Practices (L2) Flashcards

1
Q

AC.L2-3.1.3

A

Title: Control CUI Flow
Access Control (AC)
Level 2

Purpose: Control the flow of CUI IAW approved authorizations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

AC.L2-3.1.4

A

Title: Separation of Duties
Access Control (AC)
Level 2

Purpose: Separate the duties of individuals to reduce the risk of malevolent activity without collusion.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

AC.L2-3.1.5

A

Title: Least Privilege
Access Control (AC)
Level 2

Purpose: Employ the principle of leas privilege, including for specific security functions and privileged accounts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

AC.L2-3.1.6

A

Title: Non-Privileged Account Use
Access Control (AC)
Level 2

Purpose: use non-privileged accounts or roles when accessing non-security functions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

AC-L2.3.1.7

A

Title: Privileged Functions
Access Control (AC)
Level 2

Purpose: Prevent non-privileged users from executing privileged functions and capture the execution of such functions in audit logs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

AC.L2-3.1.8

A

Title: Unsuccessful Logon Attempts
Access Control (AC)
Level 2

Purpose: Limit unsuccessful logon attempts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

AC.L2-3.1.9

A

Title: Privacy & Security Notices
Access Control (AC)
Level 2

Purpose: Provide privacy and security notices consistent with applicable CUI rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

AC.L2-3.1.10

A

Title: Session Lock
Access Control (AC)
Level 2

Purpose: Use session lock with pattern-hiding displays to prevent access and viewing of data after a period of inactivity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

AC.L2-3.1.11

A

Title: Session Termination
Access Control (AC)
Level 2

Purpose: Terminate (automatically) a user session after a defined condition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

AC.L2-3.1.12

A

Title: Control Remote Access
Access Control (AC)
Level 2

Purpose: Monitor and control remote access sessions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

AC.L2-3.1.13

A

Title: Session Termination
Access Control (AC)
Level 2

Purpose: Employ cryptographic mechanisms to protect the confidentiality of remote access sessions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

AC.L2-3.1.14

A

Title: Remote Access Routing
Access Control (AC)
Level 2

Purpose: Route remote access via managed access control points.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

AC.L2-3.1.15

A

Title: Privileged Remote Access
Access Control (AC)
Level 2

Purpose: Authorize remote execution of privileged commands and remote access to security-relevant information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

AC.L2-3.1.16

A

Title: Wireless Access Authorization
Access Control (AC)
Level 2

Purpose: Authorize wireless access prior to allowing such connections

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

AC.L2-3.1.17

A

Title: Wireless Access Protection
Access Control (AC)
Level 2

Purpose: Protect wireless access using authenticationand encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

AC.L2-3.1.18

A

Title: Mobile Device Connection
Access Control (AC)
Level 2

Purpose: Control connection of mobile devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

AC.L2-3.1.19

A

Title: Encrypt CUI on Mobile
Access Control (AC)
Level 2

Purpose: Encrypt UI on mobile devices and mobile computing platforms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

AC.L2-3.1.21

A

Title: Portable Storage Use
Access Control (AC)
Level 2

Purpose: Limit use of portable storage devices on external systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

AU.L2-3.3.1

A

Title: System Auditing
Audit and Accountability (AU)
Level 2

Purpose: Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

AU.L2-3.3.2

A

Title: User Accountability
Audit and Accountability (AU)
Level 2

Purpose: Ensure the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

AU.L2-3.3.3

A

Title: Event Review
Audit and Accountability (AU)
Level 2

Purpose: Review and update logged events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

AU.L2-3.3.4

A

Title: Audit Failure Alerting
Audit and Accountability (AU)
Level 2

Purpose: Alert in the event of an audit logging process failure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

AU.L2-3.3.5

A

Title: Audit Correlation
Audit and Accountability (AU)
Level 2

Purpose: Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

AU.L2-3.3.6

A

Title: Reduction & Reporting
Audit and Accountability (AU)
Level 2

Purpose: Provide audit record reduction and report generation to support on-demand analysis and reporting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

AU.L2-3.3.7

A

Title: Authoritative Time Source
Audit and Accountability (AU)
Level 2

Purpose: Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

AU.L2-3.3.8

A

Title: Audit Protection
Audit and Accountability (AU)
Level 2

Purpose: Protect audit information and audit logging tools from unauthorizes access, modification, and deletion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

