Term
| What is the minimum number of computers needed for a computer network? |
|
Definition
|
|
Term
| What is a privately-owned network whose access is restricted to authorized personnel is called? |
|
Definition
|
|
Term
| What type of network environments consist of computer systems from different vendors that run different operating systems and communication protocols? |
|
Definition
|
|
Term
| What type of network is made up of components from the same vendor or compatible equipment that all run under the same operating system or network operating system? |
|
Definition
|
|
Term
| What is a communications network that serves users within a confined geographical area? |
|
Definition
| Local area network (LAN). |
|
|
Term
| What type of communications network links a broad geographical region? |
|
Definition
| Metropolitan Area Network (MAN). |
|
|
Term
| What type of communications network links different interconnected networks over an unlimited geographical region? |
|
Definition
| Global area network (GAN). |
|
|
Term
| How many users are normally in a peer-to-peer network? |
|
Definition
|
|
Term
| How many users are in a single-server network? |
|
Definition
|
|
Term
| How many users are in a multi-server network? |
|
Definition
|
|
Term
| How many users are in a multi-server high-speed backbone network? |
|
Definition
|
|
Term
| What type of communications network links geographically dispersed offices in other cities or around the globe? |
|
Definition
|
|
Term
| What is used to identify network nodes on a physically connected network? |
|
Definition
| Media access control address. |
|
|
Term
| How many octets is the standard internet protocol broken down into? |
|
Definition
|
|
Term
| What is the binary equivalent to the dotted decimal number 96? |
|
Definition
|
|
Term
| What is the network id of internet protocol (IP) address 131.10.230.120/24? |
|
Definition
|
|
Term
| What is the host id of internet protocol (IP) address 131.10.230.120/24? |
|
Definition
|
|
Term
| How many bits are typically covered in an internet protocol version 6 (IPv6) subnet mask? |
|
Definition
|
|
Term
| What series of Air Force instruction series covers communications and information? |
|
Definition
|
|
Term
| What Air Force instruction provides policy, direction, and structure for the Air Force global information grid (AF-GIG)? |
|
Definition
|
|
Term
| According to the Air Force network structure, what tier is the Air Force network operations center (AFNOSC)? |
|
Definition
|
|
Term
| What network entity provides reliable, secure networks and network services for base level customers? |
|
Definition
| Network control center (NCC). |
|
|
Term
| What is defined as a bundle of application software designed to significantly improve network efficiency and productivity? |
|
Definition
| Network management server. |
|
|
Term
| Which of the following are the three most common network management architectures? |
|
Definition
| Centralized, hierarchical, and distributed. |
|
|
Term
| What network architecture has a network management platform on one computer system at a location that is responsible for all network management duties? |
|
Definition
|
|
Term
| What network architecture uses multiple systems for network management, with one system acting as a central server and the others working as clients? |
|
Definition
|
|
Term
| What level of network management activity are you working at when you as the network manager are monitoring and troubleshooting components to eliminate the side-effect alarms and isolate problems to a root cause? |
|
Definition
|
|
Term
| What level of network management activity are you working at when the automated monitoring of components provides problem analysis, giving a root cause alarm for the problem at-hand? |
|
Definition
|
|
Term
| Performance management can be broke into what two separate functional categories? |
|
Definition
|
|
Term
| Which function of performance management tracks historical data by tracking activities on the network? |
|
Definition
|
|
Term
| What network management area is concerned with controlling access points to information? |
|
Definition
|
|
Term
| What is the established to distinguish between errors that fall within a normal range and excessive errors because of a fault? |
|
Definition
|
|
Term
| Network management protocols are designed (in most cases) to reside above what layer of the operational system interface (OSI) model? |
|
Definition
|
|
Term
| What is a hierarchical structured format that defines the network management information available from network devices? |
|
Definition
| Management information base. |
|
|
Term
| What area of the simple network management protocol (SNMP) tree structure is reserved for vendors related label and leaf objects associated with specific manufactured equipment? |
|
Definition
|
|
Term
| What simple network management protocol (SNMP) node is responsible for monitoring, collecting and reporting management data to the management system? |
|
Definition
|
|
Term
| What operational simple network management protocol (SNMP) message asks for a specific instance of management information? |
|
Definition
|
|
Term
| What operational simple network management protocol (SNMP) message is used to retrieve multiple pieces of information with minimal overhead? |
|
Definition
|
|
Term
| What operational simple network management protocol (SNMP) message is used to modify the value of one or more instances of management information? |
|
Definition
|
|
Term
| What operational simple network management protocol (SNMP) message is an unsolicited message from an agent to the manager? |
|
Definition
|
|
Term
| What is the type of probe that collects inter-device connectivity information using proprietary topology management information bases (MIB)? |
|
Definition
|
|
Term
| What is the centerpiece of a systems management automated report tracking system (SMARTS) application? |
|
Definition
|
|
Term
| What component of the systems management automated report tracking system (SMARTS) application contains knowledge of available domain managers? |
|
Definition
|
|
Term
| What are the three types of systems management automated report tracking system (SMARTS) notifications? |
|
Definition
| Compound events, problems, and symptomatic events. |
|
|
Term
| What color on the systems management automated report tracking system (SMARTS) alarm log indicates one or more events? |
|
Definition
|
|
Term
