Incident Response Plan (NCTS)
Intrusion or event?
Root Level Intrusion
What is Phishing?
Malicious actor sends emails that seem to be coming from trusted, legitimate sources in an attempt to grab sensitive information from the target.
Who do you report a potential incident to first?
N2/Cyber
When leaving your computer you should remove your?
CAC
Where was IT1 Morales Born?
Los Angeles California
Intrusion or event?
Explained Anomaly IE: suspicious events
event
What is a MITM attack?
Breaches in cybersecurity that make it possible for an attacker to eavesdrop on the data sent back and forth between two people.
What are 3 things you should include in a general report to N2/Cyber?
Time of event
Classification of network
Originator of event
Method IE email, portable media, etc.
Users affected
What is a suite of tools used to help prevent cyber attacks/incidents?
McAfee Total Protection
How old is IT1 Morales?
35
What is used by a unit commander to provide appropriate notification of an incident that has impacted mission or operations?
OPREP-3
What is DNS Spoofing?
A hacker alters DNS records to send traffic to a fake or “spoofed” website. Once on the fraudulent site, the victim may enter sensitive information that can be used or sold by the hacker
Who wears a blue vest and likes to steal your CAC?
Cyber Jeff
What tool can be used to secure and privatize your connection/network
VPN
True or False: I once drove and around base and picked up the bass player of Sublime and took him to the lodge because he was lost.
True
What are the 4 internal roles IAW with local IRP?
Management
ISSM
IT Support
Physical Security
Definition - The attacker takes the time to research their intended targets and then write messages the target is likely to find personally relevant. These types of attacks are aptly called . . .
Spear-fishing
What instruction governs Computer Network Incident Response and Reporting Requirements?
SECNAVINST 5239.19A
What is used to detect external media that is plugged into a workstation?
DLP endpoint console
How many countries have I been to? It's between 15-32.
25
what are the 6 steps of CYBER INCIDENT HANDLING PROCESS AND LIFE CYCLE?
1) Detection of events.
2) Preliminary analysis and identification of incidents.
3) Preliminary response actions.
4) Incident analysis.
5) Response and recovery.
6) Post‐incident analysis.
Definition - The attacker simply tries to guess the login credentials of someone with access to the target system. Once they get it right, they are in. They often use bots to crack the credentials. This is known as . . .
Brute force attacks
What form is used for reporting electronic spillages?
SECNAV 5500/1 aka Electronic Spillage Action Form (ESAF)
This type of person exposes security risks for the sake of helping others improve their cybersecurity...
white hacker
True or False