H02X Flashcards
H17: Select from a list of distracters the title of the public law that requires each federal agency to develop, document, and implement an agency wide program to provide information security for the information and information systems that support the operations and assets of the agency
Public Law 107-347 / Title III – Federal Information Security Management Act (FISMA)
H17: Identify the four groups that IA policies can be categorized
Senior IA Management Policy Statement
Regulatory
Advisory
Informative
H17: Identify the Department of Defense (DoD) level policy that defines the Defense-in-Depth Information Assurance (IA) Architecture
?
DoDD 8500.1 (Information Assurance)
DODI 8500.2 (Information Assurance Implementation)
H17: Identify the four categories of Department of Defense (DoD) information systems
.
H17: Identify the five supporting elements of Information Assurance in accordance with Department of Defense Directive (DoDD) 8500.1 (Information Assurance) and the Committee on National Security Systems Instruction (CNSSI)
Availability Authentication Confidentiality Non-repudiation Integrity
H17: Identify the DoD level policy that addresses the formulation of an Information Assurance (IA) Baseline
DODI 8500.2 (Information Assurance Implementation)
H17: Select from a list of distracters the Marine Corps Order (MCO) that establishes the Marine Corps Information Assurance Program (MCIAP)
MCO 5239.2
H17: State in writing the definition of a Marine Corps Enterprise Network (MCEN) Operational Directive
MCEN Operational directive messages will assign network related actions that must be taken by recipient commands. Frequently, these messages will specify a deadline for accomplishing the directed actions.
H17: State in writing the definition of a Marine Corps Enterprise Network (MCEN) Advisory
MCEN advisory messages will disseminate valuable information or deliver recommendations for consideration by local commanders relative to network management, operations, security and defense.
H18: Correctly match a Marine Corps Information Assurance Workforce (IAW) role to its corresponding responsibility
.
H18: Select from a list of distracters the annual training requirement mandated for all Information Systems (IS) users
All Information Systems users should receive Awareness and Refresher Training – Currently CYBERM0000 on MarineNet.
H20: Select from a list of distractors the definition of an event as it relates to incident response
Any observable occurrence in a system and/or network
H20: Select from a list of distracters the definition of an incident as it relates to incident response
an adverse event in an information system and/or network or the threat of the occurrence of such an event.
H20: Select from a list of distracters the eight categories of an incident
Malicious code Unauthorized access Inappropriate usage Service disruption Espionage Hoaxes Spillages Multiple category
H20: Select from a list of distracters the six components of an Incident Response Policy
Preparation Detection Containment Eradication Recovery Follow–Up
H20: Select from a list of distracters the definition of an audit
An independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures, and to recommend necessary changes in controls, policies, or procedures.
H20: Identify how to conduct evidence processing
Immediate Action Policy or legal? Notification Documentation Chain of custody
H21: Select from a list of distracters the purpose of the Department of Defense (DoD) Information Operations Condition (INFOCON) System
The INFOCON system provides a framework within which the Commander USSTRATCOM (CDRUSSTRATCOM), regional commanders, service chiefs, base, post, camp, station, vessel commanders, or agency directors can increase the measurable readiness of their networks to match operational priorities. The major change is a shift in strategy from a threat focus to a readiness focus.
*INFOCON 5 is normal readiness and INFOCON 1 is maximum readiness.
H22: Select from a list of distracters the purpose of the Department of Defense (DoD) Information Assurance Vulnerability Management (IAVM) Program
To provide management over mitigating vulnerabilities that are found in DoD information systems.
H22: Select from a list of distracters the three different functions of the DoD Information Assurance Vulnerability Management (IAVM) Program
Information Assurance Vulnerability Alert (IAVA)
Information Assurance Vulnerability Bulletin (IAVB)
Technical Advisory (TA)
H22: Summarize in writing the eight steps associated with the Marine Corps Information Assurance Vulnerability Management (IAVM)
Step 1. DISA identifies vulnerabilities of significance to the DoD and reports them to the JTF-GNO. JTF-GNO promulgates this IAVM information via Formal Message to Service Components and Combatant Commands. The three types released are IAVA, IAVB and TA.
Step 2. The MCNOSC acknowledges receipt of IAVA and IAVB within five working days to JTF-GNO. TA messages do not require acknowledgment of receipt. The MCNOSC will then conduct an initial technical assessment of the IAVM message to determine its applicability to Marine Corps Networks.
Step 3. MCNOSC issues a USMC IAVM formal message. The MCNOSC will issue IAVM messages, which will be tailored to the specific information technology environment of the Marine Corps. Therefore, on occasion, IAVB and TA messages may be republished to the Marine Corps with compliance and reporting requirements. All IAVAs, IAVBs, and TAs with mandated compliance requirements will be disseminated by the MCNOSC as MCEN Operational Directive (OpDir) messages. Messages with no mandated compliance requirements will be released as MCEN Advisory Messages. IAVM messages will be disseminated throughout the Marine Corps, via the Defense Messaging System (DMS), Aumoted Message Handling System (AMHS), and AUTODIN for appropriate action. The MCNOSC shall also provide copies of these messages via e-mail to EDS (NMCI) at the same time of release to the Marine Corps.
Step 4. Configuration Control Authorities (Program Groups at MARCORSYSCOM) issue approval to apply IAVM corrective actions to Centrally Managed Systems.
Step 5: Implementation of IAVM Message corrective Actions. All Marine Corps organizations and the NMCI vendor shall take appropriate action on IAVM messages.
Step 6. Units report IAVM compliance status information or submit extension requests. Reporting of IAVM compliance is a third echelon reporting responsibility for Marine Corps Assets in NMCI AOR, non-NMCI managed assets and Deployed Networks. Centrally Managed Systems shall report compliance to the MCNOSC. Reporting shall include all information requested in the Operational Directive.
Step 7. Compliance Verification - The MCNOSC will validate MCEN compliance via vulnerability analysis tools and report these results to the Marine Corps DAA.
Step 8. The MCNOSC will compile and submit an aggregated Service component report of IAVM compliance and extensions to JTF-GNO. This shall be accomplished by the JTF-GNO within the specified deadline established by the JTF-GNO. This in most cases is 30 days from the date issued.
H23: Identify the elements of the tactical Certification & Accreditation process workflow
- MEF IAM receives packet from unit
- MCNOSC INS Q&A
- C4 C&A/DAA reviews the package and issues IATO
- Necessary documents issued to DISA SCAO
H23: Identify the Certification & Accreditation enclosures and required documents
Exercise request letter Endorsement letters from each CAR starting with the MSC through the MEF Information Systems Security Plan (ISSP) IAM/IAO Appointment Letter C4 Systems List C4 Applications list Detailed Diagrams
H03: State in writing the five core capabilities of Information Operations
Military Information Support Operations (MISO) Military Deception Operations Security (OPSEC) Electronic Warfare (EW) Cyberspace Operations (CO)
H03: Define Department of Defense (DoD) Information Network Operations (DINO)
Operations to build, design, configure, secure, operate, maintain, and sustain Department of Defense networks to create and preserve information assurance on the Department of Defense Information Network
H03: Define Defensive Cyberspace Operations (DCO)
Operations passive and active, intended to preserve the ability to utilize friendly cyberspace capabilities and protect data, networks, and net-centric capabilities. Included within DCO is DCO- response action (DCO-RA)
H03: Define Offensive Cyberspace Operations (OCO)
Operations intended to project power by the application of force in and through cyberspace.