| How many different categories of information does the performance monitor provide you about your network? |
|
Definition
|
|
Term
| What device provides a capability for digital network diagnostics and developing communications software? |
|
Definition
|
|
Term
| What provides information concerning the network utilization and frame errors that are related to a specific protocol? |
|
Definition
|
|
Term
| What reports errors that occur at the physical layer such as bad frame check sequence (FCS), short frames, and jabbers? |
|
Definition
| Media access control (MAC) node statistics |
|
|
Term
| What automatically runs in the background when the protocol analyzer application is activated? |
|
Definition
|
|
Term
| What provides information concerning the bandwidth utilization and the number of connections that are related to specific nodes? |
|
Definition
|
|
Term
| What is a measure used to verify the eligibility of a subject and the ability of the subject to access certain information? |
|
Definition
|
|
Term
| What are three primary ways to authenticate one-self? |
|
Definition
| Something you know, something you have, or something are |
|
|
Term
| Knowledge-based identification and authentication methods require the user to provide something you |
|
Definition
|
|
Term
| The Air Force requires a network password to be at least how many characters long? |
|
Definition
|
|
Term
| What regulation covers remanence security? |
|
Definition
|
|
Term
| Storage media that retains data after power is removed is considered |
|
Definition
|
|
Term
| Which standard form is used to annotate storage media has been sanitized? |
|
Definition
|
|
Term
| Who can declassify storage media that has been sanitized? |
|
Definition
|
|
Term
| What is the process of physically damaging the media to render it unusable in a computer and render the data on the media irretrievable by any known exploitation methods? |
|
Definition
|
|
Term
| What is the process of erasing magnetic media by reducing the magnetic flux to virtual zero by applying a reverse magnetizing field? |
|
Definition
|
|
Term
| What is the preferred method of sanitizing magnetic media? |
|
Definition
|
|
Term
| What is a comprehensive evaluation and validation of an Air Force information system (IS) to establish the degree to which it complies with assigned information assurance (IA) controls based on standardized procedures? |
|
Definition
|
|
Term
| What is a formal declaration by a designated approving official (DAA) that an information system is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk? |
|
Definition
|
|
Term
| What is the Department of Defense process for certifying and accrediting information systems to operate on the global information grid (GIG)? |
|
Definition
| Department of Defense Information Assurance Certification and Accreditation Process (DIACAP). |
|
|
Term
| What documentation is required to permanently connect to the global information grid (GIG) system? |
|
Definition
| Authorization to operate (ATO). |
|
|
Term
| What documentation signifies that a system is not allowed to connect to the global information grid (GIG)? |
|
Definition
| Denial of authorization to operation (DATO). |
|
|
Term
| What process, along with AFI 33-210, Air Force Certification and Accreditation (C&A) Program (AFCAP), provides the basic framework of the certification & accreditation (C&A)? |
|
Definition
| Information technology (IT) lean reengineering. |
|
|
Term
| What do you call the consolidated list of requirements that a program office must adhere to when fielding a system? |
|
Definition
| Security, interoperability, supportability, sustainability, and usability (SISSU). |
|
|
Term
| What is the database of record for registering all systems and applications? |
|
Definition
| Enterprise information technology data repository (EITDR). |
|
|
Term
| What is a collection of computing environments connected by one or more internal networks under the control of a single approval authority and security policy? |
|
Definition
|
|
Term
| How many non-secure internet protocol router network (NIPRNet) gateways does the Air Force possess? |
|
Definition
|
|
Term
| Which agency must approve all information protection tools prior to their use? |
|
Definition
| Headquarters United States Air Force (HQ USAF) |
|
|
Term
| What device is placed outside the boundary protection mechanism to monitor all attempted attacks? |
|
Definition
| Intrusion Detection System (IDS) |
|
|
Term
| What are examples of network attacks that bypass the firewall? |
|
Definition
| Tunneling and application-based attacks |
|
|
Term
| What is the intrusion practice of encapsulating a message that would be rejected by the firewall inside a second message that will pass through the firewall? |
|
Definition
|
|
Term
| A base web-server that interfaces with the public must be placed in what area of a base network? |
|
Definition
| De-militarized zone (DMZ). |
|
|
Term
| What is the simplest and least expensive way to stop inappropriate network addresses? |
|
Definition
|
|
Term
| What type of firewall consists of a screening router and a set of rules that accept or reject a message based on information in the message's header (a packet): the source address, the destination address, and the port? |
|
Definition
|
|
Term
| What type of firewall is used to separate secure sites, networks, or network segments from less secure areas? |
|
Definition
|
|
Term
| What type of firewall generates audit trails of all network-related activity for monitoring and intrusion detection purposes? |
|
Definition
|
|
Term
| What network device performs rigorous examinations of systems to identify weaknesses that might allow security violations? |
|
Definition
|
|
Term
| What action represents one of the greatest vulnerabilities to internal networks? |
|
Definition
| Network-connected computer systems with modems that make calls to and accept calls from the public-switched network. |
|
|
Term
| What do you call a current and perceived capability, intention, or attack, directed to cause denial of service? |
|
Definition
|
|
Term
| An information system on your network that is not set to require the use of a common access card (CAC) or password would be considered a |
|
Definition
|
|
Term
| A program that replicates by attaching itself to a program is a |
|
Definition
|
|
Term
| What type of malicious logic can form large networks that can be used to launch a variety of attacks without an information system owner's knowledge? |
|