AU.L2-3.3.9

A

Title: Audit Management
Audit and Accountability (AU)
Level 2

Purpose: Limit management of audit logging functionality to a subset of privileged users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

AT.L2-3.2.1

A

Title: Role-Based Risk Awareness
Awareness and Training (AT)
Level 2

Purpose: Ensure that managers, systems administrators, and user of organizational systems are made aware of the security risks associated with their activities and of the applicable policies, standards, and procedures related to the security of those systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

AT.L2-3.2.2

A

Title: Role-Based Training
Awareness and Training (AT)
Level 2

Purpose: Ensure that personnel are trained to carry out their assigned information security-related duties and responsibilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

AT.L2-3.2.3

A

Title: Insider Threat Awareness
Awareness and Training (AT)
Level 2

Purpose: Provide security awareness training on recognizing on recognizing and reporting potential indicators of insider threats.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

CM.L2-3.4.1

A

Title: System Baselining
Configuration Management (CM)
Level 2

Purpose: Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

CM.L2-3.4.2

A

Title: Security Configuration Enforcement
Configuration Management (CM)
Level 2

Purpose: Establish and enforce security configuration settings for information technology products employed in organizational systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

CM.L2-3.4.3

A

Title: System Change Management
Configuration Management (CM)
Level 2

Purpose: Track, review, approve or disapprove, and log changes to organizational systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

CM.L2-3.4.4

A

Title: Security Impact Analysis
Configuration Management (CM)
Level 2

Purpose: Analyze the security impact of changes prior to implementation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

CM.L2-3.4.5

A

Title: Access Restrictions for Change
Configuration Management (CM)
Level 2

Purpose: Define, document, approve, and enforce physical and logical access restrictions associated with changes to organizational systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

CM.L2-3.4.6

A

Title: Least Functionality
Configuration Management (CM)
Level 2

Purpose: Employ the principle of least functionality by configuring organizational systems to provide only essential capabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

CM.L2-3.4.7

A

Title: Nonessential Functionality
Configuration Management (CM)
Level 2

Purpose: Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

CM.L2-3.4.8

A

Title: Application Execution Policy
Configuration Management (CM)
Level 2

Purpose: Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized software or deny-all, permit-by-exception (whitelisting) policy to allow the execution of authorized software.

39
Q

CM.L2-3.4.9

A

Title: User-Installed Software
Configuration Management (CM)
Level 2

Purpose: Control and monitor user-installed software

40
Q

IA.l2-3.5.3

A

Title: Multifactor Authentication
Identification and Authentication (IA)
Level 2

Purpose: Use multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts.

41
Q

IA.L2-3.5.4

A

Title: Replay-Resistant Authentication
Identification and Authentication (IA)
Level 2

Purpose: Employ replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts.

42
Q

IA.L2-3.5.5

A

Title: Identifier Reuse
Identification and Authentication (IA)
Level 2

Purpose: Prevent reuse of identifiers for a defined period.

43
Q

IA.L2-3.5.6

A

Title: Identifier Handling
Identification and Authentication (IA)
Level 2

Purpose: Disable identifiers after a defined period of inactivity.

44
Q

IA.L2-3.5.7

A

Title: Password complexity
Identification and Authentication (IA)
Level 2

Purpose: Enforce a minimum password complexity and change of characters when new passwords are created.

45
Q

IA.L2-3.5.8

A

Title: Password Reuse
Identification and Authentication (IA)
Level 2

Purpose: Prohibit password reuse for a specified number of generations.

46
Q

IA.L2-3.5.9

A

Title: Temporary Passwords
Identification and Authentication (IA)
Level 2

Purpose: Allow temporary password use for system logons with an immediate change to a permanent password.

47
Q

IA.L2-3.5.10

A

Title: Cryptographically-Protected Passwords
Identification and Authentication (IA)
Level 2

Purpose: Store and transmit only cryptographically-protected passwords.

48
Q

IA.L2-3.5.11

A

Title: Obscure feedback
Identification and Authentication (IA)
Level 2

Purpose: Obscure feedback of authentication information.

49
Q

IR.L2-3.6.1

A

Title: Incident Handling
Incident Response (IR)
Level 2

Purpose: Establish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery, and user response activities.

50
Q

IR.L2-3.6.2

A

Title: Incident Reporting
Incident Response (IR)
Level 2

Purpose: Track, document, and report incidents to designated officials and/or authorities both internal and external to the organization.

