation have patches already published by the manufacturer that are free and will fix them
|
|
|
why is monitoring your network system performance so important
|
provides the info needed to ensure that the network is running and its optimization and that the network will stay operational
|
|
|
define performance management
|
refers to how well the network serves its users
|
|
|
what is a baseline and what is it used for
|
baseline- developed from collected data
used asa starting point |
|
|
list the steps in the baselining process
|
data is collected
a report is generated results interpreted |
|
|
what are the 3 general rules used in interpreting the results of baselining data?
|
look for abnormalities
look for changes learn what is normal for your network over time |
|
|
what is the diff between baselining and benchmarking?
|
baselining- is a set of stats made over time
benchmarking- process for evaluating apps/network component performance |
|
|
why is network availability the most significant baseline statistic collected
|
usually the first most recognized problem w/ a network that is experiencing performance problems
|
|
|
what does "error rate" signify on baselining a network
|
sorted by MAC source address can quickly isolate the offending node/nodes in cases of faulty network interface cards
|
|
|
define network response time
|
ammount of time that passes between when a request is issued and when a response to that request is received
|
|
|
how can broadcast traffic be a significant load on network performance
|
consumes transmission bandwitdth and processing time within the receiving devices
|
|
|
what commmunication device converts binary electrical signals into accurate signals for transmission over telephone lines
|
modem
|
|
|
what does the process of modulation do
|
conversion to acoustic form
|
|
|
what is the conversion of analog signals back to binary form known as
|
demodulation
|
|
|
what are Codecs utilized for
|
convert analog signals to digital for transmission on digital lines
|
|
|
name the device that performs protective and diagnostic functions for a telecommunications line
|
channel service unit
|
|
|
what 2 devices does the DSU provide a modem-like interface between
|
the computer as DTE and the CSU
|
|
|
what device acts as a mdia converter and is used when connecting 10Base2 to a device with only 10BaseT connections available
|
CSA
|
|
|
what device is installed in a computer that provides a connection point to a network
|
NICs
|
|
|
what are th3 4 NIC connector interfaces for network cables
|
RJ-45
BNC AUI Fiber |
|
|
which NIC module converts information into a coded data stream
|
encode/decode module
|
|
|
what type of software activates the actual transmission/receipt of data over the netwrok
|
network interface drivers
|
|
|
what device provides a connection for the DTE into a communication network and back again
|
DCE (data terminal equipment)
|
|
|
what layer of the OSI model defines the DTE and DCE interfaces
|
physical
|
|
|
mane the component that serves as a central connecting point and is used to extend the physical media by repeating the signal it receives in one port out to all the other ports indiscriminately
|
hubs
|
|
|
what is an intelligent hub
|
has a special capability for configuration and/or management
|
|
|
what is an active hub
|
serves as a wiring and signal relay center and also cleans and boosts signals
|
|
|
what is a passive hub
|
serves only as a wiring/relay center
|
|
|
what is a collision domain
|
group of devices connected to the same physical media such that if two devices access the media @ the same time, the result is a collision of the 2 signals
|
|
|
what is a broadcast domain
|
group of devices in the network that recieve one another's broadcast messages
|
|
|
all devices connected to a hub share the same media, and consequently what kind of domains
|
collision, broadcast
|
|
|
what is a simple add-on device that works at the physical layer of the OSI model, and helps reduce the problems of attenuation by duplicating the cable's signal
|
repeater
|
|
|
what device works at teh data link layer of the OSI reference model and uses physical addresses to process frames
|
bridges
|
|
|