Definition
|
|
Term
| What type of malicious logic can become active on an information system without the need to infect a file? |
|
Definition
|
|
Term
| What is a cryptographic key and certificate delivery system that makes possible secure electronic transactions and exchanges of sensitive information between relative strangers? |
|
Definition
| Public key infrastructure (PKI). |
|
|
Term
| What can be used to encrypt a message so that it can only be decrypted by the recipient? |
|
Definition
|
|
Term
| What is a file that is kept with you and will allow you to decrypt files encrypted specifically for you using your openly available encryption code? |
|
Definition
|
|
Term
| What is an electronic document that officially links together a user's identity with his public key? |
|
Definition
| Public key infrastructure (PKI) certificate. |
|
|
Term
| Which component of the public key infrastructure (PKI) is responsible for establishing, authenticating, maintaining, and revoking certificates? |
|
Definition
|
|
Term
| The two ways key establishment can occur are key |
|
Definition
|
|
Term
| Which public key algorithm is exclusively a key establishment protocol? |
|
Definition
|
|
Term
| What is the primary unclassified public key infrastructure (PKI) token for individual PKI keys and certificates in the Air Force? |
|
Definition
|
|
Term
| Which team provides a communication link between forces securing the area and setting up support facilities? |
|
Definition
| Initial communications support teams |
|
|
Term
| Sustained communications support becomes a part of the deployment if it exceeds |
|
Definition
|
|
Term
| Who provides uninterrupted flow of mission critical information to field and in-garrison units for the duration of a contingency? |
|
Definition
| Sustained communications support teams |
|
|
Term
| What program is known as a state of the art ground-to-ground communications infrastructure designed to provide base level full spectrum communications to the commander and all agencies on base? |
|
Definition
| Theater deployable communications (TDC). |
|
|
Term
| What is the Air Force instruction series that covers NM? |
|
Definition
| Communications-computer networking and information management |
|
|
Term
| What does AFPD 33-1, Information Resources Management, establishes policy on? |
|
Definition
| For responsibly acquiring, planning, and managing its information resources. |
|
|
Term
| AFI 33-104, Base-Level Planning and Implementation, outlines what actions? |
|
Definition
| Outlines standardized management practices and tells how to manage planning and implementation of communications and information systems and the base-level infrastructure. |
|
|
Term
| What are three areas of distributed responsibility does the DIICC consist of? |
|
Definition
| Global, Regional, Local Levels. |
|
|
Term
|
Definition
| The systems management mechanism that monitors and controls data collection for the purpose of data analysis and report generation on an OSI-based communications network. |
|
|
Term
|
Definition
| A bundle of application software designed to significantly improve network efficiency and productivity that specifically runs SNMP-based management applications. |
|
|
Term
| Where should the NM server be located? |
|
Definition
| In an area that is controlled strictly by the NCC. |
|
|
Term
| Briefly describe the three most common NM architectures. |
|
Definition
Centralized architecture has a NM platform on one computer system at a location that is responsible for all NM duties. Hierarchical architecture uses multiple systems, with one system acting as a central server and the others working as clients.
Distributed architecture combines the centralized and hierarchical architectures. Instead of having one centralized platform or a hierarchy of central/client platforms, the distributed approach uses multiple peer platforms. |
|
|
Term
| Briefly describe each of the four levels of activity that one must understand before applying management to specific services or devices? |
|
Definition
Inactive - This is the case when no monitoring is accomplished
Reactive - This is where network support personnel react to a problem after it has
occurred yet no monitoring has been applied
Interactive - This is where you are monitoring components but must interactively troubleshoot to eliminate the side-effect alarms and isolate problems to a root cause
Proactive - This is where the automated monitoring components provide interactive
problem analysis, giving a root cause alarm for the problem at-hand, and automatic restorative processes are in-place wherever possible to minimize downtime |
|
|
Term
| What is configuration management? |
|
Definition
| The process of obtaining data from the network and using that data to manage the setup of all managed network devices. |
|
|
Term
| What are the two features built into an NMS that alleviate manually configuring a network's devices? |
|
Definition
| Automatic discovery and auto-mapping features |
|
|
Term
| What does performance management consist of? |
|
Definition
| The facilities needed to evaluate the behavior of network objects and the effectiveness of communications activities. |
|
|
Term
| List the steps that you must take to provide accurate performance management |
|
Definition
1.Gather statistical information (trend analysis)
2.Maintain and examine logs of system state (history)
3.Determine system performance under natural and artificial conditions
4.Alter system modes of operation for the purpose of conducting performance management |
|
|
Term
| What are the two functional categories of performance management? Describe each. |
|
Definition
1.Monitoring -The function that tracks historical data by tracking activities on the network
2.Tuning—Deals strictly with the adjustment of the parameters on the network devices to improve their overall operation |
|
|
Term
| What is security management? |
|
Definition
| The protection of sensitive information on devices attached to a data network by controlling access points to that information. |
|
|
Term
| What are the two subsections of security management? |
|
Definition
| Network security and NMS security. |
|
|
Term
| What is fault management? |
|
Definition
| The process of identifying, locating and correcting network problems. |
|
|
Term
| What is the difference between a fault and an error? |
|
Definition
Faults are abnormal conditions that require NCC personnel to take action to correct or repair.
