Review Notes (Miscellaneous) Flashcards
review notes taken during review session
What is the difference between “drop” and “deny”?
“drop” makes it disappear, “deny” means it is blocked
If you wanted to see the layer 3 int, AP access-lists, what cmd would you run?
“show ip interface”
Sniffer = tcpdump but no logging. True or False?
True
determines what level of permissions will be given
RID
dynamically assigns IP addresses to host machines
DHCP
converts host name into a IP address
A Record (Host)
points IP address to a name
PTR Record (pointer)
tracks TCP (FW design)
Stateful Inspection
no client side changes (proxy)
intercept/transparent
not automatic; requires input (proxy)
explicit
repository of everything (Directory Services)
Active Directory
user names, machine accounts and services are examples of what? (Directory Services)
object types
alias, nicknames (Directory Services)
Canonical Name Record (CNAME)
re-directs DNS responses, prevents response to malware, virus, etc. (Directory Services)
Blackhole Domain
list of offending servers and publish addresses of computers/networks in spam
Blackhole list
stores information on alerts, loss, list, whats in network (HBSS)
Database
protects against Trojans, viruses (HBSS)
VSE
blocks/allows programs
Host Intrusion Prevention System
controls/communicates changes occuring in IT environment
change management
removing a proxy from BASE and FW from computers would be an example of what service management?
change management
“what I did”, tracking exact state of overall IT environment (service management)
config management
data centers (day-to-day system management, deliver data)
Area Processing Center
24 AF, output on AFIN changes, tracked by INOSCs
NOTAM
16 GWs, unit that operates AFIN
26th NOS
added layer of security, can segregate things that can be vulnerable?
DMZ
guidelines that can help organizations implement best practices
ITIL
interface, logical partition
Burb
group up to 16 mailbox servers that host a set of instructions
DAG
changes are document and authorized (service management)
change management)
implement the authorized changes (service management)
release management
updating after approved; document current state (service management)
config management
controls network core services
Enterprise Service Unit (ESU)
delivers core services
Area Processing Center (APC) - Data Center
What division at 624 OC generates the orders?
624 OC
Who is responsible for Step 6 Assessment?
Begins with Battle Damage Assessment (BDA) by Combat Operations Division (MOPs), completed by SRD (MOEs)
two types of entities in JIE enterprise directory and IDAM?
person, non-person
in active directory, what can be described as a blueprint that describes each object?
schema
what remotely scans, accesses systems, characterizes emerging targets?
Cyberspace Surveillance Package (CSP)
What should be used when external (untrusted/less trusted) sources needed to access one of your sensors?
DMZ
CTO is updated daily. True or False?
True
What is the situational awareness hub for Communications/Cyber functions on most bases?
Communication Focal Point
Types of DCC - P missions?
Combat Cyber Patrol, Pursuit, Mission, Engagement
Who manages the BlueCoat proxy?
INOSCs
every base, handles day-to-day problems as they arise
Communications Focal Point (CFP)
folks that provide onsite maintenance on base as issues aries
Client Systems Team
which forces are reactive in nature?
Cyber Alert Patrol
administrative action when someone takes a system down for MX
switchover
when devices fails, service picked up by another device
failover
mail flow to server (protocol)
SMTP
mirrors mailbox on location machine (protocol)
IMAP
allows users to send ON BEHALF of user log (permissions)
Send As
allows user to do anything to a mailbox except send an email (permission)
Full Access
resolves tier 2 incidents/tickets
INOSC
