M1

Question 1

What are the five pillars of information assurance?

Answer 1

Confidentiality - Unauthorized persons are not able to access information

Integrity - Information is not modified, altered, or changed in any way

Availability - Information system is usable and the information is accessible

Authentication - Person who is accessing the information is who they say they are.

Non-repudiation - No one can later deny their role in communications or that they accessed the information.

Question 2

What is COMPUSEC?

Answer 2

Computer Security

Question 3

What is a GFE?

Answer 3

Government Furnished Equipment

Question 4

How long should you keep a password?

Answer 4

Up to 180 days

Question 5

How many characters minimum should a secure password have?

Answer 5

14

Question 6

How many consecutive characters should a secure password have?

Answer 6

No more than 3 consecutive characters

Question 7

When making a new password, how many characters should change at a minimum from the last password?

Answer 7

Minimum 4 characters

Question 8

You should stray away from ________ information and _____ phrases or __________ words when making a password.

Answer 8

personal information
common phrases
dictionary words

Question 9

What is the difference between Sensitive and Critical information?

Answer 9

Sensitive information is information that the mishandling of could adversely affect the national interest, but that has not been specifically authorized to be kept secret (Sensetive, important but not specifically secret)

Critical information is the information needed by adversaries for them to plan so as to guarantee the failure of friendly missions. (Critical, helps bad guys guarantee our failure)

Question 10

What is the OPSEC Five-Step Planning Process?

Answer 10

1. Identify Critical Information (what info)
2. Analyze Threats (Who wants info)
3. Analyze Vulnerabilities (Where’s the weakness)
4. Assess Risk (level of impact to the mission)
5. Apply Countermeasures (smarter ways of doing task)

Question 11

What does Confidentiality mean in the OPSEC Five-Step Planning Process?

Answer 11

Unauthorized persons are not able to access information

Question 12

What does Integrity mean in the OPSEC Five-Step Planning Process?

Answer 12

Information is not modified, altered, or changed in any way

Question 13

What does Availability mean in the OPSEC Five-Step Planning Process?

Answer 13

Information system is usable and the information is accessible

Question 14

What does Authentication mean in the OPSEC Five-Step Planning Process?

Answer 14

Person who is accessing the information is who they say they are.

Question 15

What does Non-repudiation mean in the OPSEC Five-Step Planning Process?

Answer 15

No one can later deny their role in communications or that they accessed the information.

Question 16

What is the Executive Order dealing with Insider Threat?

Answer 16

EO 13587 directs U.S. Government executive branch departments to assess the effectiveness of insider threat programs

Question 17

What are the three main types of Phishing?

Answer 17

Phishing
Spear Phishing
Whaling

Question 18

What is Phishing?

Answer 18

Suspicious e-mails or pop-ups that induce individuals to reveal personal information (broad target)

Question 19

What is Spear Phishing?

Answer 19

A type of Phishing attack that targets specific individuals, groups of people, or organizations (narrow target)

Question 20

What is Whaling?

Answer 20

A complex and targeted phishing attack against high-level personnel (extremely specific and high-value)

Question 21

Intelligence efforts focus on detecting and countering what threats?

Answer 21

Espionage, Terrorism, and Weapons of Mass Destruction

Question 22

What is Intelligence Oversight?

Answer 22

Intelligence Oversight is the process that ensures intelligence-related activities are in accordance with the constitution, law, executive orders, and DOD directives

Question 23

What are the two main objectives of Intelligence Oversight?

Answer 23

Ensure the DOD can conduct Intelligence and CI missions

Protect the statutory and constitutional rights of U.S. persons

Question 24

What is EO 12333?

Answer 24

EO 12333 establishes that the U.S. intelligence effort shall provide POTUS, NSC, HSC information concerning national interests and the development of policies from foreign security threats

Question 25

What does DoD manual 5240.01 establish?

Answer 25

Procedures to enable DoD to conduct intel activities to protect U.S. persons

Question 26

What are the two authorized intelligence activities?

Answer 26

Foreign Intelligence | Counterintelligence (CI)

Question 27

What is foreign intelligence?

Answer 27

Information relating to the capabilities, intentions, and activities of foreign powers.

Question 28

What is Counterintelligence?

Answer 28

Information used to identify, deceive, exploit, disrupt, or protect against espionage, sabotage, or assassinations conducted on behalf of foreign powers

Question 29

What does DoD manual 5240.01 outline?