Errors sometimes arise on a normal functioning of the network and do not necessarily require attention. |
|
|
Term
| What are some drawbacks to ICMP pinging as a NM tool? |
|
Definition
| Unreliable delivery of packets, need for polling (user intensive), and limited information derived from responses. |
|
|
Term
|
Definition
A hierarchical, structured format that defines the NM information available from network devices.
Management information base |
|
|
Term
| What are the two parts of the labeled node? |
|
Definition
| An object identifier and a short text description. |
|
|
Term
| What are the two types of nodes that make up the MIB tree? |
|
Definition
| Labeled nodes and leaf nodes. |
|
|
Term
| What are the differences between the two types of nodes that make of the MIB tree? |
|
Definition
| Labeled nodes may or may not have subordinate nodes, leaf nodes never have subordinate nodes. Word formatted (labeled) nodes allow people to read and understand what the label is pointing to, while the decimal (leaf) nodes are how the NMS tracks the information. |
|
|
Term
| What are some examples of what a node in SNMP can represent? |
|
Definition
| A node can represent a workstation, client, network user, personal computer, server, printer, or other device attached to a data network. |
|
|
Term
| Briefly describe each of the two categories of SNMP. |
|
Definition
Managers -- typically a computer that is used to run one or more NMS applications.
Agents -- Responsible for monitoring, collecting and reporting management data to the management system. |
|
|
Term
| What does the Get operation do? |
|
Definition
| Retrieves the value of one instance of management information. |
|
|
Term
| What does the Set operation do? |
|
Definition
| Modifies the value of one or more instances of management information |
|
|
Term
|
Definition
| An unsolicited message from an agent to the manager; it does not have a corresponding request message |
|
|
Term
| What are community names? |
|
Definition
Each SNMP community is a group that contains at least one agent and one management system. The logical name assigned to such a group we call the community name |
|
|
Term
| Describe each of the two types of community names. |
|
Definition
Read—Community names as implied define a community that is read only.
Â
Write - Community names are defined to allow the manager to remotely change configuration information
from the management station or server |
|
|
Term
| What do the two hierarchies provided by the CIM describe? |
|
Definition
| Physical hierarchies describe the real-world components, while Logical hierarchies are visible through network protocols. |
|
|
Term
| What are the three methods for creating a representation of a network topology within the domain managers repository? |
|
Definition
| Auto-discovery, manual discovery, and topology import. |
|
|
Term
| What are the three main components of SMARTS? |
|
Definition
| broker, client, domain manager |
|
|
Term
| List the five different map types that can be accessed through the map console? |
|
Definition
| Physical connectivity, IP network connectivity, IP network membership, VLAN connectivity, VLAN membership. |
|
|
Term
| What is the primary console in SMARTS and what does it display? |
|
Definition
| Monitoring console; it is used to display the results of the domain manager's correlation alarms. |
|
|
Term
| Briefly describe the differences between the two types of polling used by SMARTS to gather information? |
|
Definition
| Fault and performance data is collected using SNMP while device connectivity is monitored using CMP. |
|
|
Term
| What two factors determine if a SMARTS map is opened with read-write access or with read-only access? |
|
Definition
| Only one user can have a specific map opened with read-write access at anyone time. |
|
|
Term
| What are the three types of notifications used in SMARTS? |
|
Definition
| Problem, compound event, symptomatic event. |
|
|
Term
| What are the primary capabilities provided by a protocol analyzer? |
|
Definition
| Digital network diagnostics and developing communications software. |
|
|
Term
| What is the difference between a protocol analyzer NIC and other NICs? |
|
Definition
| The NIC in a protocol analyzer is configured to process all frames, whereas other NICs only process broadcast frames and frames with its MAC address. |
|
|
Term
| What is the recommended minimum amount of time to acquire network information to establish a performance baseline? |
|
Definition
|
|
Term
| What function of the protocol analyzer excludes specific types of frames? |
|
Definition
| The Capture filters option allows you to display and store only the data you are interested in analyzing. You may also use a capture filter to exclude specific types of frames |
|
|
Term
| On the protocol analyzer, what menu is best used to report errors that occur at the physical layer such as bad FCS, short frames, and jabbers? |
|
Definition
|
|
Term
| On the protocol analyzer, what kind of information does the connection statistics menu provide? |
|
Definition
| Information concerning the bandwidth utilization and the number of connections that are related to specific nodes. |
|
|
Term
| What are the three types of active tests that are conducted with a protocol analyzer? |
|
Definition
| PING, trace rout (tracert), traffic generator. |
|
|
Term
|
Definition
| An internetwork is a set of subnets that are connected with routers to a larger network. |
|
|
Term
| What does a heterogeneous network environments consist of? |
|
Definition
| A heterogeneous network environments consist of computer systems from different vendors that run different OSs and communication protocols. |
|
|
Term
| A network of components from the same vendor or compatible equipment that all run under the same OS or NOS is what kind of network? |
|
Definition
|
|
Term
| Which type of network (homogeneous verses heterogeneous) is more common? |