explain why a bridge is protocol independent
|
since it works at layer 2, it is not concerned with what protocol frames are using
only concerned with the MAC |
|
|
what are the 4 basic functions bridges perform
|
listen
learn filter forward |
|
|
describe the 3 ways in which a bridge can filter
|
drops packets destined for same node on which it was received
bad packets automatically dropped filters packets according to the MAC address |
|
|
what is a bridging loop
|
created when there is more than one path to the destination
|
|
|
what type of bridging is used solely for ethernet environs
|
transparent bridges
|
|
|
what is spanning-tree algorithm and what is accomplished by it
|
mathematical algorithm used to i.d. and correct loop potential port problems
|
|
|
what is a root bridge
|
the bridge in a network with the highest priority (lowest number)
|
|
|
if all bridges have the same priority what is done to determine the root bridge
|
the one wth the lowest MAC address
|
|
|
this device allows a connection to be established as necessary and terminated when there is no longer a need________
|
switch
|
|
|
what do switches utilize to eliminate logical loops
|
spanning tree algorithm
|
|
|
what is the one big difference between a bridge and a switch
|
switches are hardware based
|
|
|
at which layers of the OSI model do switches work
|
data link
network |
|
|
compare and contrast layer 2 and layer 3 switches
|
layer 2 - makes switching decisions based solely upon MAC address
Layer 3 - once it forwards a frame it caches the MAC and IP address of the destination |
|
|
describe the 3 types of data switching
|
cut through
store and forward fragment |
|
|
what is a virtual LAN
|
logical grouping of end stations, independent of physical locations, witha common set of requirements
|
|
|
describe the 3 types of VLANS
|
port grouping - most common; involves grouping ports on a switch, exclusive to other ports
MAC - layer grouping - definged by assigning |
|
|
what devices work at the network layer and can interconnect networks that use different technologies, including defferent media, physical addressing schemes, or frames formats?
|
routers
|
|
|
explain why routers are protocol dependent
|
they can only process packets that adhere to the protocolfamily that supports it
|
|
|
what is an internetwork?
|
series of related netwoks connected via a WAN or via a series of interconnected WANs
|
|
|
what is a subnet
|
a constituent network of the internetwork
|
|
|
how do routers discover the existence of other networks
|
admins can manually enter info or routers can utilize protocols that allow routers to exchange info about their attached networks
|
|
|
what is a hop count
|
a hop is a transmission between 2 routers
hop count is the total # of hops |
|
|
describe the 2 functions of a router
|
path determination
switching |
|
|
which routing protocol allows router to share their entire or a portion of their Routing table with only their immediate neighbors
|
distance vectoring
|
|
|
with what type of routing method do routers share the existence of and state of their links thereby providing each router within the area constructs a complete picture of the entire network
|
link state
|
|
|
what are routing metrics
|
numbers associated with a path
|
|
|
what is the infomation-storage component that contains a backup copy of teh configuration
|
NVRAM
|
|
|
what do we call the network connections through which network traffic enters and exits a router
|
interfaces
|
|
|
what are the console and auxiliary ports used for
|
used to attach the internetworking device to a terminal
a pc running terminal-emulation software, or a modem, allowing config commands to be entered |
|
|
what type of command is the IP address command
|
interface command
|
|
|
what EXEC commands allow you to connect to remote devices, change terminal settings on a temporary basis, perform basic tests, and list sys info?
|
user EXEC commands
|
|
|
what User Exec mode command is typed at the command prompt to enter privileged EXEC mode
|
enable
|
|
|
name the four types of a router that can be configured
|
auxiliary
console port Tty ports virtual terminal line |
|
|
what character is used to syntax help for info on config commands
|
?
