DOD 8570.01-M (W/ CHANGE-3), IAWF CH. 1-11 Flashcards
Within how many months of IA duty assignments must all military and Government civilian IAT
personnel achieve the appropriate IA certification unless a waiver is granted?
6
How many years from the effective date of DoD 8570.01-M to DoD employees and contractors who
perform IA functions have to comply with certification requirements?
4
What is the minimum certification level that is required prior to IA Managers authorizing unsupervised
privileged access for personnel performing IAT Levels I through III functions?
IAT Level I
What is the maximum time that Designated Accrediting Authorities (DAAs) can issue certification
requirement waivers for severe operational or personnel constraints?
6 Months
Personnel who are not appropriately qualified within how many months of assignment to a position or
who fail to maintain their certification status shall not be permitted privileged access?
6
Which positions are not authorized to be held by LNs or Foreign Nationals (FNs)?
IAT Level III
Which personnel provide Network Environment (NE) and advanced level CE support?
IAT Level II
How many years of experience do IAT Level II personnel typically have in IA technology or a related
area?
3
Which personnel focus on the enclave environment and support, monitor, test, and troubleshoot
hardware and software IA problems pertaining to the CE, NE, and enclave environments?
IAT Level III
How many years of experience do IAT Level III personnel typically have in IA technology or a related
area?
7
Within how many months of assignment of IA duties must management category military and
Government civilian personnel achieve the appropriate IA baseline certification for their level?
6
- DAAs may waive certification requirements under severe operational or personnel constraints for a
maximum of how many months?
6
Personnel in management category positions will retain an appointing letter assigning them IA
responsibilities for their systems per which reference?
DoD Instruction 8500.2
Which IAM positions may not be assigned to LNs or FNs?
IAM Level III
Which personnel are responsible for the implementation and operation of a DoD IS or system DoD
Component within their CE?
IAM Level I
Which personnel are responsible for the IA program of an IS within the NE?
IAM Level II
How many years of management experience do IAM Level II’s usually have?
5
Which personnel are responsible for ensuring all enclave IS are functional and secure?
IAM Level III
How many years of management experience do IAM Level III’s usually have?
10
Which reference directs that a DAA be appointed for each DoD information system operating within, or
on behalf of, the Department of Defense?
DoD Directive 8500.1
Who is the official that has the authority to formally assume responsibility for operating a system at an
acceptable level of risk?
DAA
Each assigned DAA must complete the DoD DAA CBT or WBT product within how many days of
assignment to the position?
60
How often must each assigned DAA recertify in the DISA DAA Certification course?
Every 3 years
- Who is the first and most vital line of defense for securing DoD information and systems?
User
Which CBT presented by DISA meets all DoD level requirements for end user awareness training?
DoD IA Awareness
What are the DoD Components required to use as their IA Awareness Provider?
DoD SSC
How often must personnel take IA awareness refresher training to retain access?
Annually
IA workforce data elements must comply with requirements established in which reference?
DoD Instruction 8500.2
All positions in the 2210 or other civilian IA job series must comply with what guidance on standardized
titling?
Office of Peronnel Management (OPM)
What must be used as the Position Specialty Code (PSC) in the Defense Civilian Personnel Data System
for all DoD civilian positions and personnel with IA functions regardless of OPM series or job title?
INFOSEC
What allows identification of a DoD civilian position with IA functions regardless of OPM series or job
title?
Position Specialty Code (PSC)
What is used to consolidate IA qualification and workforce management reporting requirements?
IA WIP Annual Report
Who coordinates IA Training and Certification Program requirements?
ASD(NII)/DoD CIO
What includes all individuals working for the Department of Defense in a foreign country who are
nationals or non-U.S. residents of that country?
LN
Within how many months of assignment of IA duties must IASAE specialty military and Government
civilian personnel achieve the appropriate IA baseline certification for their level?
6
How many years after the effective date of DoD 8570.01-M do DoD employees and contractors
performing IA functions have to comply with the certification requirements?
4
Waivers issued by DAAs to waive certification requirements when there are severe operational or
personnel constraints cannot be extended beyond how many months?
6
Personnel in IASAE specialty positions will retain an appointing letter assigning them IA responsibilities
for their system(s) in accordance with which reference?
DoD Instruction 8500.2
Which positions may not be held by LNs or FNs?
IASAE Level III
Which personnel are responsible for the design, development, implementation, and/or integration of a
DoD IA architecture, system, or system component for use within their CE?
IASAE Level I
Which personnel are responsible for the design, development, implementation, and/or integration of a
DoD IA architecture, system, or system component for use within the NE?
IASAE Level II
How many years of experience do IASAE Level II personnel usually have?
5
- Which positions are responsible for the design, development, implementation, and/or integration of a
DoD IA architecture, system, or system component for use within CE, NE, and enclave environments?
IASE Level III
How many years of experience do IASAE Level III personnel usually have?
10
What is the normal sustainment training/continuing education required over 3 years to maintain
certification status for planning purposes?
120 hours
Within how many months of assignment to an accredited CND-SP position must all CND-SP specialty
military and Government civilian personnel achieve the appropriate CND certification?
6
What has the authority to waive certification requirements under severe operational or personnel
constraints?
USSTRATCOM
Which personnel use collected data from a variety of CND tools to analyze events that occur within their
environment?
CND-A
How many years of minimum experience in CND technology or a related field is recommended for
CND-A personnel?
2
Which personnel test, implement, deploy, maintain, and administer infrastructure systems?
CND-IS
How many years of minimum experience in supporting CND and/or network systems and technology is
recommended for CND-IS personnel?
4
Who do CND-IS personnel work under and typically report to?
CND-SPM
Which personnel investigate and analyze all response activities related to cyber incidents within the NE
or Enclave?
CND-IR
How many years of minimum experience in CND technology or a related field is recommended for
CND-IR personnel?
5
Which personnel perform assessments of systems and networks within the NE or enclave and identify
where those systems/networks deviate from acceptable configurations, enclave policy, or local policy?
CND-AU
Which personnel are responsible for producing guidance for their NE or enclave, assisting with risk
assessments and risk management for organizations within their NE or enclave, and are responsible for
managing the technical classifications within their organization?
CND-SPM