|
Definition
| Heterogeneous networks are more common because most organizations purchase their equipment from a variety of vendors. |
|
|
Term
| What is a communications network that serves users within a confined geographical area? |
|
Definition
|
|
Term
| What type of network usually provides services for 2 to 10 users? |
|
Definition
|
|
Term
| How many users does a single server network normally service? |
|
Definition
|
|
Term
| What type of network can service 1000 or more users? |
|
Definition
|
|
Term
| What is used for addressing on a physically connected network to identify network nodes? |
|
Definition
| When all the devices were physically connected to the same network, the MAC address was enough. |
|
|
Term
| What is the numbering system that computers use to represent data? |
|
Definition
| Binary is the base two number system that computers use to represent data. |
|
|
Term
| Within IP addressing, how many bits are used and how are they broken down? |
|
Definition
| Within IP addressing the 32-bit IP address is broken into four sets of eight bits. |
|
|
Term
| 0____0 ____0 ____0 ____0 ____0 ____0 ____0 |
|
Definition
|
|
Term
| What mechanism is used to designate a part of an IP address as the network address, and other parts as the host address? |
|
Definition
| Network, Subnet, and Host fields. |
|
|
Term
| What is the primary reason for subnetting in IPv4? |
|
Definition
| Subnetting was initially utilized to improve efficiency in using a limited number of available address spaces, especially in IPv4, and to improve security. |
|
|
Term
| What bits in an IP address are routers mainly concerned with? |
|
Definition
| The router is only concerned with those bits that belong to the network/subnet field. |
|
|
Term
| What is identification as it pertains to information protection? |
|
Definition
| Process of proving that a subject (e.g., a user or a system) is what the subject claims to be. |
|
|
Term
| What is authentication as it pertains to information protection? |
|
Definition
| Authentication is defined as a measure used to verify the eligibility of a subject and the ability of the subject to access certain information. |
|
|
Term
| What are the three primary ways to authenticate oneself on the network? |
|
Definition
| Knowledge, possession, or biometrics based. |
|
|
Term
| On an Air Force network, what is your password required to have in it? |
|
Definition
| At least nine characters long, to have at least two upper and lower-case letters, two numbers, and two special characters. |
|
|
Term
| Where are biometrics based authentication and identification generally used, and why? |
|
Definition
| While they provide very high levels of security, they tend to be much more expensive, and are reserved for area's that require a very high level of security. |
|
|
Term
| What is the biggest risk with a possession based system for identifying and authenticating yourself? |
|
Definition
|
|
Term
| Why would you use a combination of methods for identifying and authenticating yourself? |
|
Definition
| It substantially increases the security of an I &A system. |
|
|
Term
| What are the three methods of providing strong authentication? |
|
Definition
| Biometrics and posseession-based methods, cryptographically protected authentication, and using one time passwords. |
|
|
Term
| Where can you find specific guidance concerning remanence security? |
|
Definition
| AFSSI 8580, Remanence Security. |
|
|
Term
| What is remanence security? |
|
Definition
| The use of prescribed safeguards and controls to prevent reconstruction or disclosure of sensitive or classified information to persons who do not have the proper clearance or need to know for this information. |
|
|
Term
| When something is sanitized, is it automatically declassified? |
|
Definition
| It does not automatically declassify media. |
|
|
Term
| Until when must you retain classification controls? |
|
Definition
| Unil the media is sanitized and declassified, or destroyed in an approved manner. |
|
|
Term
| When does the information owner of storage media declassify the media? |
|
Definition
| After the information owner provides evidence that no information resides on the media, the information owner can declassify the media. |
|
|
Term
| When is destroying storage media NOT necessary? |
|
Definition
| It is not required if the media is sanitized and declassified. |
|
|
Term
| What must you ensure when you are degaussing storage media? |
|
Definition
| You must ensure that the coercivity strength of the magnetic field generated by the degausser is strong enough to return the magnetic media to its zero state. |
|
|
Term
| Which AFI governs the AFCAP? |
|
Definition
| AFI 33-210, Air Force Certification and Accreditation Program (AFCAP). |
|
|
Term
| What is the biggest difference between DIACAP and previous processes? |
|
Definition
| In previous processes, the C&A was usually accomplished as a separate process accomplished just prior to connecting an IS to the network. DIACAP takes a different approach. It is a "cradle to grave" process meant to track every IS and network from inception to retirement. |
|
|
Term
| What are the five phases of the DIACAP process? |
|
Definition
Initiate and plan IA C&A
Implement and validate assigned IA controls
Make certification determination and accreditation decision
Maintain authorization to operate and conduct reviews
Decommission. |
|
|
Term
| What two publications provide the basic framework of the C&A process? |
|
Definition
| The IT lean reengineering process and AFI 33-210. |
|
|
Term
| What is the SISSU checklist? |
|
Definition
| A consolidated list of requirements covering each of those areas that a program office must adhere to when developing and fielding a system. |
|
|
Term
| What are the most common Air Force circuit-enclaves? |
|
Definition
|
|
Term