|
|
|
why is it important to set the system clock on routers
|
so error messages wil have accurate time stamps
|
|
|
how do access control lists filter network traffic
|
controll whether routed packets are forwarded/blocked at a routers interface
|
|
|
what are the 2 steps in implementing router access control lists
|
to create an access list of definitions
to group the access list to a routing interface |
|
|
list 3 rules you must follow in developing and applying access control lists to routers
|
1. routers apply lists sequentially in the order in which you type them into the router
2. routers apply lists to packets sequentially 3. packets are processed only until a match is made and then they are acted upon based on the access list entries contained in AL statements |
|
|
why are wildcard masks one of the most important concepts in IP access lists
|
routers use them to determine which bits in an address will be significant
|
|
|
what does an extended IP access list use to determine how it filters transmissions
|
IP Addresses, destination IP address, protocol type, applicaiton port number
|
|
|
what is the show interface or show IP interface command used to verify
|
used to verify that an access list has been successfully applied to an interface
|
|
|
what term may refer to both hard/software or just the software that performs services to network users
|
server
|
|
|
what type of server is a computer attached to a network that runs a client/server database management system
|
database server
|
|
|
what server stores the programs and data files shared by users
|
file server
|
|
|
which server provides access to modems or other facilities that provide network capabilites
|
communications server
|
|
|
what type of server links domain names to IP addresses
|
DNS server
|
|
|
what is a proxy server
|
breaks the connection between sender/receiver and acts as an intermediary
|
|
|
what type of server uses name resolution software from MicroSoft and converts NETBIOS names to IP addresses
|
Windows Internet Naming Service
|
|
|
What is a DHCP server
|
designed to help reduce configuration time for TCP/IP networks by automatically assinging IP addresses
|
|
|
what type of server is a bundle of application software designed to significantly improve network efficiency and productivity
|
network management system server
|
|
|
what is a major portion of a COMSEC manager's job
|
training individuals who are responsible for COMSEC programs in their units
|
|
|
list 4 types of publications that are used in COMSEC operations
|
AFPD
AFMAN AFI AFSSI AFSSM AFKAGS\AFSALS\AFKAMS |
|
|
who is responsible for the production and management of cryptographic material within the US govt
|
DIRNSA (director national security agency)
|
|
|
who appoints a COMSEC manager
|
wing and installation CCs
|
|
|
who is responsible for achieving an installation's secure communications posture
|
COMSEC Manager
|
|
|
list the 2 main points to remember about security containers
|
combo=same classification of material contained
never store valuables w/COMSEC material |
|
|
what does a controlling authority do
|
oversees and manages the operational use/control of COMSEC material
|
|
|
which type of COMSEC material requires the most strenuous accounting practices
|
ALC-1
|
|
|
what are the 3 forms which a COMSEC manager must prepare each month
|
SF701
SF702 AF Form 1109 |
|
|
for what is the AF form 1109, visitor register, used?
|
record access to COMSEC material by persons not on authorized access list
|
|
|
why do we establish access lists
|
to designate those individuals who require frequent access to COMSEC material
list grants a person's right and need to access |
|
|
when must you change security container combinations
|
-when placed in/out of service
-when an individual is no longer authorized access -annually -found open but certified to have been locked -following repairs -possible combo compromise |
|
|
when is a daily security check required on COMSEC material? why required?
|
FILL OUT SF701 -- required at end of each workday/shift to ensure all classified COMSEC is properly stored and safeguarded
|
|
|
what is the purpose of an access list
|
establishes person's right and need to know
|
|
|
what form is normally used to record daily, shift, or other local inventories of COMSEC material
|
AFCOMSEC Form 16
|
|
|
List the inventory requirement for each category of accounting legend code material
|
ALC-1 control number and quantity
ALC-2 quantity ALC-4 not required |
|
|
what is te preferred method of listing material on the AFCOMSEC form 16
|
arranged alphabetically by short title, then numerically, showing edition, quantity, and accounting control number
|
|
|
when must you reconcile any discrepancies noted while conducting the inventory of COMSEC material
|
immediately
|
|
|
what is a COMSEC user
|
any individual required to use/safeguard COMSEC material and/oraide in the performance of official duties
|
|
|
