USB Violations / VM Policy
This person is responsible to report lost/stolen flash drives.
Lesson 4.1.1
Who are Users
This is the purpose of Host-based application blocking
Lesson 4.1.10
What is to prevent applications from executing pieces of code and from crossing in to the memory space of another running program
This is the purpose of the Patch Management Process
Lesson 4.1.5
What is the systematic notification, identification, deployment, installation, and verification of operating system and application software code revision
what NAVY preferred method is used for destruction both classified and unclassified hard drives?
Lesson 4.1.7
Shipping to the NSA
Which area is jeopardized by failure to comply with vulnerability reporting?
Lesson 4.1.3
ATO
Timeframe set to detect multiple attempts to use removable media within DLP
Lesson 4.1.1
What is 48 hours
This application shows an attack that generated an alert including a description of the attack and time/date of intercept?
Lesson 4.1.10
What is Intrusion Detection Alerts
This framework applies across all continuity efforts to identify and assess potential hazards and prioritize and allocate resources among organizations
Lesson 4.1.8
What is Risk Management
This broad scope of activities designed IS plan should be utilized to sustain and recover critical system services following an emergency event
Lesson 4.1.8
What is IS Contingency Planning
eMASS consume outputs from external vendor scanning tools and maps results to information systems through what application?
Lesson 7.1.1
Asset manager
Personnel responsible for monitoring sites to ensure the security posture of the networks are being maintained
Lesson 4.1.2
Who are Staff Users
Locked out status occurs on a system when you are unable to verify what type of updates
Lesson 4.1.11
What is Antivirus signatures
NESSUS is a component of this scanning software
Lesson 4.1.4
What is ACAS
What tier includes buses, posts, camps, and stations managing and controlling information networks, ISs, and services, either deployed or fixed at DoD installations?
Lesson 6.1.1
Tier III
This is the periodicity required to maintain antivirus definitions
Lesson 4.1.11
What is 7 days
Confidentiality impact level that can cause severe or catastrophic adverse effect on organizational operations or the national security interests of the U.S.
Lesson 4.1.2
What is High
This DOD PKI service supports escrow and recovery of private keys associated with encryption certificates
Lesson 5.1.1
What is Key recovery
This addresses the likelihood and magnitude of harm resulting from the unauthorized access or destruction of the IS
Lesson 4.1.5
What is Risk Assessment
This assists with the handling of incidents and provides fixes to mitigate the operational and/or technical impact of an incident
Lesson 6.1.1
What is Technical reporting
T/F. MAC Address must be included in the Systems Security Plan diagrams.
Lesson 7.1.2
False
Activity used by ISSMs to track and report compliance to leadership
Lesson 4.1.2
What is CTO Compliance
This ensures that the reporting, identification, investigation of violations of DTA are documented
Lesson 4.1.9
What is training and incident handling
Commands must make sure system baselines are maintained and that they comply with SPAWAR baseline instructions contained in this document
Lesson 4.1.4
What is a SOVT
Inspects user actions regarding sensitive content in their work environment is what layer of defense?
Lesson 4.1.6
Data loss prevention
This process is defined as user authentication to the network using DOD PKI certificates on a hardware token
Lesson 5.1.2
What is CLO