Term
Into what two categories can you divide the OSI model? |
|
Definition
Application (upper) and data transport (lower) layers. |
|
|
Term
What is the responsibility of the Data Transport layers of the OSI model? |
|
Definition
Defining how data is sent across the physical media, through Internetwork devices, to the destination computer, and to the application on the destination machine. |
|
|
Term
What is a physical topology? |
|
Definition
It is a "map," or description, of the layout of the network media that interconnects the devices on a network. |
|
|
Term
What is a logical topology? |
|
Definition
It defines the way in which devices communicate and data is transmitted throughout the network. |
|
|
Term
What is the rule of thumb to distinguish physical from logical topologies? |
|
Definition
If you can see it and touch it, it is physical; if you cannot see it or touch it, it it logical. |
|
|
Term
A topology affects the network's capabilities; what is the impact of choosing one topology over another? |
|
Definition
Type of equipment the network needs; capabilities of the equipment; growth of the network; and the way the network is managed. |
|
|
Term
What are the advantages of a bus topology? |
|
Definition
Inexpensive to install; easy to add more workstations; requires less cable than other; works well for small networks (2-10 devices). |
|
|
Term
What are the disadvantages of a bus topology? |
|
Definition
It's no longer a recommended option for new installations; if the backbone breaks, the network is down, only a limited number of devices can be included; it's difficult to isolate where a problem may be; and sharing the same cable means slower access time. |
|
|
Term
What are the advantages of a star toplogy? |
|
Definition
It's easy to add more devices as you network expands; the failure of one cable or one cable break will not bring down the entire network; the hub provides centralized management; it's easy to find device and cable problems; a star network can be upgraded to faster network transmission speeds; and it's the most common topology, so many equipment options are available. |
|
|
Term
What are the disadvantages of a star topology? |
|
Definition
A star network requires more media than a ring or bus network; the failure of the central hub can bring down the entire network; and the costs of installation and equipment are higher than for most bus networks. |
|
|
Term
What are the advantages of a ring topology? |
|
Definition
Data packets can travel at greater speeds; there are no collisions; and it is easier to locate problems with devices and cable; and no terminators are needed. |
|
|
Term
What are the disadvantages of a ring topology? |
|
Definition
A ring network requires more cable than a bus network; a break in the cable will bring many types of ring networks down when you add devices to the ring, all devices are suspended from using the network; and it's not as common as the bus topology; so there's not as much equipment available. |
|
|
Term
What are the two most common hybrid topologies? |
|
Definition
Star-bus and star-ring topologies. |
|
|
Term
The easiest way to break down the many protocols of the TCP/IP suite is according to where they operate within the OSI model. Each protocol in this stack operate at what four layers? |
|
Definition
The Data Link layer, the Network layer (also known as the Internet layer in the TCP/IP model), the Transport layer, or the Application layer. |
|
|
Term
The protocols at the Data Link layer define the access method for the media, the architecture, and interface with the Physical layer of the network. What standards are these protocols based on? |
|
Definition
The standards that have been adopted by the IEEE as the Project 802 standards. |
|
|
Term
What are the four most important TCP/IP protocols that function within the network layer? |
|
Definition
Internet Protocol (IP), Address Resolution Protocol (ARP), Reverse Address Resolution Protocol (RARP), and Internet Control Message Protocol (ICMP). |
|
|
Term
What are the fields belonging to a TCP segment? |
|
Definition
Source port, Destination port, Sequence number, Acknowledgement number (ACK), TCP header length, Reserved, Flags, Sliding-window size (or window), Checksum, Urgent pointer, Options, Padding, and Data. |