define cCOMSEC aides
|
term used when referring to specific COMSEC material other than equipment (keying material, codes, call signs, authentication sys)
|
|
|
where are requests for COMSEC equipment processed through
|
SBSS (standard base supply system)
after coordination w/ COMSEC manager |
|
|
list the diff databases used to track each COMSEC responsible officer account
|
CM2 (COMSEC Management)
|
|
|
what are 2 ways you can receive classified COMSEC material
|
DCS (defense courrier service)
AFEKMS (AF Electronic Key Management System) |
|
|
If there is a discrepancey in the classification marking or recieved COMSEC material, what do you do
|
send a message to the originator, keep the wrappers and await disposition instructions
|
|
|
at a min, what is the ditribution of transfer report copies for received COMSEC material
|
return one copy to CPSG, one to sender, one to MAJCOM, put one in folder of COMSEC account file book
|
|
|
how do you determine which COMSEC material to issue to each CRO account
|
CM2 holds the requirements info by CRO and provides the exact material due each user account
|
|
|
what form is used as a hean receipt when issuing COMSEC aids to a CRO
|
SF153
|
|
|
prior to the user being authorized to pick up COMSEC material, on what topics must the COMSEC account manager train the CRO
|
-individual responsibilities to proved adequate storage facilities fo the material
-continuous safeguarding -proper destruction -administrative procedures -immediate reporting of all COMSEC incidents to the COMSEC manager |
|
|
when may hand receipts for COMSEC issued material be destroyed
|
when a properly executed destruction certificate is received from the CRO or the material is returned to the COMSEC account
|
|
|
when transferring or shipping COMSEC material, the COMSEC account manager is responsible for what 4 duties
|
-obtain approval for transfer
-ensure COMSEC aids are prepped for shipment -ensure only authorized means of shipment are used -submitting accounting/transfer reports |
|
|
From whom does a COMSEC account manager get approval for transfer of material
|
approved from controlling authority, WSA, CPSG
|
|
|
what form is normally used as a transfer report of COMSEC material
|
SF153 COMSEC Material Report
|
|
|
what does the voucher number on the SF153 consist of
|
last 2 digits of current year, a dash, next unused consecutive# starting @001
|
|
|
who originates dissemination messages for COMSEC material
|
CPSG
|
|
|
what should the COMSEC manager do if a CRO does not respond in picking up a dissemination message
|
inform the individual's CC ASAP create MFR
|
|
|
if the user fails to respond in a reasonable amount of time, how can this affect the mission
|
mission and critical comm could be affected
the longer a compromised system is used-the greater the danger for security damage |
|
|
why is the COMSEC manager required to conduct an inventory of the accounts total holdings
|
to ensure proper accountability of COMSEC material between the COMSEC account and the Central Office of Record at the Cryptological Support Group (CPSG)
|
|
|
which COMSEC items require a semiannual inventory
|
ALC-1
ALC-2 |
|
|
what does the COMSEC manager do if it is physically impossible to conduct an inventory of a user due to distance
|
ask user to verify its holdings
|
|
|
list the distribution for the semiannual inventory report
|
send original copy to CPSG. Copy 2 will be sent to your MAJCOM, 3d is filed in the account record file
|
|
|
define incident
|
uninvestigated/unevaluated occurences that potentially jeopardize security of COMSEC material/transmission or any investigated/evaluated occurence that has been determined as not jeopardizing COMSEC security
|
|
|
define insecurity
|
an investigated/evaluated INCIDENT that has been determined as jeopardizing COMSEC security
|
|
|
list the 3 types of incidents a COMSEC manager must report
|
Physical - loss of control/theft/capture
Personnel - capture/attempted recruitment by hostile entities Cryptographic - equip malfunctions/operator error |
|
|
after being advised of an incident, what is a commander's important responsibility
|
required to appoint an inquiry or investigating officer
|
|
|
when is an amplifying report submitted
|
whenever new and/or significant information concerning a reported incident is discovered
|
|
|
who can issue the incident a case number and determin when to close the case
|
only AFCA
|
|
|
who is responsible for preparing the EAP for the protection, security, or destruction of COMSEC material in case of an emergency
|
COMSEC manager
|
|
|
describe the 2 categories of emergency situations
|
accidental: crashes, natural disasters
hostile actions: intentional enemy attack, civil disturbance |
|
|
what are the basic elements of an EAP
|
classification of material held
names and addresses of POC assignment of definite responsibilities authorization to implement plan training on the plan location of material by storage container prioritization of material to be destroyed |