51
Q

IR.L2-3.6.3

A

Title: Incident Response Testing
Incident Response (IR)
Level 2

Purpose: Test the organizational incident response capability.

52
Q

MA.L2-3.7.1

A

Title: Perform Maintenance
Maintenance (MA)
Level 2

Purpose: Perform maintenance on organizational systems.

53
Q

MA.L2-3.7.2

A

Title: System Maintenance Control
Maintenance (MA)
Level 2

Purpose: Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance.

54
Q

MA.L2-3.7.3

A

Title: Equipment Sanitization
Maintenance (MA)
Level 2

Purpose: Ensure equipment removed for off-site maintenance is sanitized of any CUI.

55
Q

MA.L2-3.7.4

A

Title: Media Inspection
Maintenance (MA)
Level 2

Purpose: Check media containing diagnostic and test programs for malicious code before the media are used in organizational systems.

56
Q

MA.L2-3.7.5

A

Title: Nonlocal Maintenance
Maintenance (MA)
Level 2

Purpose: Require multifactor authentication to establish nonlocal maintenance sessions via external network connections and terminate such connections when nonlocal maintenance is complete

57
Q

MA.L2-3.7.6

A

Title: Maintenance Personnel
Maintenance (MA)
Level 2

Purpose: Supervise the maintenance activities of maintenance personnel without required access authorization

58
Q

MP.L2-3.8.2

A

Title: Media Protection
Media Protection (MP)
Level 2

Purpose: Protect (i.e., physically control and securely store) system media containing CUI, both paper and digital.

59
Q

MP.L2-3.8.3

A

Title: Media Access
Media Protection (MP)
Level 2

Purpose: Limit access to CUI on system media to authorized users

60
Q

MP.L2-3.8.4

A

Title: Media Markings
Media Protection (MP)
Level 2

Purpose: Mark media with necessary CUI markings and distribution limitations.

61
Q

MP.L2-3.8.5

A

Title: Media Accountability
Media Protection (MP)
Level 2

Purpose: Control access to media containing CUI and maintain accountability for media during transport outside of controlled areas

62
Q

MP.L2-3.8.6

A

Title: Portable Storage Encryption
Media Protection (MP)
Level 2

Purpose: Implement cryptographic mechanisms to protect the confidentiality of CUI stored on digital media during transport unless otherwise protected by alternative physical safeguards

63
Q

MP.L2-3.8.7

A

Title: Removable Media
Media Protection (MP)
Level 2

Purpose: Control the use of removeable media on system components.

64
Q

MP.L2-3.8.8

A

Title: Shared Media
Media Protection (MP)
Level 2

Purpose: Prohibit the use of portable storage devices when such devices have no identifiable owner

65
Q

MP.L2-3.8.9

A

Title: Protect Backups
Media Protection (MP)
Level 2

Purpose: Protect the confidentiality of backup CUI at storage locations.

66
Q

PS.L2-3.9.1

A

Title: Screen Individuals
Personnel Security (PS)
Level 2

Purpose: Screen individuals prior to authorizing access to organizational systems containing CUI

67
Q

PS.L2-3.9.2

A

Title: Personnel Actions
Personnel Security (PS)
Level 2

Purpose: Ensure that organizational systems containing CUI are protected during and after personnel actions such as terminations and transfers

68
Q

PE.L2-3.10.2

A

Title: Monitor Facility
Physical Protection (PE)
Level 2

Purpose: Protect and monitor the physical facility and support infrastructure for organizational systems

69
Q

PE.L2-3.10.6

A

Title: Alternative Work Sites
Physical Protection (PE)
Level 2

Purpose: Enforce safeguarding measures for CUI at alternate work sites

70
Q

RA.L2-3.11.1

A

Title: Risk Assessments
Risk Assessment (RA)
Level 2

Purpose: Periodically assess the risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals, resulting from the operation of organizational systems and the associated processing, storage, or transmission of CUI.

71
Q

RA.L2-3.11.2

A

Title: Vulnerability Scan
Risk Assessment (RA)
Level 2

Purpose: Scan for vulnerabilities in organizational systems and applications periodically and when new vulnerabilities affecting those systems and applications are identified.