|
|
Term
What are some reasons form implementing DHCP? |
|
Definition
To reduce time spent on IP address management, to reduce the potential for errors in assigning IP addresses, adn to make IP addressing transparent for mobile users. |
|
|
Term
What is a group of computers and device that share a common communication line and resources in a small geographical area? |
|
Definition
Local Area Network (LAN). |
|
|
Term
A local area network may serve how many users? |
|
Definition
As few as two or three users or as many as thousands of users. |
|
|
Term
What type of network is also used as a means to interconnect several local area network by bridging them with backbone lines? |
|
Definition
A Metropolitan Area Network or campus network. |
|
|
Term
What network provides a private tunnel through the Internet? |
|
Definition
Virtual Private Network (VPN). |
|
|
Term
What type computer port specifies a service that is a process or application that runs on a serer and provides some benefits to a network user? |
|
Definition
|
|
Term
What is the port used when you do credit card transactions with e-commerce sites? |
|
Definition
Port 443-SSL is the default port use when you do credit card transactions with an e-commerce site. |
|
|
Term
What are the two main parts of an IPv4 address? |
|
Definition
|
|
Term
Who assigns network numbers? |
|
Definition
|
|
Term
Convert 111000000 10101000 01111011 01100100 to dotted decimal notation. |
|
Definition
|
|
Term
What is the reserved IPv4 address for loopback? |
|
Definition
|
|
Term
What is the reserved IPv4 address for a limited broadcast? |
|
Definition
|
|
Term
|
Definition
It is a mechanism that allows a network device to divide an IP address into a network and host number. |
|
|
Term
What are the two methods of subnet masking? |
|
Definition
|
|
Term
What is the difference between the two methods of subnet masking? |
|
Definition
Classful subnet masking is using the default mask to separate the network number, given by IANA, from the host number. Classless subnet masking borrows bits from the host field, extending beyond the default mask assigned by IANA, and creating a subnet field. |
|
|
Term
What are some benefits to subnetting? |
|
Definition
Ease of administration, improve network performance and security. |
|
|
Term
How long is an IPv6 address? |
|
Definition
It is 128-bits or 16 octets long. |
|
|
Term
How is an IPv6 address expressed? |
|
Definition
16 byte fields, in colon hexadecimal format. |
|
|
Term
What are the two ways to shorten the expression of an IPv6 address? |
|
Definition
Leading zero compression and zero compression. |
|
|
Term
What is a unicast address? |
|
Definition
Adress identity to a single interface. |
|
|
Term
What is a multicast address? |
|
Definition
An address used to identify a group of interfaces belonging to different nodes starting with an address of FF00::/8. |
|
|
Term
What is an anycast address? |
|
Definition
An address used to identify a set of interfaces; but the packets are sent and accepted by the interface that is closest. |
|
|
Term
What are the three types of unicast address? |
|
Definition
|
|
Term
What is the IPv6 loop back address? |
|
Definition
|
|
Term
What are some tools available to transition from IPv4 to IPv6? |
|
Definition
Dual IP layer / Dual Stack, Configured tunneling of IPv6 over IPv4, IPv4-compatible IPv6 addresses, and automatic tunneling of IPv6 over IPv4. |
|
|
Term
What does the acronym RAM mean? |
|
Definition
|
|
Term
What is the difference between ROM and RAM? |
|
Definition
ROM is a type of memory that normally can only be read, as opposed to RAM, which can be both read and written. The data stored in ROM is always there, whether there is power or no power. RAM willretain their data as long as stable power is applied. |
|
|
Term
Name the special tlype of memory used to store the BIOS settings in a pc. |
|
Definition
Complementary metal oxide semiconductor memory. |
|
|
Term
What speed enhancement is a small amount of memory placed inside the CPU or between the CPU and the main memory computer? |
|
Definition
|
|
Term