|
|
which units must have both emergency and precautionary destruction plans
|
units stationed overseas
those subject to deployment overseas |
|
|
name the three options available in planning for emergency destruction of material
|
secure the material
remove it from the scene of emergency destroy it |
|
|
what directives are CROs required to follow in administering their COMSEC accounts
|
AF and local directives you as a COMSEC manager publish
|
|
|
what AF Form is used to conduct CRO inspections
|
AF Form 4160, AF Information Assurance and Assessment Program Criteria Inspection Checklist
|
|
|
who must coordinate on CRO COMSEC Operating Instructions
|
base COMSEC manager
|
|
|
AFCOMSEC Form 16 inventories must directly correlate with what docs
|
destruction
SF 153 transfer certificates |
|
|
for how long are AFCOMSEC forms 16 kept and where are they filed
|
6mo
CRO 6-part folder |
|
|
what must personnel working in TPI positions be able to detect
|
incorrect/unauthorized security procedures concerning the task being performed
|
|
|
define TPI
|
system of storage and handling designed to prohibit individual access to certain COMSEC keying material
|
|
|
what type of locking device is used in TPI
|
dual combination x-07 electronic lock
|
|
|
define TPC
|
continuous surveillance and control of nuclear COMSEC material and equipment always by a minimum of 2 authorized individuals
|
|
|
what program must an individual ce cleared through prior to assuming TPC duty
|
PRP (personnel reliability program)
|
|
|
who is the approval authority for PRP clearances
|
CC
|
|
|
who is usually the TPC team chief
|
Base COMSEC Manager (MSgt and above)
|
|
|
what does PKI provide to users of insecure public networks to securely and privately exchange data through the use of a public and a private cryptographic key pairs obtained and shared through a trusted authority
|
a digital certificate
|
|
|
PKI assumes the use of what type of key cryptography
|
public key cryptography
|
|
|
when can PKI messages easily be decrypted
|
when key is intercepted/discovered by someone other than the trusted parties
|
|
|
how does PKI provide support to security of info technology apps and electronic transactions
|
PKI provides privacy, access control, intergrity, authentication, and nonrepudiation support
|
|
|
2 categories exist for performing the transformaion of text to gibberish and back; what are they
|
symmetric ciphers
asymmetric ciphers |
|
|
what is the transformation from original text into gibberish called
|
encryption
|
|
|
what is the transformation back to original text called
|
decryption
|
|
|
once encrypted, what is the message called
|
cipher text
|
|
|
in the public/private key pair how can one of the keys be made publicly available without reducing security
|
knowing one does not allow reception or computation of the other
|
|
|
what is the key not publicly revealed called
|
private key
|
|
|
what type of relationship exists between keys in a pair of a public-key cipher
|
mathematical- may rely on info know only to the creator of the key pair
|
|
|
what common mechanism is used to independently verify public-key information
|
public key certificate
|
|
|
what mechanism uniquely and explicitly ties data to the originator
|
private key known only to originator
|
|
|
what changes the arbitrary size of data to a fixed-size input and computes a fixed-sixe output
|
a cryptographic has function
|
|
|
what is the 2step process in the signing operation
|
signer hashes the data to a fixed size value
signer subjects this value to a private key operation |
|
|
what is the 2step process for verification
|
verifier hashes the data to a fixed size value
verifier examines this value, the transmitted signature, or the signing entities public key. if sign. matches the key and hash value |
|
|
a digital signature provides what 2 things
|
data origin authentication
data integrity |
|
|
what algorithm security is based on the difficulty of factoring very large integers
|
RSA (Rivest-Shamir-Adelman)
|
|
|
what hash algorithm was designed specifically for use with the DSA
|
the secure hash algorithm (SHA-1)
|
|
|
certificates issued to CAs and RAs using DN form, are issued at what CLASS
|
CLASS 4
|
|
|
when users generate keys, what are they required to prove possession of?
|
the private key that corresponds to the public key in the request
|
|
|
public-key certificates are issued to whom
|
individuals whenever possible
|
|
|
local organizations are reponsible for maintaining what type of lists
|
organiztional certificate users
|
|
|
what is the basis of establishing identity for CLASS 2 certificates
|
through an association with a service, agencies, or other component of the DoD
|
|
|
who certifies the key pair/identity binding by digitally signing a data structure that contains some representation of the identitiy and a corresponding public key?
