Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
115 Cards in this Set
- Front
- Back
A strategy to defend our systems against any method of attacks, enhance measures to detect and respond to those attacks.
|
Defense in Depth
|
|
Defense in Depth is conceived by for achieving
|
NSA; IA
|
|
Five classes of attacks:
|
Passive, Active, Close-in, Inside, Distribution
|
|
Includes traffic analysis, monitoring of unprotected communications, decrypting weakly encrypted traffic, and capture of authentication information.
|
Passive attack
|
|
Includes attempts to circumvent or break protection features, introduce malicious code of steal or modify information
|
Active
|
|
Consists of a regular type individuals attaining close physical proximity to networks, systems of facilities for the purpose of modifying, gathering, or denying access to information
|
Close-in
|
|
Intentionally eavesdrop, steal or damage information, use information in a fraudulent manner, or deny access to other authorized users or carelessness, lack of knowledge or intentional circumvention of security for such reasons as "getting the job done"
|
Insider
|
|
Focus on the malicious modification of hardware or software at the factory or during distribution
|
Distribution
|
|
Front line of DiD is
|
boundary protection
|
|
The basic -first line method of protecting your network
|
Packet Filtering
|
|
Packet filtering is done by implementing ___ on a router interface
|
Access Control Lists
|
|
Last rule on an ACL is
|
deny all traffic
|
|
Essentially packet filtering routers with added functionality
|
Firewalls
|
|
Include proxy services, content filtering and NAT
|
Firewalls
|
|
Cache web pages for users or provide content filtering
|
Proxy server
|
|
A direct benefit that results from using the proxy service on the firewall
|
Network Address Translation
|
|
Resolves hostnames to their IP address and uses the NSlookup command
|
DNS
|
|
Contains the information for our network
|
Internal DNS
|
|
Contains entries for the systems that can be accessed from the outside
|
External DNS
|
|
Uses sensors to do monitoring and uses the signatures to look for patterns within the packets to determine is anything malicious is occurring
|
IDS
|
|
At ___ in internal control we begin
|
Internal Control
|
|
User that creates the file manages file access
|
File permission
|
|
Pre-define the rights and permissions users have across the network
|
User rights policies
|
|
The method used to ensure network resources are available to users when they need them
|
Access Preservation
|
|
Access Preservation includes ___ to make sure all of your systems are up-to-date with the latest patches and ensureing both users and maintainers are properly trained to minimize any downtime due to human error
|
Preventive Maintenance Inspections
|
|
Four types of authentication factors
|
Knowledge, possession, biometrics, location
|
|
A tool used to obscure the contents of message in order to conceal the message's meaning from those who are not entitled to the information
|
Encryption
|
|
In transit encryption
|
On-line encryption
|
|
Requires data to be encrypted before it is digitally sent and to be decrypted at the receiving end.