What device converts the wall outlet's AC into DC to provide power to all power to all internal circuitry in a computer? |
|
Definition
|
|
Term
Explain the term Input/Output. |
|
Definition
The term Input/Output can describe any program, operation, or device communicating to/from a computer. |
|
|
Term
What is the "trade name" that refers to the 40-pin interface and drive-controller architecture designed to implement the ATA standard? |
|
Definition
IDE (Integrated Drive Electronics controller). |
|
|
Term
List five extenal computer connections. |
|
Definition
PS/2, Serial, Parallel, Universal Serial Bus, Fire Wire. |
|
|
Term
Name four integrated/internal peripheral devices. |
|
Definition
Hard disk, CD/DVD-ROM, Sound Card, and Graphics/video card. |
|
|
Term
How much data can a CD-ROM store? CD-R? DVD-ROM? |
|
Definition
650 MB, 700 MB, and 4 GB. |
|
|
Term
Most high-volume printers can connect to a network directly using what internal device? |
|
Definition
|
|
Term
What is the primary use for a bridge? |
|
Definition
To decrease network congestion. |
|
|
Term
What two basic issues must be considered before implementing a bridge? |
|
Definition
The 80/20 rule and the elimination of bridging loops. |
|
|
Term
Name the type of bridging used on Ethernet networks. |
|
Definition
|
|
Term
Name the five functions that must occur for transparent bridging. |
|
Definition
Learning, flooding, forwarding, filtering, aging. |
|
|
Term
What do LAN switches provide between network devices? |
|
Definition
Collision-free, high-speed communication. |
|
|
Term
Can a switch connect LANs of different bandwidths? If so, give example. |
|
Definition
Yes. A switch can connect a 10Mbps LAN and a 100Mbps LAN. |
|
|
Term
What type of switching is required when a frame must be moved from a low-speed LAN to a high-speed LAN? |
|
Definition
Store-and-forward switching. |
|
|
Term
Routers operate at what layer of the OSI Model? |
|
Definition
Routers operate at the Network layer of the OSI Model. |
|
|
Term
What does a typical router contain? |
|
Definition
A typical router has an internal processor, an operating system, memory, input and output jacks for different types of network connectors (depending on the network type), and, usually, a management console interface. |
|
|
Term
Name three metrics that routers use to determine the best route. |
|
Definition
Path length, reliability, routing delay, bandwidth, load, and communication cost. |
|
|
Term
What routing protocols that manage traffic within an autonomous system? |
|
Definition
Interior Gateway Protocols. |
|
|
Term
Name two methods for directing data on the network. |
|
Definition
Static or dynamic routing. |
|
|
Term
|
Definition
A technique in which a network administrator programs a router to use specific paths between nodes. |
|
|
Term
|
Definition
A router automatically calculates the best path between two nodes and compiles this info in a routing table. |
|
|
Term
What are two types of encryption? |
|
Definition
Data and voice encryption. |
|
|
Term
What are two devices used for data encryption? |
|
Definition
The TSEC KIV-7 and the TSEC KIV-19. |
|
|
Term
What two telephone devises are used for voice encryption? |
|
Definition
The secure telephone unit and the secure terminal equipment. |
|
|
Term
What are two types of data encryption fill devices? |
|
Definition
The AN/CYZ-10/DTD and the Secure DTD 2000 System (SDS). |
|
|
Term
How can encryption be applied? |
|
Definition
Link-by-link basis, end-to-end basis or bulk encryption. |
|
|
Term
What are the two types of modems used? |
|
Definition
|
|
Term
What is one of the principal functions of a CSU? |
|
Definition
To provide a barrier for electrical interference from either side of the unit. |
|
|
Term
What is the main function of a DSU? |
|
Definition
To adapt the digital data stream produced by the customer equipment to the signaling standards of the telephone carrier equipment, and vice versa. |
|
|
Term
At the simplest level, state two things done by an operating system. |
|
Definition
(1) It manages the hardware and software resources of the computer system. These resources include such things as the processor, memory, disk drives, sound card, etc.