|
certifiaction authorities in PKI terminology
|
|
|
where do users fo to ensure certificate to user verification
|
certification repositores
|
|
|
why does the AF periodically update key certificates
|
to limit the amount of information encrypted by a single key to a set amount
|
|
|
why is Key History an important feature of PKI
|
it is required to identify old certificates that were used, to allow access to data encrypted with the old key
|
|
|
what device is the DOD PKIs current high assurance mechanism
|
the Fortezza card (level 2 compliant crypto module)
|
|
|
with what AF program are Fortezza cards associated
|
DMS
|
|
|
what directory system are users certificates posted to
|
x.500 directory system
|
|
|
what do compromised key lists (CKL) identify
|
certificates that represent a potential security risk
|
|
|
who is the final authority on all aspects of communications and information systems in the AF and where are they located
|
HQ USAF/SC
|
|
|
what organization should be contacted to resolve operational issues on computer systems
|
HQ USAF/SCMOS
|
|
|
by whom was the AF computer system management working group established
|
HQ USAF/SCMOS
|
|
|
what action provides an improved crossfeed of information and feedback from the field necessary to make informed decisions about CSM policy and procedures
|
broad representation of CSM function
|
|
|
who determines reporting procedures of tenant units
|
MAJCOM equipment control officers
|
|
|
who may approve a one-grade reduction of the required rank of the base equipment control officer
|
installation CCs
|
|
|
what does the communications and information systems requirements process enable requesting organiztions to do
|
obtain new communications and information capabilities, with the assistance of the CSO
|
|
|
what process can be used to document communications and information systems sustainment requirements
|
the communication and information systems requirement process
|
|
|
after what does requirements processing begin
|
after a need is identified
|
|
|
what is the primary means for base-level users to request CIS facilities, equipment, or services
|
IT/NSS
|
|
|
is "quality of life" an appropriate justification for an IT/NSS submission
|
Yes - usually in conjuction with others
|
|
|
list the steps in the requirements process
|
1. i.d.ing CIS requirements
2. developing a certified technical solution 3. Allocating resources 4. implementing the requirement |
|
|
when can requirements come from the opportunity to modernize an existing system with improved technology
|
only when operationally and economically practical
|
|
|
what AFI links Information Technology investments to mission essential task improvements
|
AFI 33-103
|
|
|
a requirement neeeding both the 38th EIG and SSG assistance should be sent to whom for coordination between the two organiztions
|
STEM-B
|
|
|
what higher authorities can downward direct a program or project
|
OSD - office of the secretary of defense
JCS - Joint Chiefs of Staff SAF - Secretary of the AF HQ USAF - Headquarters |
|
|
where are Allowance Standards found
|
AFEMS - AF equipment management system
|
|
|
what is a generic, non-system specific requirements' document called
|
MNS - mission needs statement
|
|
|
what AFI provides guidance on how to prepare an AF Form 1067
|
AFI 63-1101 modification management
|
|
|
what report summarizes the results of cost and performance analyses of various alternatives that may meet the identified need
|
COEA - cost and operational effectiveness analysis
|
|
|
what documents how the system will be operated, deployed, employed, and supported by describing system-specific characteristics, capabilities, and other related operational variables
|
operational requirements document
|
|
|
where does the computer systems management come from
|
the base ECO (equipment control officer)
|
|
|
what does the CSM equipment custodian inventory list
|
reflects all equipment accountable under the EC account
|
|
|
when does the CSM accountablility document become official
|
once signed
|
|
|
what is attached to each piece of equip listed ont he EC inventory
|
CSM identification label
|
|
|
why is correct utilization of equipment difficult to ensure for PCs
|
because users have so many different jobs
|
|
|
what actions ensure the euipment you purchase accomplishes the mission in exactly the manner you anticipated
|
research, planning prior to submitting a requirement
|
|
|
what changes to equipment and software are considered when scheduling downtime of network servers
|
maintenance, upgrade hardware/software
minor/major reconfiguration |
|
|
what is a software license
|
legal agreement between the user/manufacturer that defines what the user can/cannot do with the software
|
|
|
what document represents legal proof of ownership of the software
|
invoice/license certificate
|
|
|
what do license management actions ensure
|
that COTS is correctly utilized
|
|
|
what is the most common reason for installing new software
|
upgrade software people are already using
|
|
|
name the 3 lower layers of the OSI model
|
physical, data link, network
|
|
|
describe the physical layer
|
hardware, cables, NIC
|
|
|
name 3 of the functions of the data link layer
|
1. defines initializtions and finalization procedures
2. decides who talks and listens 3. ensures error free data transmission |
|
|
which layer provides a routing path through a network by which users can communicate
|
network layer
|
|
|
the X.25 standard is designed for what kind of switching technique
|
packet switching
|
|
|
name the four upper layers of the OSI model
|
transport
session presentation application |
|
|
what is one of the main functions of the transport layer
|
error recognition
detect and correct errors as well as id packets sent in incorrect order |
|
|
with wich layer do users directly communicate
|
session layer
|
|
|
define checkpointing
|
periodically inserting points into the data from which any recovery necessary can be started
|
|
|
with what is the presentation layer of the OSI model concerned?
