7A Flashcards
___ ___ compliance ensures appropriate implementation of measures to protect all Air Force information system resources and information
Computer Security (COMPUSEC)
The focus of COMPUSEC is on end-point security and ports, protocols, and services management ___ ___ ___.
within the AF
The COMPUSEC objective is to employ countermeasures designed for the protection of __, ___ and ___ of United States government information processed by Air Force ISs.
confidentiality, integrity and availability
COMPUSEC includes all measures to ____ ISs and information against sabotage, tampering, denial of service, espionage, fraud, misappropriation, misuse, or release to unauthorized persons.
safeguard
Air Force Manual (AFMAN) ____, Computer Security (COMPUSEC) is the publication that implements the AF COMPUSEC program.
AFMAN 17-1301
COMPUSEC applies to __ __ ___ __ used to process, store, display, transmit, or protect AF information, regardless of classification or sensitivity, unless exempted through the risk management framework process.
all AF information technology
As an information technology professional, you work to achieve the fundamental goals of information security. Those fundamental goals are confidentiality, integrity, and availability— collectively termed
the __ ___ (not to be confused with the Central Intelligence Agency).
CIA Triad
One of the goals of information security is to ensure _____ such that only authorized persons can gain access to information and are able to read the information.
confidentiality
Which technologies keep information confidential?
- Access Control/Permissions
- Encryption
- Steganography
The following describes which technology that keeps information confidential?
Most network administrators secure information on the organization’s network by implementing permissions on the files and folders. This is known as building an access control list (ACL) on the files because the network administrator is controlling who can access the files. By setting permissions on the files and allowing only a specific group of users access to the files, you are helping to maintain confidentiality.
Access Control/Permissions
The following describes which technology that keeps information confidential?
____ data puts the information in an unreadable format until an authorized person decrypts the data, which places it back in a readable format.
Encryption
The following describes which technology that keeps information confidential?
___ is a method of hiding information, such as a text file, in a graphic file. The information is placed in the graphic file using a program, and a password is placed on the file. After sending the graphic to the intended receiver, the intended receiver would use the ___ application to read the information out of the file.
Steganography
Files can be encrypted at two levels—either encrypt the file in ___ or encrypt the file while it is in ____ from one location to another.
storage
transit
The concept of ___ ___ (not to be confused with personal integrity, or ethics) is to ensure that when data is sent from a source to a destination, the information received at the destination has not been altered in transit. ___ ___ also means that if you store a file on a storage drive and open it later, you can be certain that the data has not been altered while in storage.
data integrity
What four things fall under integrity?
- Hashing
- Digital Signature
- Digital Certificate
- Nonrepudiation
The following describes which integrity method?
To ensure data integrity when communicating over a network, the sending system runs the data through a mathematical algorithm, known as a ____ algorithm, which then generates an answer, known as the ____ value. This ____ value is then sent with the data. On the receiving end of the transmission, the destination system runs the data through the same mathematical algorithm to generate an answer (___ value). Once the destination system has its own calculated ___ value, it then compares that to the ___ value sent with the message—if they are the same, then it is assumed the data has not been altered.
Hashing
The following describes which integrity method?
A ___ ___ is created on a message to prove the integrity of the sender of the message. Because the signature is created using a person’s private key and only that person has access to their private key, it proves the sender is who they say they are.
Digital Signature
The following describes which integrity method?
A ___ ___ is an electronic file used to transport keys used to encrypt or digitally sign messages
Digital Certificate
The following describes which integrity method?
___ is the concept of ensuring that someone cannot dispute that they sent a message or made a change, which adds to the integrity of the system. You can use digital signatures or auditing as a method to implement ___.
Nonrepudiation
____, the third fundamental goal of information security in the CIA Triad, is the concept of ensuring that the information is available when the user wants it. This is an often-overlooked aspect of information security.
Availability
What are the popular solutions used to help maintain availability?
- Permissions
- Backups
- Fault Tolerance
- Clustering
- Patching
The following describes which solution to help maintain availability?
Implementing ____ on a resource is a way to ensure availability because if you limit who can delete the data, then chances are high it will still be available when needed.
Permissions
The following describes which solution to help maintain availability?
Ensure you perform regular ___ of critical information so that if the data becomes corrupt or unavailable, you can restore it from ____.
Backups
The following describes which solution to help maintain availability?
You can implement data redundancy solutions to ensure that if one of the hard drives fails, the other drives have a copy of the information. Having multiple drives work together in this way is known as RAID, or Redundant Array of Independent Disks. With RAID, if one of the drives fail, the other drives provide the missing data.
Fault Tolerance
The following describes which solution to help maintain availability?
To ensure availability of services such as e-mail or database servers, you can use a high- availability solution such as ___. ___ allows you to have multiple servers acting as one unit so that if one server fails, the other server takes over the workload.
Clustering
The following describes which solution to help maintain availability?
Keeping a system up to date by applying service packs and security hot fixes is known as ___. ____ a system helps reduce vulnerabilities in the system and reduces the chances of attack.
Patching
Since computers are used so much for daily Air Force activities, they have presented new and pressing threats to security. Regardless of the threat or vulnerability, the Air Force COMPUSEC program
classifies these vulnerabilities as belonging to one of three categories:
unauthorized access, malicious logic and Fraud, Waste, and Abuse.
The following describes which category of threat to security?
As the name implies, ___ ___ involves an unauthorized person gaining access to computer hardware, software, or the information stored and processed by a computer system.
unauthorized access
The following describes which category of threat to security?
A second and more common threat to computer systems is ___ ___ (also known as malicious code), which includes computer viruses, spyware and steal-ware. ___ ___ is computer code (program) written with the intention of causing some form of problem for you and your computer system. These programs attempt to conceal themselves in your computer until a later time when they activate themselves and cause severe damage.
malicious logic
The following describes which category of threat to security?
____ results from any intentional deception designed to unlawfully deprive the Air Force of something of value or to secure an individual a benefit, privilege, allowance, or consideration to which they are not entitled. Air Force computer resources frequently face this problem. It is your responsibility to safeguard all resources (not just computers) and prevent ___.
Fraud, Waste and Abuse
Unauthorized access normally occurs in one of two ways: ____ (by a computer hacker) or ____ (where a person has gained physical access to the computer system and facility)
remotely
surreptitiously
___ or ___ protection is the primary means of preventing unauthorized access to a computer system.
password or pin
Writing your password down and hiding it beneath your desk calendar or sharing your password with another person is ___ ___.
strictly forbidden
___ ___ ___ ___ is another way to protect computer systems from unauthorized access by applying physical security measures.
Secure Area Access Controls
What are two examples of Fraud, Waste and Abuse?
Unauthorized Printing and Unauthorized Internet Use