(2) It provides a stable, consistent way for applications to deal with the hardware without having to know all the details of the hardware. |
|
|
Term
Name the six categories of an operating system's tasks. |
|
Definition
Processor management, memory management, device management, storage management, application interface, and user interface. |
|
|
Term
Applications are called what type of programs? |
|
Definition
|
|
Term
How is Microsoft Access used? |
|
Definition
Microsoft Access is a software program that allows user to create a desktop database. |
|
|
Term
What program is free to download from Adobe's website that allows you to PDF files? |
|
Definition
|
|
Term
Name Microsoft Windows family of operating systems. |
|
Definition
Windows 98, Windows NT, Windows 2000 series, Windows XP, Windows Vista, and Windows 7. |
|
|
Term
|
Definition
A collection of computers defined by the administrator of a Windows Server network that share a common directory/database. |
|
|
Term
When did Bell Labs develop the UNIX operating system? |
|
Definition
|
|
Term
What is the program called that you intaract with directly from your terminal or workstation? |
|
Definition
|
|
Term
Name four common shells in UNIX. |
|
Definition
Bourne shell, Korn shell, C shell, and Restricted shell. |
|
|
Term
|
Definition
Partitions are physical areas of disk allocated with specific sizes to hold file systems. |
|
|
Term
When are partitions established? |
|
Definition
During system configuration. |
|
|
Term
In what directory are application programs contained? |
|
Definition
The usr (user) directory. |
|
|
Term
What is the firmware prompt called on Sun machines? |
|
Definition
"ok" (often called the O.K. prompt). |
|
|
Term
What are the seven components of the GIG? |
|
Definition
Warrior Component, Global Application, Computer, Communications, Foundation, Information Management. |
|
|
Term
What organization has the mission of directing and operating the GIG? |
|
Definition
|
|
Term
Which characteristic of the GIG ensures that users across the DOD can seamlessly connect to the systems and services offered by the GIG? |
|
Definition
|
|
Term
What three networks make up the data component of DISN? |
|
Definition
Non-secure Internet Protocol Router Network, Secret Internet Protocol, Router Network, Joint Worldwide Intelligence Communications System. |
|
|
Term
Why does the DOD need to have its own voice communications networks? |
|
Definition
Because of the nature of the military's mission requirements and security concerns. |
|
|
Term
What is the purpose of the long-haul transport infrastructure segment of the DISN? |
|
Definition
It is the pipeline through which all DISN information will travel. |
|
|
Term
Explain how the NIPRNET connects LANs and users. |
|
Definition
Through the use of routers and ATM switches, which are interconnected using high-speed digital trunks. |
|
|
Term
What is the purpose of NIPRNET? |
|
Definition
The NIPRNET is the way a local base LAN connects to other base LANs to support medical, finance, supply, personnel, and the other unclassified base daa communication requirements. |
|
|
Term
How is it possible for NIPRNET to carry non-internet protocol services? |
|
Definition
Subscriber systems can use the NIPRNET to carry non-IP services if they have been encapsulated or converted to IP before being presented to a NIPRNET router. |
|
|
Term
Who manages SIPRNET Hub routers and premise routers? |
|
Definition
Hub routers are managed by DISA. Premise routers are managed as a base communications asset. |
|
|
Term
How does SIPRNET function like unclassified IP networks? |
|
Definition
It can use Ethernet, router, FDDI, ATM data link protocols. |
|
|
Term
What network is JWICS the Top Secret equivalent? |
|
Definition
JWICS is the Top Secret equivalent to SIPRNET. |
|
|
Term
What system is the primary means of operator interface for JWICS? |
|
Definition
The primary means of operator interface for JWICS is the Joint Deployable Intelligence Support System. |
|
|
Term
How does CITS manage the lifecycle of the Air Force's communications and information systems? |
|
Definition
By providing standardized infrastructure and network protection tools for all voice, video, and data services that traverse base networks. |
|
|
Term
What are the four segments of the CITS transport component? |
|
Definition
Information Transport System, 2nd Generation Wireless LAN (2GWLAN), Voice Switching System, C4ISR Infrastructure Planning System. |
|
|
Term
What CITS NM/ND component is the most recent stride towards in-depth security for Air Force networks? |
|
Definition
