RESPONSIBILITIES
Who responsibility is it to report lost/stolen flash drive?
Lesson 4.1.1
User responsibilities
What confidentiality impact level can cause severe or catastrophic adverse effect on organizational operations, assets, individuals, organizations, or the national security interests of the U.S.
Lesson 4.1.2
High
What is the purpose of Patch Management Process?
Lesson 4.1.5
systematic notification, identification, deployment, installation, and verification of operating system and application software code revision
what NAVY preferred method is used for destruction both classified and unclassified hard drives?
Lesson 4.1.7
Shipping to the NSA
Which area is jeopardized by failure to comply with vulnerability reporting?
Lesson 4.1.3
ATO
T/F 48 hours is the timeframe which must be set to detect multiple attempts to use removable media within DLP? Lesson 4.1.1
True
Which activity must ISSMs track and report to leadership to ensure proper reports
Lesson 4.1.2
CTO Compliance
Defined this process, user authentication to the network using DOD PKI certificates on a hardware token
Lesson 5.1.2
CLO
NESSUS is a component of what scanning software?
Lesson 4.1.4
ACAS
eMASS consume outputs from external vendor scanning tools and maps results to information systems through what application?
Lesson 7.1.1
Asset manager
Which personnel are responsible for monitoring sites, or site groups to ensure the security posture of the networks are being maintained
Lesson 4.1.2
Staff Users
Locked out status occurs on a system when you are unable to verify what type of updates?
Lesson 4.1.11
Antivirus signatures
What broad scope of activities designed IS plan should be utilized to sustain and recover critical system services following an emergency event
Lesson 4.1.8
IS contingency planning
What tier includes buses, posts, camps, and stations managing and controlling information networks, ISs, and services, either deployed or fixed at DoD installations?
Lesson 6.1.1
Tier III
Describe Risk Management
Lesson 4.1.8
applies framework across all continuity efforts to identify and assess potential hazards, determine what levels of risk are acceptable, and prioritize and allocate resources among organizations
What is the periodicity required to maintain antivirus definitions?
Lesson 4.1.11
7 days
DOD PKI supports escrow and recovery of private keys associated with encryption certificates. This is consider what type of service?
Lesson 5.1.1
Key recovery
T/F Risk assessment addresses the likelihood and magnitude of harm resulting from the unauthorized access, use, disclosure, disruption, modification, or destruction of the IS
Lesson 4.1.5
True
What is purpose of Host-based application blocking
Lesson 4.1.10
system prevents applications from executing pieces of code and from crossing in to the memory space of another running program
T/F. MAC Address must be included in the Systems Security Plan diagrams.
Lesson 7.1.2
False
What application shows an attack that generated an alert including a description of the attack, the user/client computer where the attack occurred, the attack, and time/date of intercept?
Lesson 4.1.10
Intrusion detection alerts
What procedures ensures that the reporting, identification, investigation of violations of DTA are documented?
Lesson 4.1.9
Training and incident handling
Assist with the handling of incidents and provides fixes to mitigate the operational and/or technical impact of an incident is what designed action?
Lesson 6.1.1
Technical reporting
Inspects user actions regarding sensitive content in their work environment is what layer of defense?
Lesson 4.1.6
Data loss prevention
What is the PURPOSE of SOVT
Lesson 4.1.4
To ensure asset compliance, commands must make sure system baselines are maintained and that they comply with SPAWAR baseline instructions contained in the