The process of verifying an identity that is bound to the person that asserts it.
What is Identification and Authentication (I&A)?
100
Is an information assurance(IA) strategy in which multiple layers of defense are placed throughout an Information system.
What is defense-in-depth?
100
Something that is built, installed, or established to serve a particular purpose.
What is a facility?
100
A current and perceived capability, intention, or attack directed to cause denial of service, corruption, compromise, fraud, waste, or abuse to a system.
What is a threat?
100
Any action, device, procedure, or technique that meets or opposes a threat, vulnerability, or attack by eliminating or preventing it.
What is a countermeasure?
200
This relies on a unique physical characteristic to verify the identity of a user.
What is biometric-based authentication?
200
The achievement of this requires a balanced focus on three primary elements: people, technology, and operations.
What is Information Assurance (IA)?
200
Who maintains a monthly updated list of all personnel and their most current security clearance?
Who is the security manager?
200
A function of the human mind in complex, dynamic, and/or high-risk settings.
What is situational awareness?
200
This is manipulating people through social means for the purpose of information gathering, fraud, or system access.
What is social engineering?
300
An action that removes information from media rendering the information unrecoverable by technical means, such as what would be found in a laboratory environment.
What is sanitizing?
300
This is a server that acts as an intermediary for requests from clients seeking resources from other servers.
What is a proxy server?
300
The preferred method for cleaning computer equipment.
Hint: This object should use no more than 30 PSI.
What is canned or compressed air?
300
This AF Form explains procedures that we need to follow in case someone calls in a bomb threat and is located next to every government telephone.
What is AF Form 440, Bomb Threat Checklist?
300
Your system IA architecture was established during this process.
What is Certification and Accreditation?
400
A systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation.
What is Certification and Accreditation (C&A)?
400
Enables a LAN to use one set of IP addresses for internal traffic and a second set of addresses for external traffic.
What is Network Address Translation (NAT)?
400
You should take immediate action and clean up _____.
What are spills?
400
This is a program that replicates by attaching itself to other programs.
What is a virus?
400
These individuals are in a prime position to use technology to prevent, detect and countermeasure threats.
Who are system administrations?
500
A disciplined and structured process that integrates information security and risk management activities into the system development life cycle.
What is the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF)?
500
Ensures only authorized users can gain access to workstations, applications, and networks.
What is access control?
500
This can eliminate some workplace hazards and help get a job done safely and properly.
What is effective housekeeping?
500
This piece of malicious logic is designed to copy itself from one computer to another, but does so automatically by taking control of features on the computer that can transport files or information.
What is a worm?
500
Maintaining this posture is essesntial for keeping threats at bay.