Limiting our connections to the GIG. |
|
|
Term
What are the two categories of DSN users? |
|
Definition
Command and Control and Operational Support. |
|
|
Term
Which user category is assigned flash or flash-override precedence? |
|
Definition
Command and Control users. |
|
|
Term
What are the five key objectives of DSN? |
|
Definition
Survivability, responsivenes, security, cost effectiveness, interoperability. |
|
|
Term
What device makes end-to-end encryption available to DSN users? |
|
Definition
Secure Terminal Equipment. |
|
|
Term
What are the major subsystems of DSN? |
|
Definition
1) Switching; 2) transmission; 3) timing and synchronization, administration; 4) administration, operations and maintenance/network management (AO&M/NM). |
|
|
Term
What is the system high level of security for operation of the Red Switch? |
|
Definition
|
|
Term
Which standard data rates will the Red Switch offer direct switching? |
|
Definition
Up to 64 Kbps for synchronous and 19.2 Kbps for asynchronous. |
|
|
Term
How many station lines can the multiline phone accommodate? |
|
Definition
|
|
Term
Briefly describe the purpose of standardized tactical entry points. |
|
Definition
To allow tactical DSCS terminals to access the Defense Communication System. |
|
|
Term
Why are tactical terminals considered at a disadvantage? |
|
Definition
Tactical terminals are generally considered "disadvantaged" because they require much more of the satellite's downlink power to receive the signals. |
|
|
Term
What four services are provided via the standardized tactical entry point? |
|
Definition
Seven T1 DSN access circuits, Three Red Switch accesses, up to 10 Mbps data access, and multiple video circuits from 128 Kbps to 1.544 Mbps per circuit. |
|
|
Term
Why was Teleport developed? |
|
Definition
Teleport was developed to expand multi-media RF access to multiple military and commercial communications systems, while taking advantage and expanding the baseband equipment and DISN services the STEP program has installed. |
|
|
Term
What is the Navstar Global Positioning System (Navstar GPS)? |
|
Definition
Navstar GPS is a constellation of earth orbiting satellites designed to provide authorized and appropriately equipped users with worldwide three-dimensional positioning and navigation information. |
|
|
Term
What are the two primary missions of the Global Positioning System? |
|
Definition
Navigation and nuclear detection. |
|
|
Term
|
Definition
OPSEC is defined as a process of identifying critical information and subsequently analyzing friendly actions attendant to military operations and other activities. |
|
|
Term
What is the goal of OPSEC? |
|
Definition
The goal of OPSEC is to identify information and observable activities relating to mission capabilities, limitations and intentions in order to prevent exploitation by our adversaries. |
|
|
Term
Which security programs does OPSEC encompass? |
|
Definition
OPSEC encompasses all AF security program. |
|
|
Term
Who established the INFOSEC program? |
|
Definition
|
|
Term
What is the definition and goal of the INFOSEC program? |
|
Definition
The goal of the INFOSEC Program is to efficiently and effectively protect Air Force information by delegating authority to the lowest levels possible; encouraging and advocating use of risk management principles; focusing on identifying and protecting only that information that requires protection; integrating security procedures into our business processes so that they become transparent; and, ensuring everyone understands their security roles and responsibilities. |
|
|
Term
What does the Privacy Act of 1974 protect? |
|
Definition
The Privacy Act (PA) of 1974 is the legal statute (law) protecting individuals from unwarranted invasion of their personal privacy. |
|
|
Term
What AFI contains information on the Privacy Act? |
|
Definition
AFI 33-332, Air Force Privacy Act Program, contains the Air Force's policy on Privacy Act information. |
|
|
Term
Name the four parts of the Privacy Act statement. |
|
Definition
Authority, purpose, routine uses, and disclosure. |
|
|
Term
How are PA protected records disposed? |
|
Definition
Records protected by the Privacy Act are disposed of according to the records retention schedule on the file plan. The method of destruction depends on the composition of the material. |
|
|
Term
What are the categories of classified information? |
|
Definition
Top Secret, Secret, and Confidential. |
|
|
Term
What document covers FOUO and FOIA? |
|
Definition
The Freedom of Information Act (FOIA), covered in DOD 5400.7-R, DOD Freedom of Information Act Program, provides information on the FOUO designation. |