|
Off-line encyption
|
|
A credit card size cryptography device designed to plug into a standard interface supported by desktop and portable computer systems
|
Fortezza crypto cards
|
|
Used to decrypt Defense Messaging Systems(DMS traffic)
|
Fortezza Cards
|
|
An automated message handling system use dto process, store and disseminate messages
|
AMHS
|
|
A program that replicates by attaching itself to other programs
|
Virus
|
|
Protection is provide at :
|
gateway and workstations
|
|
Vital for all military personnel to maintain
|
Personal readiness
|
|
Pre-deployment checklist from your
|
Unit Deployment Manager (UDM)
|
|
Verfies that all the items on the checklist have been properly signed off. Provides orders and assit you in deployment preparations
|
UDM
|
|
Verifies that you possess the retainability for the length of your deployment
|
Squadron
|
|
CBRNE< LOAC, IAAP
|
Training
|
|
IPE
|
Equipment
|
|
Area of responsibility, Public Health, Power of Attorney, Personal Financial Readiness briefing,
|
Briefings
|
|
Should have enough personal items in a personal bag to sustain for 30-45 days, and always have AFMAN 10-100
|
General Practices
|
|
The blocks we use to build our AEF capability
|
Unit Type Codes
|
|
A predefined standardized grouping of manpower and/or equipment to provide a specific wartime capability
|
UTC
|
|
Two types of UTC:
|
Personnel and equipment
|
|
Identified on a UTC by AFSC, grade and any special experience identifier that may be required for that position
|
Personnel
|
|
Personnel details within a UTC are managed through a specialized computer system
|
MANFOR(Manpower Force Packaging System)
|
|
Pre-deployment preparations
|
Warning Order
|
|
Final preparations
|
Alert Order
|
|
Time, data and location of deployment
|
Deployment Order
|
|
When your unit physically starts to move out, Transportation can be by a ground convoy, airlift, rail or by naval ship
|
Execution Order
|
|
Equipment details within a UTC are managed through a specialized computer system called
|
LOGDET
|
|
The key to any successful network installation
|
Preparation
|
|
Preconfigure as much of your network as possible
|
Preconfigure
|
|
First two things to do when arriving at your destination
|
Security and safety checks
|
|
Problems range from
|
Natural threats to intentional human attack
|
|
Critical to know/have
|
SABC/AFMAN 10-100
|
|
Provides a suite of modules and accessory kits that provide the communications backbone infrastructure to a deployed locations
|
Integrated Communications Access Package
|
|
ICAP contains three types of networks
|
Voice, data and transmission
|
|
Three modules that make up the data portion of the ICAP
|
Crypto Interface Module, Red Data Module and Basic Access Module
|
|
Provides data security for Is ICAP backbone and local network devices
|
Crypto Interface Module
|
|
Intended for establishing the Red Data network for deployed forces
|
Red Data Module
|
|
Provides functional elements to support the deployed voice network and the data network
|
Basic Access Module
|
|
Allows the deployed communications personnel to proactively and reactively manage and protect the network infrastructure and to protect sensitive data transported over the WAN via state-of-the-art COTS products that will satisfy the Air Force's need for standardization and reduced life cycle costs.
|
Network Control Center-Deployed
|
|
Two different standards to make a bounded network cable
|
EIA-568-B and EIA 568-A
|
|
A particular device operates in the OSI reference model
|
Dissimilar device
|
|
The process of keeping the network up and running while effectively managing its growth
|
Network Management
|
|
Newest NMS software the Air Force has is
|
SMARTS
|
|
First step in implementing the Barrier Reef Concept is
|
Know your network
|
|
Be prepared for problems
|
Be prepared for problems
|
|
Learn the protocols and mission 7 repecritical applications
|
.
|
|
Seven step troubleshooting model
|
1. Define problems 2. Gather facts 3. Consider all possible causes 4. Create a plan of action 5. Implement plan 6 Observe Results 7. repeat
|
|
Looks for breaks or other imperfections in a cable by sending our pulses are regular intervals
|
Time Domain Reflectometer(TDR)
|
|
Go byeyond llooking for cable breaks and imperfections, and display information about resistance, impedance and attenuation
|
Advanced Cable testers
|
|
A detailed configuration report is produced for all interfaces, including any configured serial ports
|
ipconfig /all
|
|
All network adapters on the computer that use DHCP try to contact a DHCP server and renew their existing configuration or obtain a new configuration
|
ipconfig /renew
|
|
A utility that verifies connections to one or more remote hosts
|
Packet Internet Groper(PING) Command
|
|
A route-tracing utility that not only verifies connections to a remote host, but can also determine the path that an IP packet takes to reach a problem.
