Self-Test Vol. 1 Unit 6 Flashcards
What three major considerations affect supporting cyber operations?
Policy, Authority, and the Law.
What three priorities drive the National Strategy to Secure Cyberspace?
Prevent cyber-attacks against American’s critical infrastructure, reduce national vulnerability to cyber attacks, minimize damage and recovery time from cyber attacks.
Can an Air National Guardsman execute a cyber-operation?
ANG can train for Title 10 but can not execute unless assigned to Title 10.
What is the primary Air Force command for cyberspace missions?
AFSPC
How does OCO intend to project power?
Application of force in and through cyberspace.
In DCO, what are reactive defenses?
Measures taken to counter an adversary’s effort to penetrate a network or actions taken to terminate an ongoing intrusion.
Most exploitations activities evolve from what?
Phishing
On delegation authority, whose cyber tasking orders does the 624 OC relay to all Air Force units?
24 AF/AFCYBER commander
What are the four agencies the I-NOSC relays cyber orders to?
MCCC, AFFOR, ACCC, and installation comm units.
Does the ATO reflect the integrated air, space, and cyberspace operations plan that support a joint force commander’s campaign?
Yes
What is the stimulant that generates increased information superiority?
Network-centric warfare
What is key to mitigating unintended or undesirable effects and maximizing cyberspace superiority?
Careful planning
How can CO affect an adversary’s informational and physical IO dimensions?
Targeting, either independently or in conjunction with IO, adversary’s culture, organization, or individual psychology.
What are the three capabilities of EW?
EA, EP, and ES
What was the original term used to describe MISO?
PSYOPS
What distinct capability does PA bring to the mission?
Counterpropaganda
Can MILDEC intentionally target or mislead the new media, the U.S. public, or Congress?
No
What process does OPSEC incorporate to deny adversaries critical information about friendly forces?
SM
What is the function of military personnel conducting CMO?
Aiding reestablishment or maintenance of stability within a region or host nation.
Can ISR capabilites be used to conduct complex effects assessment to support a combatant or component commander?
Yes
What weapon system provides continuous monitoring and defense of AF unclassified and classified networks?
ACO
What AF weapon system offers top-level boundary and entry point into the Air Force Information Network (AFIN)?
AFINC weapon system
What are the four sub-discipline areas of the AFINC?
Defense-in-depth, proactive defense, network standardization, and situational awareness
What is the mission of the CVA/Hunter?
F2T2EA the APT
How would you define SCADA?
The centralized network control system, which monitor and control industrial sites or complexes of systems spread out over lard areas.
How are SCADA systems typically implemented?
A distributed database referred to as a tag database, which contains data elements called tags or points.
Who must evaluate and certify all IT systems, including NSS, with external interfaces?
DISA JICT
What TADIL is link 11?
TADIL-A
What TADIL is link 4A?
TADIL-C
What TADIL is link 16?
TADIL-J
What is a weakness in a computer system or network open to exploitation called?
Vulnerability
What security professional goal is a result of understanding that all risk cannot be removed?
To eliminate or mitigate as many risks as possible.
What passive nature attack is the first step in a replay attack?
MitM attack
Due to cost and imperfections, what method should not be used as the sole form of authentication?
Biometrics
Although inexpensive in implementation, what systems have the major vulnerability of being prone to brute force attack?
Knowledge-based
What actions are included in the scope of end-to-end monitoring?
Monitoring, measuring, performance analysis, and optimizing networks, and networked systems.
What is capacity planning?
The long trend analysis of network devices including servers, and should be performed in order to identify future constraints with the results of incorporated into future technical baselines.
What is certification?
The comprehensive evaluation and validation of an AF IS to establish the degree to which it complies with assigned IA controls based on standardized procedures.
What is accreditation?
The formal declaration by an authorizing official that the IS is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk.
When does the validation of computer requirements process begin?
When the user identifies a mission need and requests CSO assistance with defining the requirement and developing a technical solution for that need.
When do requirements arise?
From a deficiency in an existing operation capability, a need for a new capability or an opportunity to replace or modernize an existing system with improved technology when operationally and economically practical.
What are the five phases in the DIACAP process?
Initiate and plan IA C&A, implement and validate assigned IA controls, make a certification determination and accredidation decision, maintain authority to operate and conduct reviews, decommissioning.
What is a connection approval?
The formal approval for an IS to connect to the AFIN and the acceptance of risk associated with IS connection by the AF Enterprised AO or delagated individual.
What is an ATO?
An approval granted by the lead AO or appointed AO to operate the system at an acceptable level of risk.
What is the temporary authorization to test a DOD IS in a specified operational information environment within the timeframe and under the conditions or constraints enumerated in the accreditation decision?
IATT
What is a specific fact about friendly intentions, capabilities, and activities vitally needed by adversaries for them to plan and act effectively, so as to guarantee failure or unacceptable consequences for friendly mission accomplishment?
Critical info