|
|
Term
What is the definition of COMSEC? |
|
Definition
COMSEC is defined as the measures and controls taken to deny unauthorized persons information derived from information systems of the US Government related to national security and to make sure the authenticity of such information systems. |
|
|
Term
How does TRANSEC relate to COMSEC? |
|
Definition
Transmission security (TRANSEC) is the component COMSEC resulting from the application of measures designed to protect information systems traffic from the interception and exploitation by means other than crypto-analysis. |
|
|
Term
What is critical information? |
|
Definition
Critical information is information about friendly activities, intentions, capabilities, or limitations that an adversary seeks in order to gain a military, political, diplomatic, economic, or technological advantage. |
|
|
Term
Explain the two-person integrity system. |
|
Definition
Two-person integrity (TPI) is a storage and handling system that prohibits acces to COMSEC keying material to lone or unaccompanied individuals. TPI procedures require the presence of at least two unauthorized persons, both who know TPI procedures and who can detect incorrect or unauthorized security procedures for the performed task. |
|
|
Term
What is AFCOMSEC Form 16 used for? |
|
Definition
AFCOMSEC Form 16, Account Daily Shift Inventory is used to account for COMSEC material using both Defense Courier Service and the Air Force Electronic Key Management System. |
|
|
Term
What should you look for before you open a COMSEC package? |
|
Definition
Make sure there is no evidence of tampering or forced entry. If you suspect tampering or forced entry from a previous custodian, do not open the package until advised to do so by the appropriate COMSEC authority or CRO. |
|
|
Term
What is AF Form 1109 used for? |
|
Definition
AF Form 1109 is used to document visitor access to restricted areas where classified is being processed. |
|
|
Term
What is a COMSEC deviation? |
|
Definition
A COMSEC deviation is an occurance involving a failure to follow established COMSEC instructions, procedures, or standards. |
|
|
Term
What is a COMSEC insecurity? |
|
Definition
A COMSEC insecurity is an investigated or evaluated incident that has been determined as jeopardizing the security of COMSEC material or the secure transmission of government information. |
|
|
Term
What is a COMSEC incident? |
|
Definition
(1) Any uninvestigated or unevaluated occurance tha potentially jeopardizes the security of COMSEC material or the secure transmission of government information.
(2) Any investigated or evaluated occurrence that has been determined as not jeapardizing the security of COMSEC material or the secure transmission of secure information. This means that presently, harm is unfounded or alleged. These are generally classified as "Confidential" until receiving guidance from higher agencies. |
|
|
Term
Name the three COMSEC incidents. |
|
Definition
Physical, Personnel, and Cryptographic incidents. |
|
|
Term
How does a practice dangerous to security (PDS) differ from a COMSEC incident? |
|
Definition
Practice dangerous to security (PDS) is defined as a procedure that has the potential to jeapoardize the security of COMSEC material if allowed to continue. A PDS is not a COMSEC incident and is not assigned an Air Force COMSEC Incident case number. |
|
|
Term
What document is used to label unsecured phones? |
|
Definition
DD Form 2056 is used to label unsecured phones. |
|
|
Term
When are the COMSEC final reports due? |
|
Definition
Final reports are due 30 days after the initial report is issued. |
|
|
Term
|
Definition
COMPUSEC is the applied discipline that results from measures and controls that protect data in a computer against unauthorized (accidental or intentional) disclosure, modification, or destruction. |
|
|
Term
What are the objectives of COMPUSEC? |
|
Definition
COMPUSEC objectives are to protect and maintain the confidentiality, integrity, availability, authentication, and nonrepudiation of information system resources and information processed throughout the system's life cycle. |
|
|
Term
What are three sources that threat information systems? |
|
Definition
Threats are caused from natural, environmental, human, and viruses. |
|
|
Term
Define the COMPUESEC and IA vulnerabilities. |
|
Definition
The COMPUSEC and IA vulnerabilities are:
(1) Physical--weaknesses in the control and accountability of physical access to controlled areas. The controls can be implemented either through automated or manual means.