|
Layer 6. network security, file transfers and formatting functions
|
|
|
what are some of the things you may find at the applicaiton layer level
|
database management (programs, electronic mail, file-server, print-server programs, command and response language of the OS)
|
|
|
why did the IEEE committees develop more than one standard
|
sometimes protocols do not cover all possible situations that can come up while designing and operating networks
|
|
|
upon what area are the IEEE 802 standards based
|
first 3 layers of the OSI model
|
|
|
what topology is used by the IEEE 802.3 standard
|
bus and carrier sense mulit-access with collision detection
|
|
|
what protocol is used by the IEEE 802.3 standard to avoid collisions
|
CSM/CD
|
|
|
what topology is used by the IEE 802.4 standard
|
bus; token passing to access the network and either CATV or Fiber
|
|
|
it a token bus workstation needs to use the network more frequently than others, how is this accomplished
|
can be listed several times in the network table of addresses so it will receive the token more often
|
|
|
define a "solicit successor" frame ina token bus network
|
this frame sends a general request thru the network asking any station that wants to send a message to respond in order to receive the token
|
|
|
what topology is used by the IEEE 802.5 standard
|
ring topology and token passing to access the network
|
|
|
in a token ring network, what can be used to keep the token moving past inactive stations
|
hardware; wire centers
|
|
|
what is a major advantage of a token ring network?
|
cover a great distance since signal is repeated by each workstation
|
|
|
describe the relevance of TCP/IP to LANs
|
it is a datagram-based protocol well suited to LAN access methods
popular within the UNIX community, giving it a large user base |
|
|
what protocol is used for error reporting with IP
|
ICMP
|
|
|
in practice, what is TCP linked to
|
invariably to IP
|
|
|
what is one of the main aims of teh network file system
|
present the remote files to a program running on a workstation as if they were local to that workstation
|
|
|
what is layering int he protocol stack mean
|
a design approach that specifies different functions/services @ levels in protocol stack
|
|
|
each layer ina protocol stack provides services to what protocol layer
|
the protocol layer above it
|
|
|
what do you call the connection points between layers that are used to send PDUs through
|
service access points
|
|
|
what layer doesn't add PCI information to the protocol data unit
|
application layer
|
|
|
how many service access points are there in the OSI reference model
|
65,536
|
|
|
when is the PDU finally referred to as a frame
|
when the LLC PDU arrives at the MAC sublayer, a trailer is added then it is referred to as a frame
|
|
|
where are the results of all error detection methods placed
|
trailer of the frame
|
|
|
what form of error detection uses bytes rather than bits to detect errors
|
checksums
|
|
|
what is used on a physically connected network to identify network nodes
|
MAC addresses to ID network nodes
|
|
|
what is the numbering system that computers use to represent data
|
binary
|
|
|
within IP addressing, how many bits are used and how are they broken down
|
32 bit IP address broken into 4 sets of 8 bits (octets)
|
|
|
provide the decimal value of each position
0 0 0 0 0 0 0 0 |
128 64 32 16 8 4 2 1
|
|
|
how many bits in an IP address are reserved for host bits in a B class network
|
16 host bits
|
|
|
in a class C network, how many IP bits are reserved for the network address
|
21
|
|
|
what are the 3 different and unique fields each IP address is divided into
|
network field
subnet field host field |
|
|
what bits in an IP address are routers mainly concerned with
|
subnet mask
|
|
|
define the internetwork
|
set of subnets connected with routers
|
|
|
what do heterogeneous network environments consist of
|
computer sys from diff vendors that run diff OS adn communication protocols
|
