IDW: Network/IA Flashcards
How many networks do we have onboard?
6: NIPR, SIPR, CENTRIX, JWICS, PPLAN, MCMS
What is defense in depth in regards to IA?
A concept of multi-layered security; multi layers to prove that you are authorized.
What is the biggest threat to the network and how do we mitigate it?
User awareness and training.
What is compliance in regards to patching?
If a computer on the network isn’t fully patched then there’s a loophole that can be exploited.
How does inventory effect compliance?
If you don’t know where a non-compliant computer is, you can’t fix it and have vulnerability.
What is the ISSM and their responsibilities?
Information Systems Security Manager; serves as the point of contact for all command IA matters and implements IA program. Designated in writing by CO.
What is the ISSO and their responsibilities?
Designated system administrator for a system (GCCS, AIS, TMIP). They oversee compliance inventories and other requirements assigned by ISSM.
TASO responsibilities
Share drive folder and file management
SAAR form management
Cyber Awareness training management
Evaluate and report security vulnerabilities and problems
Complete and maintain inventories of all IT equipment
Notify ADP of equipment changes
Train and submit division requests for new equipment.
Ensure electrical safety checks conducted
Inform ADP of personnel changes
Assist with creating Outlook PST files
Assist uses in mapping drives
Assist Combat Systems with (Information Security) IS inspections
Communicate news from meetings with leadership.
What is a network violation?
Auto-forwarding Navy email to commercial email
Bypass firewalls
Use unauthorized software
Relocate or change equipment
Upload/download files
Using personal hardware
Misuse of IT resourcesto adversely reflect on Navy
What are spillage procedures?
Report to CoC, electronic spillage report must go out every 24hrs to every command involved.
What’s NETSEC responsible for?
All data security,assurance policy, network configuration management, spillage reporting
How often is anti-virus done
7 days
What did Private Manning do?
Copied classified classified info and uploaded to Internet.
What did Edward Snowden do?
Copied classified material to external hard drive and released it to the public.
Information Assurance
Practice of assuring information and managing risks related to the use, storage, and transmission of information or data.
Interim Authority To Operate
Has authorized termination date within 180 days; can’t have consecutive IATO totaling more than 360 days.
Authority To Operate (ATO)
Issued for 3 years; DAA authorized to run Information Systems at an acceptable level of risk
Public-key infrastructure (PKI)
Crypto technique that enables users to communicate on an insecure public network verify users identity by digital signatures.
Information Assurance Vulnerability Alert (IAVA)
Announcement of a computer vulnerability notification. IAVA’s require acknowledgement and compliance.
Public-key infrastructure (PKI)
Crypto technique that allows users to securely communicate on an insecure network using digital signatures to verify.
Information Assurance Vulnerability Bulletin (IAVB)
Announcement of a computer vulnerability. IAVBs require acknowledgement.
Information Assurance Vulnerability Technical (IAVT)
Announcement of a computer vulnerability. IAVT require notification only.
Computer Tracking Order (CTO)
Document sent out to change network posture of the fleet.
Information Assurance Manager (IAM)
Responsible for ensuring commands Information Systems are operated, used, maintained and disposed of
Virus
Harmful program in disguise
Worm
Self-replicating sub-viruses
Network Enumeration
Process of extracting valid account or exported resource names from systems using active connections and desires queries
Trojans
Harmful program disguised as a legit application
Network Enumeration
Extracting valid account or exported resource names from systems using active connections and desires queries
SQL Injection
Code injection technique; used to attack data-driven applications.
Privilege Escalation
Using a flaw to increase privilege level
Social Engineering
Deception to get sensitive information.
Host-Based Security System
Can detect and counter, in real time, against known cyber threats.
Dictionary attack
Using all words in dictionary to crack a code
Brute Force Attack
Using all possible methods to crack a code
Assured Compliance Assessment Solution (ACAS)
Used to scan the network for compliance of the latest patches in conjunction with VRAM.