(2) Environmental--weaknesses or deficiencies in maintaining the environmental stability, control, and safety of the computer area.
(3) Personnel--deficiencies in the controls that make sure all personnel who have access to sensitive information have the required authority and appropriate clearance.
(4) Hardware--deficiencies with installation, operating, and maintaining the systems and network hardware.
(5) Softwarel--deficiencies in the control of network and computer operating systems, software versions, data, and related security software.
(6) Media--deficiencies in the control and maintenance of magnetic and hard copy media.
(7) Network communications--deficiencies in the security and controls of the various communications mediums used to transmit data between the servers and network users.
(8) Procedural--deficiencies in the development and maintenance of procedures, rosters, and forms that provide guidance, definition of responsibilities, and identification of personnel. |
|
|
Term
How can you protect an unattended computer system? |
|
Definition
You can protect a system by removing your Common Access Card (CAC) from reader when unattended. |
|
|
Term
What type of network is used to process unclassified information? |
|
Definition
Non-secure Internet Protocol Router Network (NIPRNET) |
|
|
Term
What type of network is used to process classified information? |
|
Definition
Secret Internet Protocol Router Network (SIPRNET). |
|
|
Term
|
Definition
Spyware is computer software that is designed to collect personal information about users without their informed consent. |
|
|
Term
|
Definition
Emission Security (EMSEC) is the protection resulting from all measures taken to deny unauthorized personnel information of value that might be derived from communications systems and cryptographic equipment intercepts and the interception and analysis of compromising emanations from cryptographic-equipment, information systems, and telecommunications systems. |
|
|
Term
What is the objective of EMSEC? |
|
Definition
The objective of EMSEC is to deny access to classified and, in some instances, unclassified information and contain compromising emanations within an inspectable space. |
|
|
Term
What are compromising emanations? |
|
Definition
Unintentional signal that, if intercepted and analyzed, would disclose the information transferred, received, handled, or otherwise processed by any information-processing equipment. |
|
|
Term
What does an EMSEC assessment determine? |
|
Definition
A desktop analysis to determine the fact an EMSEC countermeasures review is required or not. There are separate EMSEC assessments for information systems, communications systems, and cryptographic equipment. |
|
|
Term
What does an EMSEC countermeasure provide? |
|
Definition
A technical evaluation of a facility where classified information will be processed that identifies the EMSEC vulberabilites and threats, specifies the required inspectable space, determines the required EMSEC countermeasures, and ascertains the most cost-effective way to apply required countermeasures. |
|
|
Term
What does the user identify before applying EMSEC countermeasures? |
|
Definition
The user identifies the information systems that will process classified information; the volume, relative sensitivity, and perishability of the information; the physical control measures in effect around the area that will process classified information; and applies identified IA and EMSEC countermeasures. |
|
|
Term
What do INFOCONs help us with? |
|
Definition
INFOCONs help units take the proper protective measures to protect against threats. |
|
|
Term
What measures are in place when there is an increased risk of attack in INFOCON 4? |
|
Definition
Increased monitoring of all network activities is mandated, and all DOD end users must make sure their systems are secure. Internet usage may be restricted to government sites only, and backing up files to removable media is ideal. |
|
|
Term
Describe the actions taken in INFOCON 2. |
|
Definition
Non-essential networks may be taken offline, and alternate methods of communication may be implemented. |
|
|
Term
What disciplines does IA integrate? |
|
Definition
Information awareness is an integrated communications awareness program covering COMSEC, COMPUSEC, and emissions security (EMSEC) disciplines. |