| What are the SIPRNET, and NIPRNET, and how does the SIPRNET differ from the NIPRNET? |
|
Definition
| NIPRNet is an Unclassified but Sensitive IP Router Network. SIPRNET is also a long-haul IP based network, but it supports data classified up to secret. Unlike the NIPRNET, the SIPRNET does not provide access to the internet or any other lower classification networks. |
|
|
Term
| What is the name of the concept that DOD uses in network defense? |
|
Definition
|
|
Term
| What are some examples of computer security incidents? |
|
Definition
| Comprimise of integrity, denial of service, misuse, damage, intrusions, or alterations. |
|
|
Term
| Where would a network monitoring device such as an ASIM be placed in relation to the network? |
|
Definition
| Outside of the network boundary protection mechanism to monitor all attempted attacks. |
|
|
Term
|
Definition
| This is the practice of encapsulating a message (that would be rejected by the firewall) inside a second |
|
|
Term
| What kind of servers would typically be found in a DMZ? |
|
Definition
| Web, SMTP, DNS, proxy, dial-up, or web-mail servers. |
|
|
Term
| What is the simplest and least expensive type of firewall, and what is its purpose? |
|
Definition
| A packet filtering; it stops messages with inappropriate network addresses. |
|
|
Term
| What type of firewall is used to separate secure sites, networks, or network segments from less secure areas? |
|
Definition
|
|
Term
| Describe the two categories that security related access controls fall into? |
|
Definition
Technical controls, such as passwords and encryption that are part of normal network security; or
Administrative controls, such as segregation of duties and security screening of users. |
|
|
Term
| Regardless of the source of the threat, what is it usually targeting? |
|
Definition
| The vulnerability or weakness in the network. |
|
|
Term
| How does a virus activate? |
|
Definition
| For the virus to execute, the infected program must execute, activating the virus. |
|
|
Term
|
Definition
| A group of computers that have been infected by bots under the control of a person or group. |
|
|
Term
| How is a Trojan horse different from a regular virus? |
|
Definition
| It acts as a cover or disguise for something else. It does not replicate itself, so it technically is not a virus. |
|
|
Term
| What step is taken before an IS is connected to the AFGIG? |
|
Definition
| They have a baseline configuration applied to them prior to being connected to the network. |
|
|
Term
| What does the PKI enable users of basically unsecured public networks to do? |
|
Definition
| It enables users to securely and privately exchange data through the use of public and private cryptographic key pairs obtained and shared through a trusted authority. |
|
|
Term
| What are the components that compose a PKI? |
|
Definition
| A certificate policy management system, a registration authority verifying user requests for digital certificates and telling the certificate authority to issue them, a CA that is responsible for managing certificates, and one or more directories or repositories are created where the certificates are held. |
|
|
Term
| Describe a symmetric central server architecture. |
|
Definition
| Each entity in the community shares a secret key with the central server (usually called a Key Distribution Center or KDC). |
|
|
Term
| Why are PKI keys said to by asymmetric? |
|
Definition
| The key for encryption and the key for decryption were related but conspicuously different. These keys would be so different, in fact, that it would be possible to publicize one without danger of anyone being able to derive or compute the other. |
|
|
Term
| How do digital signatures work? |
|
Definition
| It functions similar to a hand-written signature because a single entity can sign some data, but any number of entities can read the signature and verify its accuracy with the public key. |
|
|
Term
| What do users use to verify that a particular public key belongs to a particular user? |
|
Definition
| Users can use that PKI certificate to verify that a particular public key belongs to a particular individual. |
|
|
Term
| What is a CA responsible for? |
|
Definition
| Establishing, authenticating, maintaining, and, when needed, revoking certificates and hardware. |
|
|
Term
| What are the two ways that key establishment can occur? |
|
Definition
| By key transfer or agreement. |
|
|
Term
|
Definition
| One entity generates the symmetric key and sends it to the other entity. |
|
|
Term
|
Definition
| Both entities jointly contribute to the generation of the symmetric key. |
|
|
Term
| How long should ECDSA and ECDH keys be to provide adequate security for the medium-to-long term? |
|
Definition
| The current state of research with respect to discrete logarithms over EC points suggests that ECDH and ECDSA keys should be at least 192 bits long to provide adequate security for the medium-to-long term. |
|
|
Term
| What was the fundamental premise in the original formulation of public-key cryptography? |
|
Definition
| Two strangers should be able to communicate securely. |
|
|
Term
| What does the PKI user population trust CA authorities to do? |
|
Definition
| To perform the function of binding a public key pair to a given identity. |
|
|
Term
| What are the four configurations for CA servers? |
|
Definition
| Enterprise root CA, Enterprise subordinate CA, stand alone root CA, stand alone subordinate CA. |
|
|
Term
| What happens when a certificate on a CRL is used? |
|
Definition
| If a certificate on the CRL is used for any reason, it will be rejected. |
|
|
Term
| Describe a "user's key history." |
|
Definition
| This collection of certificates and corresponding private keys is known as the user's key history. |
|
|
Term
| What is the difference between a software token and a hardware token? |
|
Definition
