COMNAVCYBERFORINST 5239.1, INFORMATION ASSURANCE WORKFORCE IMPROVEMENT PROGRAM (IA WIP)

Question 1

Which instruction sets forth the requirements and procedures for Navy commands to professionalize and develop the Navy Information Assurance Workforce (IAWF)

Answer 1

COMNAVCYBERFORINST 5239.1

Question 2

Which approach is taken by the DoD in relation to Information Assurance (IA)?

Answer 2

Defense in Depth

Question 3

What is responsible for overseeing and verifying compliance with government IT security regulations and the Department of Defense (DoD) IA policy as it pertains to people?

Answer 3

NAVCYBERFOR

Question 4

What percent of Echelon II Command Information Officers (CIOs) subordinate commands must be inspected on an annual basis to ensure IA WIP compliance?

Answer 4

5%

Question 5

How many working days after the inspection outbrief must Echelon II Command Information Officers (CIOs) forward the results of all IA WIP inspections to CYBERFOR?

Answer 5

10

Question 6

How many guiding principles support the Navy’s IAWF strategy?

Answer 6

5

Question 7

Where must standardized IAWF Mission Essential Tasks Lists (METLs) and readiness assessments be documented for use by the Fleet and Operating Force?

Answer 7

Defense Readiness Reporting System (DRRS)

Question 8

Which functions focus on the development, accreditation, operation, management, and enforcement of security capabilities for systems and networks?

Answer 8

IAWF

Question 9

Who is the official that formally assumes responsibility for operating a system at an acceptable level of risk?

Answer 9

Designated Accrediting Authority (DAA)

Question 10

Which civilian series is normally held by the DAA at the GS 14/15 level?

Answer 10

2210

Question 11

Who is the person within a headquarters, acquisition, site, system, etc… who owns the business process and controls funding for the system?

Answer 11

IA Program Manager (IAPM)

Question 12

Which level must IAPMs be commercially certified up to?

Answer 12

IAM Level III

Question 13

Which personnel are responsible for the implementation and operation of a DoD Information System (IS) within their environment, enclave, network, or individual computing system level?

Answer 13

IA Manager (IAM)

Question 14

Which IAM training level are Network Level IAM positions required to train up to?

Answer 14

II

Question 15

What is the only IAM job that may be carried out on a collateral duty basis?

Answer 15

Level I IAM

Question 16

The functions of Level I IAMs may be carried out by a higher level authority if the command manpower/personnel structure is less than how many employees?

Answer 16

25

Question 17

Which personnel are responsible for the maintenance, defense and operation of DoD IS within their environment, enclave, network, or individual computing system level?

Answer 17

Information Assurance Technical (IAT)

Question 18

Which personnel are responsible to an IAM for ensuring the appropriate operational IA posture is maintained for command, organization, site, or system?

Answer 18

IA Officers (IAOs)

Question 19

A contractor may not hold the IAO position for which environment level?

Answer 19

III

Question 20

During what process are tasks required to analyze, assess, and document IA capabilities and services of DoD Information Systems to establish compliance with IA requirements, identify vulnerabilities, and quantify risk?

Answer 20

Certification and Accreditation

Question 21

Who acts as the accreditation representative on the local level and approves all C&A packages that go to the DAA?

Answer 21

Certification Authority Representative (CAR)

Question 22

Who is the official responsible for performing the comprehensive evaluation of the technical and non-technical security features and safeguards of an IT system, application, or network?

Answer 22

Certification Authority (CA)

Question 23

Which individual is responsible for overseeing the site accreditation package or process?

Answer 23

Certification Agent

Question 24

Which individual is responsible for assisting in preparation of the site accreditation package?

Answer 24

Validator

Question 25

Which personnel use data collected from a variety of CND tools to analyze events?

Answer 25

CND-A

Question 26

Which personnel test, implement, deploy, maintain, and administer the infrastructure systems that manage the CND-SP network?

Answer 26

CND Infrastructure Support (CND-IS)

Question 27

Which personnel investigate and analyze activities related to cyber incidents within the NE or enclave?

Answer 27

CND Incident Responder (CND-IR)

Question 28

Which personnel assess systems and networks within the NE or enclave and identify deviations from acceptable configurations or policy?

Answer 28

CND Auditor (CND-AU)

Question 29

Who provides Enterprise policy for civilian personnel?

Answer 29

Assistant Secretary of the Navy for Manpower and Reserve Affairs (ASN M&RA)

Question 30

Civilian personnel managers and supervisors must ensure that the Commanding Officer’s appointment letter states that a commercial certification is required to meet the requirements of which publication?

Answer 30

DoD 8570.01-M

Question 31

How many months do IA professionals have to meet commercial certification requirements after they have been hired before being transferred to a job that doesn’t require them?

Answer 31

6

Question 32

What provides oversight to IAWF with special focus on education and training?

Answer 32

CYBERFOR

Question 33

What was established to set standards for National Security Systems?

Answer 33

Committee for National Security Standards (CNSS)