17D. Information Access, Cyber Security, and Mobility

Question 1

Disclosure of Record

Answer 1

To Other Federal Gov Agencies/Individuals:

• Authorized for routine use
• or authorized by a Privacy Act exception

To Other DOD Offices:
- Authorized for “an official need to know”

Question 2

Personally Identifiable Information (PII) Breach

Answer 2

• Unauthorized users have access to PII for an unauthorized purpose

Question 3

AFI 33-332

Answer 3

Title - Air Force Privacy & Civil Liberties Program

• Provides info/procedures for safeguarding and reporting of PII breaches

Question 4

Records Request

Answer 4

• Approved/denied by 20 workdays

- Denials receive notification of appeal rights

Question 5

DoDM 5400.07-R_AFMAN 33-302

Answer 5

• Provides specific policy/procedure on Freedom of Information Act and guidance on disclosing records to the public

Question 6

Cybersecurity

Answer 6

• Protection of electronic communication systems, including information contained therein, to ensure it’s integrity

Components:

• AF risk management framework
• IT controls/countermeasures
• Communications security
• TEMPEST (emissions security)
• AF Assessment and authorization
• Workforce improvement program

Question 7

AFI 17-130

Answer 7

Title - Cybersecurity Program Management

• Describes risk management and cybersecurity as representations of dynamic, multi-disciplinary sets of challenges

Question 8

System of Records Notices

Answer 8

• Must be published in federal register by 30 days

Question 9

5 Functions of Air Force Cybersecurity Program

Answer 9

• Protect
• Respond
• Recover

Question 10

3 Steps Involved in Protecting Information Systems

Answer 10

• Infection
• Detection
• Protection

Question 11

Privacy Act of 1974

Answer 11

• Governs the collection, maintenance, use, and dissemination of personal information
• Provides individuals with a means to access and amend their records

Question 12

Communications Security

Answer 12

Components:

• Transmission security - protects compromising emanations (formerly known as emissions security)
• Physical security - prevents access by unauthorized persons
• Cryptosecurity

Question 13

TEMPEST

Answer 13

• Deny compromising emanations within an inspectable space

Question 14

Privacy Act Statement

Answer 14

• Must be given when individuals are asked to provide personal information

Question 15

Privacy Act System of Records

Answer 15

• Information is retrieved by the individuals name, number, or unique identifier

Question 16

Cybersecurity Program Risk Management Strategy

Answer 16

• Ensures the confidentiality, integrity, and availability of all info owed/trusted by AF

Question 17

Information Assurance Awareness (IAA)

Answer 17

• Required training prior to computer system access

Question 18

DoD 5500.07-R

AFI 10-701

Answer 18

Title - Joint Ethics Regulation
Title - Operations Security

• Governs the use of federal government resources when accessing internet-based capabilities

Question 19

Information Systems Security Officer

Answer 19

• Maintains documented approval authority and inventory info on all approved devices