| The hardware token has built in security of some sort, such as a code or password that must be entered to use the certificates and keys; a software token has no security other then what is provided by the host system. |
|
|
Term
| List the three types of certificates and what they are used for. |
|
Definition
| Identity, E-mail signing, and encryption. |
|
|
Term
| What does the global directory service provide for? |
|
Definition
| The ability to search for individuals, access information about them such as what their work phone number is or what their e-mail address is. It also contains the public key encipherment certificates, which allow other users to encrypt a message for that person that only they will be able to decipher. |
|
|
Term
| What does middleware allow the use of? |
|
Definition
| The software that resides on the users system that allows the use of the CAC and the certificates contained on the CAC. |
|
|
Term
| What does combat-ready communications and information forces provide? |
|
Definition
| The first-in and sustaining capabilities to support peacetime through combat operations worldwide. |
|
|
Term
| Who plans, engineers, deploys, and employs support for all air and space forces? |
|
Definition
| Communications and information professionals. |
|
|
Term
| What will disappear as personnel become adept in the standardized expeditionary C&I skill sets needed to support Expeditionary Air and Space Forces throughout the entire predeployment/deployment cycle? |
|
Definition
| The dividing line between "fixed" and "tactical" C&I. |
|
|
Term
| Why do we have quicker response times, an efficient use of resources, and more effective training than previous Air and Space Expeditionary Force deployments? |
|
Definition
| Versatility and flexibility of certain systems utilized during both initial and sustained deployments. |
|
|
Term
| Initial communications support is a major player in what area? |
|
Definition
| They provide the communicating link between forces securing the area and setting up support facilities as well as providing messaging capabilities back to the garrison units. |
|
|
Term
| Within what time frames are initial communications support designed to provide basic communications to a bare base operation? |
|
Definition
| Within 24 to 72 hours of deployment notification and remain in place for up to 30 days. |
|
|
Term
| What are the three major components in the TDC program and what does it provide? |
|
Definition
LMST (easily deployable, long-haul communications),
ICAP (switched voice and data traffic), and NCC-D (radio, voice, record, and data communications; visual information services; and information protection). |
|
|
Term
| What is the mission of the sustained communications support teams? |
|
Definition
| To ensure AEF and AEW commanders have connectivity and an uninterrupted flow of mission critical information to field units, in-garrison units, and to command structures for the duration of the contingency |
|
|
Term
| What program is a state-of-the-art ground communications infrastructure that is designed to replace existing older communication systems? |
|
Definition
|
|
Term
| Is TDC-ICAP used in initial communications support or sustained communications support? |
|
Definition
|
|
Term
| What is the TDC-ICAP network designed to provide and to what network area? |
|
Definition
| The TDC-ICAP network is a scalable network providing telephone, data, and switched message service to customers at various locations within a metropolitan area. |
|
|
Term
| What concept allows planners to scale the network to meet the needs of deployments ranging from a few subscribers to a full wing, or even a Joint Air Force Command Component? |
|
Definition
|
|
Term
| What is the conduit that ties all the LANs together and provides the interface to other networks? |
|
Definition
| The base hub (MAN) is the conduit that ties all the LANs together and provides the interface to other networks. |
|
|
Term
| Which phase of the deployment cycle is all the preparation done? |
|
Definition
| The pre-deployment phase. |
|
|
Term
| What order indicates that your unit may deploy? |
|
Definition
|
|
Term
| Which phase in the deployment cycle do you enter after disembarking from your transportation? |
|
Definition
|
|
Term
| In which phase of the deployment cycle do you replace and or repair worn equipment and replenish supplies? |
|
Definition
|
|
Term
| What is an autonomous system defined as? |
|
Definition
| A collection of networks under common administration that share a common oruting strategy. |
|
|
Term
| How many bits is an IPv6 address compared to an IPv4? |
|
Definition
|
|
Term
| Identify the Network Identifier of 172.50.30.10. |
|
Definition
|
|
Term
| Identify the Subnet Identifier of 172.50.30.10. |
|
Definition
|
|
Term
| Identify the Host Identifier of 172.50.30.10. |
|
Definition
|
|
Term
| What functional area of network management is the process of obtaining data fromt he network and using it to manage the setup of all managed network devices? |
|
Definition
| Configuration management. |
|
|
Term
| What functional area of network management consists of the facilities needed to evaluate the behavior of network objects and the effectiveness of communications activities? |
|
Definition
|
|
Term
| What functional area of network management encompasses protecting sensitive information on devices attached to a data network by controlling access points? |
|
Definition
|
|
Term
| What functional area of network management involves measuring the usage of a network resource against a user or organization? |
|
Definition
|
|
Term
| What functional area of network management involves the process of identifying, locating, and correting network problems or faults? |
|
Definition
|
|
Term
| What are the two types of SNMP nodes? |
|
Definition
|
|
Term
| What does an Agent node do? |
|
Definition
| It is responsible for monitoring, collecting, and reporting management data to the management system. |
|
|
Term
