Cyber Operations - Block III (Network Management) 4 May 2016

System Management

Disaster Recovery/Incident Response

Applications

Network/System Auditing

Grab Bag

100

2 forms of Fault Management

What are active and passive pg 1-1

100

Only selected files and folders that have changed since the last full backup are backed up; the backup does not clear the archive bit

What is Differential Backup pg 2-5

100

This LAN management solution (LMS) simplifies the administration, configuration, monitoring, and troubleshooting of Cisco-based networks

What is CiscoWorks pg 3-9

100

This Windows tool provides a way in which to monitor events in your system

What is Event Viewer pg 4-1

100

This Network Management area is defined as.... "Measure network utilization parameters so individual or group usage on the network can be regulated appropriately"

What is the Goal of Accounting Mgmt pg 1-8

200

This Network Management area is defined as .... "Detect, log, notify users of, and (to the extent possible) automatically fix network problems to keep the network running effectively"

What is the Goal of Fault Mgmt pg 1-1

200

Backs up all the files that have changed since the last full or incremental backup and sets the archive bit to 0

What is Incremental Backup pg-2-5

200

This is the enterprise presence, chat, and web conferencing service for the Department of Defense

What is Defense Connect Online (DCO) Pg 3-10

200

When you click the "Resource Monitor" button on the bottom of the performance tab in Windows Task manager, the "Resource Monitor" window displays a collection of resources being monitored Name the Resources....

What is CPU, Disk, Network, and Memory pg - 4-4

200

Remote access can be divided into three types of access based on the purpose of the access

What is Administrative Access, End-User Access, and Limited (General) Access pg 3-14

300

This Network Management area is defined as.... "Monitor network and system configuration information so the affected hardware and software can be managed and tracked"

What is the Goal of Configuration Mgmt. pg 1-5

300

When using an offsite storage facility for backup storage, what two things that are required

What is Memorandum of Agreement (MOA) and Same or higher classification level pg 2-8

300

This is the AF Network Intrusion Detection suite which triggers on attack signatures and alerts crews via a java real time alert interface

What is ASIM/CIDDS pg - 3-11

300

You can use Event Viewer to view and manage the event logs of your system. Name the log types...

What is... System Logs, Application Logs, and Security Logs pg 4-2

300

This provides a means to restore IT operations quickly and effectively following a service disruption

What is Recovery Strategies pg 2-18

400

This Network Management area is defined as.... "Measure various aspects of network performance so internet-work performance can be maintained at an acceptable level"

What is the Goal of Performance Mgmt. pg 1-6

400

When determining your organizations "maximum tolerable downtime (MTD)"; what MTD timeframe is associated with "Urgent"

What is 24 Hours pg 2-8

400

This LAN management solution (LMS) provides a suite of tools to manage network resources and provide a unified view of fault, performance, availability, traffic, and configuration information

What is SolarWinds pg - 3-9

400

Five types of events recorded within event viewer logs.

What is Error, Warning, Information, Success Audit, and Failure Audit pg 4-2

400

This Commercial of the Shelf (COTS), server-based application is used to automate the dissemination of data corrections, configuration changes, and updates for all AFNet/AFIN connected computers

What is..... Microsoft Systems Center Configuration Manager (SCCM) pg 3-6

500

This attacks typically result from carelessness, lack of knowledge, or intentional circumvention of security for such reasons as “getting the job done”

What is Insider Attack pg 1-8

500

This plan applies to major, usually physical disruptions to service that deny access to the primary facility infrastructure for an extended period

What is Disaster Recovery Plan (DRP) Pg 2-15

500

Administrators can use this to create and manage backups for a local or remote computer

What is Windows Server Backup pg - 3-19/20

500

Based on your organization event viewer log retention policy, event viewer logs may be automatically overwritten at some timed interval. One way to preserve these logs is to archive/save them for future review. What default file extension does event viewer use when archiving/saving the logs

What is "EVT" file extension pg 4-3

500

The Air Force utilizes this commercial off-the-shelf (COTS) mass communication systems on military bases worldwide and is primarily used for early warning and accountability during critical situations and emergencies

What is Installation Warning System (IWS) (aka AtHoc or Purple Globe) pg 3-9