107 Information Assurance Flashcards
Define IA
IA: Information Assurance; information operations that protect/defend data and information systems by ensuring their availability, integrity, authentication, confidentially, and non-repudation
Define Certification
Comprehensive evaluation of the technical and non-technical security features
Define Accreditation
Official management decision to operate an IS in a specified environment
Define DAO (Designated Approving Official)
Official with authority to formally assume responsibility for operating a system at an acceptable level of risk
What is a System Security Plan?
Formal document that fully describes planned security tasks
Deinfe ATO
ATO: Authority to Operate; formal declaration by DAO that information system is approved to operate
Definte IATO
IATO: Interim Authority to Operate; temporary authorization granted by DAA or SCO
What is Configuration Management?
Identifies, controls, accounts for, and audits all changes to site or IS during its design, development & operational lifecycle
Discuss security procedures involved when performing cross-domain transfers
Scan all info storage media and e-mail attachments introduced prior to its use on any SCI system
What is Risk Management?
Process that allows IT managers to balance the operational and economic costs of protective measures and achieve gains in mission capability by protecting the IT systems and data that support their organizations’ missions
Define the 5 attributes of IA
- Confidentiality: assurance that info isn’t disclosed to unauthorized persons, process, or devices
- Integrity: assurance that info is not modified by unauthorized parties or in an unauthorized manner
- Availability: assurance of timely, reliable access to data and info systems by authorized users
- Non-repudiation: assurance that the sender of data is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the data
- Authentication: assurance of identify of a message sender or receiver
List and define 9 categories of computer incidents
- Root level intrusion: Unauthorized (administrative) privileged access to a DoD system
- User level intrusion: Unauthorized non-privileged access to a DoD system
- Denial of service: Denies, degrades, or disrupts normal functionality of a system/network
- Malicious logic: Installation of software designed and/or deployed by adversaries with malicious intentions of gaining access to resources or info w/o consent/knowledge of user
- Unsuccessful activity attempt: Deliberate attempts to gain unauthorized access to DoD system, defeated by normal defensive mechanisms. Attacker FAILS to gain access to system
- Non-compliance activity: Potentially exposes DoD systems to increased risk as a result of action/inaction of authorized users
- Reconnaissance: Seeks to gather info used to characterize DoD systems, apps, networks, and users that may be useful in formulating an attack
- Investigating: Events that are potentially malicious or anomalous activity deemed suspicious and warrant/are undergoing further review
- Explained Anomaly: Suspicious events that are determined to be non-malicious activity and do not fit criteria for any other categories (MISC)
Describe the DoN World Wide Web Security Policy
All DoN sites must have a clearly articulated purpose, approved by commander, and support command’s core competency mission
Define IAVA
IAVA: Information Assurance Vulnerability Alert; an announcement of high risk computer software
Define IAVB
IAVB: Information Assurance Vulnerability Bulletin; announcement of a medium risk computer