Compliance
Who responsibility is it to report lost/stolen flash drive?
Lesson 4.1.1
User responsibilities
Failure to comply with vulnerability reporting can affect which area?
Lesson 4.1.3
ATO
What is the Navy's preferred method of destruction for unclass/classified hard drives?
Lesson 4.1.7
shipping to NSA
What application displays the details about the attack that generated an alert including a description of the attack?
Lesson 4.1.10
Intrusion detection alerts
What tier includes buses, posts, camps, and stations managing and controlling information networks, ISs, and services, either deployed or fixed at DoD installations?
Lesson 6.1.1
III
What time frame should you set as ISSM to detect multiple attempts to use removable media within DLP?
Lesson 4.1.1
48 HRS
What scanning software is a component of ACAS?
Lesson 4.1.4
NESSUS
This process applies across all continuity efforts to identify and assess potential hazards, determine what levels of risk are acceptable, prioritize and allocate resources among organizations?
Lesson 4.1.8
Risk Management
What is the periodicity antivirus definitions are required to be maintained?
Lesson 4.1.11
7 days
eMASS consumes outputs from external vendor scanning tools and maps results to information systems through what application?
Lesson 7.1.1
Asset manager
Which personnel are responsible for monitoring sites, or site groups to ensure the security posture of the networks are being maintained
Lesson 4.1.2
Staff Users
Which process addresses the likelihood and magnitude of harm, or destruction of the IS and the information it processes, stores, or transmits?
Lesson 4.1.5
Risk assessment
What broad scope of activities designed IS plan should be utilized to sustain and recover critical system services following an emergency event
Lesson 4.1.8
IS contingency planning
What status should a system be in if antivirus signatures cannot be verified?
Lesson 4.1.11
Locked out
What type of reporting designed to assist with the handling of incidents and provides fixes to mitigate the operational and/or technical impact of an incident
Lesson 6.1.1
Technical Reporting
What confidentiality impact level can cause severe or catastrophic adverse effect on organizational operations, assets, individuals, organizations, or the national security interests of the U.S.
Lesson 4.1.2
High
What is the process of systematic notification, identification, deployment, installation, and verification of operating system and application software code revision?
Lesson 4.1.5
Patch Management
This procedures ensures that the identification, reporting, and investigation of violations of DTA are documented?
Lesson 4.1.10
Training and incident handling
DOD PKI provide what type of service that supports escrow and recovery of private keys associated with encryption certificates?
Lesson 5.1.1
Key recovery
A Systems Security Plan diagram includes which of the following except:
Internal/external interfaces, ports/protocols, services, and MAC address
Lesson 7.1.2
MAC Address
Which activity must ISSMs track and report to leadership to ensure proper reports
Lesson 4.1.2
CTO Compliance
What is the layer of defense that inspects user actions regarding sensitive content in their work environment?
Lesson 4.1.6
Data Loss Prevention
What system prevents applications from executing pieces of code and from crossing in to the memory space of another running program?
Lesson 4.1.10
Host-based application blocking
Which process is defined as a user authentication to the network using DOD PKI certificates on a hardware token?
Lesson 5.1.2
CLO
Who job is it to continuously monitors the system or information environment for security-relevant events?
Lesson 7.1.3
ISSM