The process of verifying an identity that is bound to the person that asserts it.
What is Identification and Authentication (I&A)?
100
Relies on the intelligent application of techniques and technologies that exist in today's highly networked environments.
What is defense-in-depth?
100
Something that is built, installed, or established to serve a particular purpose.
What is a facility?
100
A current and perceived capability, intention, or attack directed to cause denial of service, corruption, compromise, fraud, waste, or abuse to a system.
What is a threat?
100
Any action, device, procedure, or technique that meets or opposes a threat, vulnerability, or attack by eliminating or preventing it.
What is a countermeasure?
200
Relies on a unique physical characteristic to verify the identity of a user.
What is biometric-based authentication?
200
The achievement of this requires a balanced focus on three primary elements: people, technology, and operations.
What is Information Assurance (IA)?
200
Who maintains a monthly updated list of all personnel and their most current security clearance?
Who is the security manager?
200
A function of the human mind in complex, dynamic, and/or high-risk settings.
What is situational awareness?
200
This is manipulating people through social means for the purpose of information gathering, fraud, or system access.
What is social engineering?
300
An action that removes information from media rendering the information unrecoverable by technical means, such as what would be found in a laboratory environment.
What is sanitizing?
300
A firewall technique used to control network access by monitoring outgoing and incoming packets and allowing them to pass or halt based on the source and destination IP addresses, protocols, and ports.
What is packet filtering?
300
The preferred method for cleaning computer equipment.
Hint: This object should use no more than 30 PSI.
What is canned or compressed air?
300
This AF Form explains procedures that we need to follow in case someone calls in a bomb threat and is located next to every government telephone.
What is AF Form 440, Bomb Threat Checklist?
300
Your system IA architecture was establishing during this process.
What is Certification and Accreditation?
400
A systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation.
What is Certification and Accreditation (C&A)?
400
Enables a LAN to use one set of IP addresses for internal traffic and a second set of addresses for external traffic.
What is Network Address Translation (NAT)?
400
You should take immediate action and clean up _____.
What are spills?
400
This is a program that replicates by attaching itself to other programs.
What is a virus?
400
Proper configuration and use of these will prevent unauthorized access to systems and networks.
What are firewalls?
500
A disciplined and structured process that integrates information security and risk management activities into the system development life cycle.
What is the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF)?
500
Ensures only authorized users can gain access to workstations, applications, and networks.
What is access control?
500
This can eliminate some workplace hazards and help get a job done safely and properly.
What is effective housekeeping?
500
This piece of malicious logic is designed to copy itself from one computer to another, but does so automatically by taking control of features on the computer that can transport files or information.
What is a worm?
500
These assist in maintaining a good security posture, can verify packet signatures, and can provide a clean copy of any corrupted data.