|
|
Term
What actions must peronnel take to meet the goals of the IA program? |
|
Definition
Personnel must understand the necessity and practice of safeguarding information processed, stored, or transmitted on information systems and the various concepts of IA countermeasures to protect systems and information from sabotage, tampering, denial of service, espionage, fraud, misappropriation, misuse, or access by unauthorized persons. |
|
|
Term
What equipment does the AF-GIG encompass? |
|
Definition
The AF-GIG includes any Air Force-provisioned system, equipment, software, or service residing on the NIPRNET, SIPRNET, or Constellation Net. |
|
|
Term
What is the Global Information Grid? |
|
Definition
The Global Information Grid (GIG) is an all-encompassing communications project of the DOD. It is defined as the globally interconnected, end-to-end set of information capabilities, associated processes, and personnel for collecting, processing, storing, disseminating, and managing information on demand to warfighters, policymakers, and support personnel. |
|
|
Term
What are the three NETOPS Levels? |
|
Definition
Global, Regional, and Local. |
|
|
Term
What is the responsibility of GNOSC? |
|
Definition
Global NOSC is responsible for the worldwide management and opertional oversight of the Defense Information Infrastructure. |
|
|
Term
Where do FACs exist and what are their purposes? |
|
Definition
Functional Awareness Cells are regional level entities that exist at the same NETOPS management tier as the Base NCC. They report to and take direction from the Base and supporting NOSC. FACs require smaller amounts of equipment and performs situational awareness for a functional system of mission. |
|
|
Term
What does an accreditation and certification constitute? |
|
Definition
Accreditation and Certification constitutes a set of procedures and judgements which lead to a determination of the suitability of an AIS to operate in a targeted operational environment. |
|
|
Term
Who makes accreditation decisions and what types can be made? |
|
Definition
An accreditation decision is made by the DAA. This accreditation can be a full accreditation which allows a system to operate in an evironment for which it was originally intended or interim (temporary) accreditation which permist an AIS to operate until identified steps can be completed prior to receiving full accreditation. |
|
|
Term
Define physical security. |
|
Definition
Physical security results from using all physical measures necessary to safeguard COMSEC material from access of unauthorized personnel. These measures include the application of control procedures and physical barriers. |
|
|
Term
List the markings required for classified material. |
|
Definition
The overall classification of the document; the agency/office of origin and date of the document; the office or source document that classified the information. |
|
|
Term
What items cannot be placed in security container used to store classified material? Why? |
|
Definition
Funds, weapons, medical items, controlled drugs, precious metals, money or other non-mission related items susceptible to theft are not, as a rule, stored in any security container that's used to store classified material. Storing these items together could result in the compromise of classified material. |
|
|
Term
What is the purpose of SF 700? |
|
Definition
The purpose of SF 700 is to records the container's location, the names, home addresses, and home telephone numbers of people who know the combination. It is also used to list contact personnel when the security of the material in the container is compromised. |
|
|
Term
On what days are Secret packages typically shipped? |
|
Definition
Packages containing Secret material are typically shipped on Monday through Thursday only. |
|
|
Term
When should hand carrying classified material during a TDY assignment be allowed? |
|
Definition
Hand carrying classified material during TDY poses a risk and should be done as a last resort in critical situations. |
|
|
Term
What provides guidance on how to properly dispose of classified material? |
|
Definition
WebRims Records Disposition Schedule. |
|
|
Term
What are the three types of secured facility deviations? |
|
Definition
Temporary, permanent, and technical. |
|
|