| What is a Manager node's job? |
|
Definition
| It uses a NM station to issue requests for information from managed nodes. |
|
|
Term
| What are the the three types of SMARTS probes? |
|
Definition
| System Information, IP Network, and VLAN probes. |
|
|
Term
| What type of probe determines whether a device is certified and uniquely identifies it? |
|
Definition
| System Information Probe. |
|
|
Term
| What type of probe discovers IP network connectivity and finds IP addresses configured on a system? |
|
Definition
|
|
Term
| What type of probe collects VLAN information from switches including identifiers, trunks, and port memberships? |
|
Definition
|
|
Term
| What type of probe collects interdevice connectivity information? |
|
Definition
|
|
Term
| What are the three methods of creating sMARTS topologies? |
|
Definition
| Auto-discovery, manual discovery, and topology import. |
|
|
Term
| what are the three main components of SMARTS? |
|
Definition
| Domain manager, broker, and clients. |
|
|
Term
| What are the two types of SMARTS clients? |
|
Definition
|
|
Term
| What are the five types of SMARTS console clients? |
|
Definition
| Administration, broker, map, monitoring, and polling and thresholds. |
|
|
Term
| What type of SMARTS notification identifies a specific failure? |
|
Definition
|
|
Term
| What type of SMARTS notification indicated abnormal conditions? |
|
Definition
| Symptomatic Event (Orange/Yellow). |
|
|
Term
| What are the three types of active testing that protocol analyzers perform? |
|
Definition
| PING, Tracert, and traffic generator. |
|
|
Term
| What are the four types of line vital statistics that protocol analyzers display? |
|
Definition
| Protocol, MAC node, node discovery, and connection statistics. |
|
|
Term
| What are the two types of vulnerability scanners? Describe each. |
|
Definition
| Passive are host-based mechanisms that inspect system configuration files for unwise settings and security policy violations. Active are network-based assessments that reenact common intrustion detection scripts and record system responses. |
|
|
Term
| Describe the two methods of access control. |
|
Definition
| Examples of technical controls are the use of passwords and encryption as part of normal network security while administrative controls include the segregation of duties and screening of users. |
|
|
Term
| What is a weakness in an IS, or cryptographic system? |
|
Definition
|
|
Term
| What are examples of external vulnerabilities? |
|
Definition
| Malicious logic such as viruses, bots, DDoS attacks, spyware, access number replacement, spam, worms, or trojans. |
|
|
Term
| What are the characteristics of a virus? |
|
Definition
| Encryption, stealth, polymorphic, and time-dependence. |
|
|
Term
| Which public-key algorithm is suitable for encryption/decryption, signing/veritification of data integrity, and for key establishment? |
|
Definition
| Rivest-Shamir-Adleman (RSA). |
|
|
Term
| Which algorithm was designed exclusively for signing/verification and data integrity? |
|
Definition
| Digital Signature Algorithm (DSA). |
|
|
Term
| Which algorithm is exclusively a key establishment protocol where two entities use one private key and one public key to create a symmetric key that no third party can compute? |
|
Definition
|
|
Term
| Which hash algorithm is designed specifically for use with the DSA but can not be used with RSA or other public-key signature algorithms? |
|
Definition
|
|
Term
| What TDC system is configured in a lightweight, highly movile, self-contained satellite terminal, and can be set up in 60 minutes or less? |
|
Definition
|
|
Term
| What TDC system is compatible with local phone systems worldwide through the commercial PABX? |
|
Definition
|
|
Term
| Which TDC system performs local network defense; generates local situational awareness; manages local network configuration, and delivers information assurance? |
|
Definition
|
|
Term
| What are the six phases of the deployment cycle? |
|
Definition
| Pre-deployment, deployment, establishing service, extended service, re-deployment, and reconstitution. |
|
|
Term
| What are the four steps to the deployment phase? |
|
Definition
| Warning order, alert order, deployment order, and execution order. |
|
|
Term
|
Definition
| Information Resource Management: establishes AF policy for managing its information resources. |
|
|
Term
|
Definition
| Information Assurance: provide continuously for the availability, integrity, confidentiality, nonrepudiation, and authentication of information. |
|
|
Term
|
Definition
| Base-Level Planning and Implementation: tells how to manage planning and implementation of communications and information systems. |
|
|
Term
|
Definition
| Information Technology Hardware Asset Management: identifies responsibilities for supporting AF information technology equipment (computer systems). |
|
|
Term
|
Definition
| Software Management: identifies responsibilities for management of COTS and AF unique software acquired by the AF. |
|
|
Term
|
Definition
| NETOPS: overarching structure for the AF-GIG. |
|
|
Term
|
Definition
| Licensing Network Users and Certifying Network Professionals: outlines procedures for certifying network professionals who manage and operate government-provided information systems on AF networks. |
|
|
Term
|
Definition
| Air Force Messaging: Establishes email manager and user duties and responsibilities. Applies to use of all AF email systems by organizations, personnel, and contractors. |
|
|
Term
|
Definition
| Information Assurance Management: provides general direction for implementation of IA and management of IA programs according to AFPD 33-2. |
|
|
Term
|
Definition
| COMPUSEC: establishes requirements for IA. |
|
|
Term
|
Definition
| Identification and Authentication: provides identification and authentication computer security requirements for operational information systems. |
|
|
