ET1 Grenninger

Question 1

IA?

Answer 1

Information Operations that protect and defend data and IS by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This includes providing restoration of IS by incorporating protection, detection, and reaction capabilities

Question 2

ATO?

Answer 2

Authority to Operate

Question 3

5 Attributes of IA?

Answer 3

Confidentiality
Integrity
Availability
Non-repudiation
Authentication

Question 4

IAVT?

Answer 4

Info Assurance Vulnerability Technical Adivisory

An IAVA addresses severe network vulnerabilities resulting in immediate and potentially severe threats to DOD systems and information. Corrective action is of the highest priority due to the severity of the vulnerability risk.

Question 5

Service Pack?

Answer 5

A service pack (in short SP) is a collection of updates, fixes and/or enhancements to a software program delivered in the form of a single installable package.

Question 6

Purpose of Naval Intelligence

Answer 6

Naval intelligence provides evaluated intelligence on an adversary’s capabilities and intentions to support planning and operations at all levels of warfare.

Question 7

Three Categories of Intelligence?

Answer 7

Strategic
Operational
Tactical

Question 8

PIR?

Answer 8

Priority Intelligence Requirement

Question 9

CCIR?

Answer 9

Commander Critical Information Requirement

Question 10

Three Examples of Intelligence Briefs?

Answer 10

Geopolitics
Security
Intelligence

Question 11

Define OPSEC

Answer 11

It is a systematic, proven process that identifies, controls and protects sensitive but unclassified information about a mission, operation or activity.

Question 12

OPSEC 5 Steps for Planning?

Answer 12

ID Critical Info
Analyze Threat
Analyze Vulnerabilities
Assess Risk
Apply Countermeasures

Question 13

Responsibilities of command OPSEC officer?

Answer 13

Administering the program
Advise the CO on OPSEC matters
Conduct OPSEC surveys, education and training

Question 14

WRA?

Answer 14

Web Risk Assessment:

Question 15

Red Cross Message?

Answer 15

AMCROSS messages contain information very personal to the intended recipient. Therefore, communications personnel will not discuss the contents of such a message with anyone and will limit the message distribution to the executive officer or an appointed alternate only. IMMEDIATE precedence maybe assigned to AMCROSS messages concerning death or serious illness.

Question 16

River City?

Answer 16

OPSEC tool that limits communications.

Question 17

VTC?

Answer 17

VIdeo Teleconferencing

VTC technology is an extension or combination of television, which provides the audio and video communication aspect, and telephony or telecommunications which provides the addressable, bi-directional connectivity.

Question 18

GINGERBREAD?

Answer 18

Designed to alert all personnel monitoring over communications that a breach of security has been made over the network. The only answer that can be made is to terminate connections.

Question 19

Intrusion?

Answer 19

The intentional insertion of EM energy into transmission paths in any manner, with the objective of deceiving operators or causing confusion.

Question 20

Spillage?

Answer 20

Data placed on an information system possessing insufficient security controls to protect the data at the required classification posing a risk to national security (e.g., SCI onto top secret, secret onto unclas, etc).

Question 21

State how often a CO is required to conduct a CMS inspection.

Answer 21

Unannounced spot checks are conducted at least quarterly. The CO may delegate no more than two of the four quarterly inspections to XO.

Question 22

SAER?

Answer 22

Security Access Eligibility Report- assists in making an affirmative determination that the person is an acceptable security risk.

Question 23

RAM?

Answer 23

RAM (Random Antiterrorism Measures), at a minimum, shall consist of the random implementation of higher FPCON measures in consideration of the local terrorist capabilities. Random use of other physical security measures should be used to supplement FPCON measures.

Question 24

Three Comsec Incidents?

Answer 24

Cryptographic
Personnel
Physical