|
Trace Route(Tracert) Command
|
|
A command-line tool that displays TCP/IP Protocol statistics and active connections to and from your computer
|
NETSTAT
|
|
You or your equipment must deply to another operating location from where you are currently deployed
|
Forward Deploying
|
|
After you or your equipment has already returned to your home base and deploys again
|
Re-deployment
|
|
Occurs after your deployment is over and you and your equipment are safe at home
|
Reconstitution
|
|
The process of performing a Post Deployment Inspection(PDI) on all of the equipment
|
Reconstitution
|
|
Time for reconstitution is built in as part of both the
|
AEF and Tempo Band Concept
|
|
The JCCC has responsibility over
|
Annex K and Operations Plan(OPLAN)
|
|
A comprehensive plan that outlines every detail of a major theater contingency
|
OPLAN
|
|
The lead communications function in theater and directly report to the JFACC and Air Force Forces Commander
|
AFSYSCON
|
|
A responsible for communications and information systems on a particular base and directs maintenance on equipment
|
CFP
|
|
Provides the Operational and Tactical command and control of airpoer as allocated and directed by the JFACC in support of the ground force commander
|
Air Support Operations Groups
|
|
Primary function is to coordinate and direct the tactical air effort in the support of land forces provide fast reaction to satisfy immediate requests from the Army for close air support
|
Air Support Operations Squadrons
|
|
The principal air control agency of the theater air control system responsible for the direction and control of air operations directly supporting the ground combat element
|
Air Support Operations Centers
|
|
Primary mission is to provide an operationally ready Control and Reporting Center and subordinate Deployable Radars in support of theater air operations worldwide
|
Air Control Squadrons
|
|
Provides the Air Force Component Commander and the JFACC the capability to plan and conduct theater air operations
|
Theater Air Control System TACS
|
|
TACS two main categories:
|
Ground TACS and AIrborne TACS
|
|
The 'heart' for communications systems and information functions of the TACS
|
AOC
|
|
Provides numerous critical functions on the modern battlefield, AWACS, J-STARS, A-FAR, UAV
|
TACP
|
|
TDC equipment supports an extension of the DII into the battlefield environment
|
...ajdf
|
|
Includes network interface units, which provide local subscribers the physical, electrical and logical connections needed to access teh voice and data backbone networks
|
TDC equipment
|
|
is Light, lean and highly mobile
|
Initial communications equipment
|
|
Primary mission is to provide the JFACC with the tools necessary to fight and win a MTW
|
Combined Aerospace Operations Center(CAOC)
|
|
Responsible for integrating the operational functions of air and dpsace power into a single weapons ystem
|
CAOC
|
|
A state of the art ground to ground communications infrastructure designed to exchange secure and non-secure voice, data and video communications via line of sight satellite, or hard wired sources providing the deployable infrastructure needed to support local and long-haul communications at deployed sites
|
Theater Deployable Commuunications
|
|
Provides the Air Force Component Commander and the JFACC the capability to plan and conduct theater air operations
|
Theater Air Control System TACS
|
|
TACS two main categories:
|
Ground TACS and AIrborne TACS
|
|
The 'heart' for communications systems and information functions of the TACS
|
AOC
|
|
Provides numerous critical functions on the modern battlefield, AWACS, J-STARS, A-FAR, UAV
|
TACP
|
|
TDC equipment supports an extension of the DII into the battlefield environment
|
...ajdf
|
|
Includes network interface units, which provide local subscribers the physical, electrical and logical connections needed to access teh voice and data backbone networks
|
TDC equipment
|
|
is Light, lean and highly mobile
|
Initial communications equipment
|
|
Primary mission is to provide the JFACC with the tools necessary to fight and win a MTW
|
Combined Aerospace Operations Center(CAOC)
|
|
Responsible for integrating the operational functions of air and dpsace power into a single weapons ystem
|
CAOC
|
|
A state of the art ground to ground communications infrastructure designed to exchange secure and non-secure voice, data and video communications via line of sight satellite, or hard wired sources providing the deployable infrastructure needed to support local and long-haul communications at deployed sites
|
Theater Deployable Commuunications
|
|
AFI direct units wanting to install or improve network capabilities to fill out an
|
Air Force Form 3215
|
|
Identify hardware/software requirements, research/gather data, test possible solution, does solution meet requirements, implement and document solution
|
adjfl.
|
|
Coordinated through a Communication Squadron project manager.
|
Site Survey
|