72
Q

RA.L2-3.11.3

A

Title: Vulnerability Remediation
Risk Assessment (RA)
Level 2

Purpose: Remediate vulnerabilities in accordance with risk assessments

73
Q

CA.L2-3.12.1

A

Title: Security Control Assessment
Security Assessment (CA)
Level 2

Purpose: Periodically assess the security controls in organizational systems to determine if the controls are effective in their application

74
Q

CA.L2-3.12.2

A

Title: Plan of Action
Security Assessment (CA)
Level 2

Purpose: Develop and implement plan of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems

75
Q

CA.L2-3.12.3

A

Title: Security Control Monitoring
Security Assessment (CA)
Level 2

Purpose: Monitor security controls on an ongoing basis to ensure the continued effectiveness of the controls

76
Q

CA.L2-3.12.4

A

Title: System Security Plan
Security Assessment (CA)
Level 2

Purpose: Develop, document, and periodically update system security plans that describe system boundaries, system environments of operation, how security requirements are implemented, and the relationships with or connections to other systems

77
Q

SC.L2-3.13.2

A

Title: Security Engineering
Systems and Communications Protection (SC)
Level 2

Purpose: Employ architectural designs, software development techniques, and systems engineering principles that promote effective information security within organizational systems

78
Q

SC.L2-3.13.3

A

Title: Role Separation
Systems and Communications Protection (SC)
Level 2

Purpose: Separate user functionality from system management functionality

79
Q

SC.L2-3.13.4

A

Title: Shared Resource Control
Systems and Communications Protection (SC)
Level 2

Purpose: Prevent unauthorized and unintended information transfer via shared system resources

80
Q

SC.L2-3.13.6

A

Title: Network Communication by Exception
Systems and Communications Protection (SC)
Level 2

Purpose: Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception)

81
Q

SC.L2-3.13.7

A

Title: Split Tunneling
Systems and Communications Protection (SC)
Level 2

Purpose: Prevent remote devices from simultaneously establishing non-remote connections with organizational systems and communicating via some other connection to resources in external networks (i.e., split tunneling)

82
Q

SC.L2-3.13.8

A

Title: Data in Transit
Systems and Communications Protection (SC)
Level 2

Purpose: Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission unless otherwise protected by alternative physical safeguards.

83
Q

SC.L2-3.13.9

A

Title: Connections Termination
Systems and Communications Protection (SC)
Level 2

Purpose: Terminate network connections associated with communications sessions at the end of the sessions or after a defined period of inactivity

84
Q

SC.L2-3.13.10

A

Title: Key Management
Systems and Communications Protection (SC)
Level 2

Purpose: Establish and manage cryptographic keys for cryptography employed in organizational systems

85
Q

SC.L2-3.13.11

A

Title: CUI Encryption
Systems and Communications Protection (SC)
Level 2

Purpose: Employ FIPS-validated cryptography when used to protect the confidentiality of CUI

86
Q

SC.L2-3.13.12

A

Title: Collaborative Device Control
Systems and Communications Protection (SC)
Level 2

Purpose: Prohibit remote activation of collaborative computing devices and provide indication of devices in use of users present at the device

87
Q

SC.L2-3.13.13

A

Title: Mobile Code
Systems and Communications Protection (SC)
Level 2

Purpose: Control and monitor the use of mobile code

88
Q

SC.L2-3.13.14

A

Title: Voice over Internet Protocol
Systems and Communications Protection (SC)
Level 2

Purpose: Control and monitor the use of Voice over Internet Protocol (VoIP) technologies

89
Q

SC.L2-3.13.15

A

Title: Communications Authenticity
Systems and Communications Protection (SC)
Level 2

Purpose: Protect the authenticity of communications sessions

90
Q

SC.L2-3.13.16

A

Title: Data at Rest
Systems and Communications Protection (SC)
Level 2

Purpose: Protect the confidentiality of CUI at rest

91
Q

SI.L2-3.14.3

A

Title: Security Alerts & Advisories
System and Information Integrity (SI)
Level 2

Purpose: Monitor system security alerts and advisories and take action in response

92
Q

SI.L2-3.14.6

A

Title: Monitor Communications for Attacks
System and Information Integrity (SI)
Level 2

Purpose: Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks

93
Q

SI.L2-3.14.7

A

Title: Identify Unauthorized Use
System and Information Integrity (SI)
Level 2

Purpose: Identify unauthorized use of organizational systems

94
Q
A