COMNAVCYBERFORINST 5239.1, INFORMATION ASSURANCE WORKFORCE IMPROVEMENT PROGRAM (IA WIP) Flashcards

1
Q

What instruction sets forth the requirements and procedures for Navy commands to professionalize and develop the Navy Information Assurance Workforce (IAWF)?

A

COMNAVCYBERFORINST 5239.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which approach is taken by the DoD in relation to Information Assurance (IA)?

A

Defense in Depth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is responsible for overseeing and verifying compliance with government IT security regulations and the Department of Defense (DoD) IA policy as it pertains to people?

A

NAVCYBERFOR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What percent of Echelon II Command Information Officers (CIOs) subordinate commands must be inspected on annual basis to ensure IA WIP compliance?

A

5%

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How many working days after the inspection out brief must Echelon II Command Information Officers (CIOs) forward the results of all IA WIP inspections to CYBERFOR?

A

10

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How many guiding principles support the Navy’s IAWF strategy?

A

5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Where must standardized IAWF Mission Essential Tasks Lists (METLs) and readiness assessments be documented for use by the Fleet and Operating Force?

A

Defense Readiness Reporting System (DRRS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which functions focus on the development, accreditation, operation, management, and enforcement of security capabilities for systems and networks?

A

IAWF

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Who is the official that formally assumes responsibility for operating a system at an acceptable level of risk?

A

Designated Accrediting Authority (DAA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which civilian series is normally held by the DAA at the GS 14/15 level?

A

2210

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Who is the person within a headquarters, acquisition, site, system, etc… who owns the business process and controls funding for the system?

A

IA Program Manager (IAPM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which level must IAPMs be commercially certified up to?

A

IAM Level III

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which personnel are responsible for the implementation and operation of a DoD Information System (IS) within their environment, enclave, network, or individual computing system level?

A

IA Manager (IAM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which IAM training level are Network Level IAM positions required to train up to?

A

II

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the only IAM job that may be carried out on a collateral duty basis?

A

Level I IAM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The functions of Level I IAMs may be carried out by a higher level authority if the command manpower/personnel structure is less than how many employees?

A

25

17
Q

Which personnel are responsible for the maintenance, defense and operation of DoD IS within their environment, enclave, network, or individual computing system level?

A

Information Assurance Technical (IAT)

18
Q

Which personnel are responsible to an IAM for ensuring the appropriate operational IA posture is maintained for command, organization, site, or system?

A

IA Officers (IAOs)

19
Q

A contractor may not hold the IAO position for which environment level?

A

III

20
Q

Which personnel perform the tasks required to analyze, assess, and document IA capabilities and services of DoD Information Systems to establish compliance with IA requirements, identify vulnerabilities, and quantify risk?

A

Certification and Accreditation (C&A)

21
Q

Who acts as the accreditation representative on the local level and approves all C&A packages that go to the DAA?

A

Certification Authority Representative (CAR)

22
Q

Who is the official responsible for performing the comprehensive evaluation of the technical and non-technical security features and safeguards of an IT system, application, or network?

A

Certification Authority (CA)

23
Q

Which individual is responsible for overseeing the site accreditation package or process?

A

Certification Agent

24
Q

Which individual is responsible for assisting in preparation of the site accreditation package?

A

Validator

25
Q

Which personnel use data collected from a variety of CND tools to analyze events?

A

CND-A

26
Q

Which personnel test, implement, deploy, maintain, and administer the infrastructure systems that manage the CND-SP network?

A

CND Infrastructure Support (CND-IS)

27
Q

Which personnel investigate and analyze activities related to cyber incidents within the NE or Enclave?

A

CND Incident Responder (CND-IR)

28
Q

Which personnel assess systems and networks within the NE or enclave and identify deviations from acceptable configurations or policy?

A

CND Auditor (CND-AU)

29
Q

Who provides Enterprise policy for civilian personnel?

A

Assistant Secretary of the Navy for Manpower and Reserve Affairs (ASN M&RA)

30
Q

Civilian personnel managers and supervisors must ensure that the Commanding Officer’s appointment letter states that a commercial certification is required to meet the requirements of which publication?

A

DoD 8570.01-M

31
Q

How many months do IA professionals have to meet commercial certification requirements after they have been hired before being transferred to a job that doesn’t require them?

A

6

32
Q

What provides oversight to IAWF with special focus on education and training?

A

CYBERFOR

33
Q

What was established to set standards for National Security Systems?

A

Committee for National Security Standards (CNSS)