Information Operation Condition (INFOCON)
5 levels; 1 is most dangerous and 5 is least dangerous. We are currently at 3.
Electronic Spillage
Placing sensitive material on a less sensitive network. Ex. Can’t go from high to low.
Navy Cyber Defense Operations Command (NCDOC)
Ensuring proper internet usage on-board USN Afloat Commands.
MSG Server
Provides 2 basic services on an enterprise firewall and a web proxy/cache server.
Non-classified Internet Protocol Router Network (NIPRNET)
Unclassified network. Ex: Facebook
Secret Internet Protocol Router Network (SIPRNET)
Classified network.
Joint Worldwide Intelligence Communications Systems (JWICS)
TS/SCI network
Virtual Local Area Network (VLAN)
Group of workstations, servers and network devices that appear to be on the same LAN despite geographical location
Domain Name System
Converting computer host names and domain names into IP addresses.
Dynamic Host Control Protocol (DHCP)
Provides IP addresses to computers.
Domain Controllers
Run Active Directory, Dynamic Host Configuration Protocol (DHCP), Domain Name System. We have 2 per network
Active Directory
Used to create, manage and edit objects on the network.
IPv4 address space
32 bit field and can support up to 4.3 billion IP addresses.
IPv6
Uses 128 bit addresses.
Common UDP/TCP Ports
20/21 - File Transfer Protocol (20 is data, 21 is control)
23 - Telnet
25 - Simple Mail Transfer Protocol
80 - Hypertext Transfer Protocol
443 - Hypertext Transfer Protocol w/ Secure Sockets Layer
Web Tier
Aka Web User Groups. Used to control bandwidth.
Web Tier
Web User Groups. Used to control bandwidth. We have 3 (low, medium and high)
DOS Commands
Ping: Used to reach the ability of a host on a IP network.
Trace Route: used to determine the path taken to a destination across a network.
IPCONFIG: Tool used to view network interface configurations.
Navy Information Application Product Suite (NIAPS)
Deliver maintenance, logistics, administrative, training and management applications to users at sea.
NKO Afloat, FEDLOG, Distance Support
Navy Tactical Command Support System (NTCSS)
Provides a full range of of standardized mission support ADP hardware and software.
NTCSS Applications include:
R-Supply: Relation supply provides Navy and Marines tools and functions needed to perform daily tasks.
OMMS-NG (Organizational Maintenance Management System-Next Generation: Provides quick, convenient access to the maintenance information needed for readiness
R-ADM (Relational Administrative Data Management): Personnel management
NALCOMIS (Naval Logistics Command Management Information System): Provides aviation maintenance and material management with information.
TMIP-M (Theater Medical Information Program-Maritime)
AHLTA: Utilized for sick call information and dr’s notes
SAMS: Holds shot records, and transit data off ship to NMO
FLTNOC (Fleet Network Operations Centers)
ECRNOC: European; Naples, Italy
IONOC: Indian Ocean; Bahrain.
PRNOC: Pacific; Wahiawa, HI
UARNOC: Unified Atlantic; Norfolk, VA
DCGS-N (Distributed Common Ground System-Navy):
Provides real time imagery in support of fleet intelligence.
CENTRIXS (Combined Enterprise Regional Information Exchange System):
Global data network for U.S. and petter forces to share classified operational and intelligence information.
GCCS-M (Global Command and Combat System-Maritime)
Provides afloat joint and allied commanders a single integrated C4I with intelligence and environmental information.
Who is the ships Information Assurance Manager (IAM)
LT Johnson and ITC Brown
How many layers are there in the OSI model
7
Layer 1 of OSI Model
Physical
Layer 2 of OSI Model
Data Link
Layer 3 of OSI Model
Network
Layer 4 of OSI Model
Transport
Layer 5 of OSI Model
Session
Layer 6 of OSI Model
Presentation
Layer 7 of OSI Model
Application