Answer 29

It outlines the DoD Intelligence Oversight program.

Question 30

What is Title 50?

Answer 30

Titled War and National Defense, it governs foreign intelligence efforts

Question 31

What is Title 10?

Answer 31

Titled Armed Forces, governs establishment, training, equipping, and readiness of the Armed Forces to conduct offensive operations when ordered by POTUS

Question 32

What is Title 32?

Answer 32

Titled National Guard, governs the strength and organization of the Army and Air National guard.

Question 33

What is NSD 42?

Answer 33

National Security Directive 42 establishes cybersecurity guidelines to secure national security systems, and assigns agency responsibilities

Question 34

What is the purpose of the Intelligence Cycle?

Answer 34

To collect information and develop intelligence for use by IC customers

Question 35

What are the six steps of the Intelligence Cycle?

Answer 35

``` Planning and Direction Collection Processing and Exploitation Analysis and Production Dissemination Evaluation and Feedback ```

Question 36

What is Data?

Answer 36

A set of values or quantitive variables

Question 37

What is Information?

Answer 37

Collected data processed into an intelligible form

Question 38

What is Intelligence?

Answer 38

Information giving new insight to a given situation.

Question 39

In the Intelligence Cycle, what is Planning and Direction?

Answer 39

Policymakers determine what issues need to be addressed and set intelligence priorities

Question 40

In the Intelligence Cycle, what is Collection?

Answer 40

Collection refers to collecting information

Question 41

In the Intelligence Cycle, what is Processing and Exploitation?

Answer 41

using highly trained and specialized personnel and equipment to turn large amounts of raw data into usable information

Question 42

In the Intelligence Cycle, what is Analysis and Production?

Answer 42

Analysts examine and evaluate collected information, add context, and integrate findings into complete products

Question 43

In the Intelligence Cycle, what is Dissemination?

Answer 43

Delivering the information to the people who make decisions based off of the information

Question 44

In the Intelligence Cycle, what is Evaluation and Feedback?

Answer 44

Evaluate the product for relevance, bias, accuracy, and timeliness and to see if the process to ensure thoroughness and efficiency. Feedback helps adjust and refine activities and outputs to help meet the customers' information needs.

Question 45

What is the definition of Disseminate?

Answer 45

To scatter or spread widely; broadcast; disperse

Question 46

What are the six basic intelligence disciplines for collection?

Answer 46

``` GEOINT HUMINT IMINT MASINT OSINT SIGINT ```

Question 47

What does CRITIC refer to?

Answer 47

Critical information

Question 48

When should CRITIC reporting be based solely on unclassified information?

Answer 48

When that information is unlikely to be readily available to the President and the National Security Council.

Question 49

What are events that meet CRITIC reporting requirements?

Answer 49

- Hostile Acts (attack/sabotage against US or allies; war; WMD; infrastructure; cyber attacks that affect Command+control, govt, or essential services; emergency cyber action) - Terrorist Acts - Political Disruption/Instability - Cyber attacks that create immediate major humanitarian, environmental, or economic crises

Question 50

Who is the DNI?

Answer 50

Director of National Intelligence, head of the IC

Question 51

What does IC mean?

Answer 51

Intelligence Community

Question 52

What is a SCC?

Answer 52

Service Cryptologic Component, relating to Armed Forces crypto activities

Question 53

What are the five SCCs?

Answer 53

(Navy) - US Fleet Cyber Command (USFCC)/Commander Tenth Fleet (C10F) (USMC) - Marine Cryptologic Support Battalion (MCSB) Coast Guard Cryptologic Group (CGCG) US Army Intelligence and Security Command (INSCOM) Sixteenth Air Force (16 AF)

Question 54

What is a CC?

Answer 54

Cryptologic Center, they perform critical SIGINT and cybersecurity mission ops focused on analysis and production

Question 55

Where are the four CCs?

Answer 55

Colorado Georgia Hawaii Texas

Question 56

What is referred to when someone mentions the "five eyes"?

Answer 56

The NSA and its partners, Australia, Canada, New Zealand, and the United Kingdom

Question 57

What are the NSA's foreign second-party partners?

Answer 57

Australia Canada New Zealand United Kingdom

Question 58

What is a CCMD?

Answer 58

Combatant Command

Question 59

What is the UCP?

Answer 59

Unified Command Plan, establishes mission responsibility and geographic areas of responsibility to each CCMD