Shared Flashcard Set

Details

IT1 ADVANCEMENT IA NOTES
IT1 ADVANCEMENT IA NOTES
52
Computer Networking
Professional
08/15/2013
Click here to study/print these flashcards.

Create your own flash cards! Sign up here.

Additional Computer Networking Flashcards

 

 

Cards

Term
DOD INSTRUCTION 8510.1
 Definition
DOD INFORMATION ASSURANCE CERTIFICATION AND ACCREDITATION PROCESS (DIACAP)
Term
DOD INSTRUCTION 8570.1
 Definition
INFORMATION ASSURANCE TRAINING, CERTIFICATION AND WORKFORCE MANAGEMENT
Term
WHAT IS ATO?
 Definition
APPROVAL TO OPERATE
Term
WHAT IS IATO?
 Definition
INTERIM APPROVAL TO OPERATE
Term
HOW MANY MONTHS IS IATO GOOD FOR?
 Definition
6 MONTHS. CAN BE EXTENDED TO 1 YEAR
Term
WHAT IS REQUIRED TO BE ABLE TO APPLY FOR IATO?
 Definition
AUTHORIZATION TERMINATION DATE
Term
WHAT IS DATO?
 Definition
DENIAL APPROVAL TO OPERATE
Term
WHO ISSUES DATO?
 Definition
DESIGNATED APPROVING AUTHORITY (DAA)
Term
WHAT IS IATT?
 Definition
INTERIM APPROVAL TO TEST
Term
HOW LONG IS IATO VALID?
 Definition
180 DAYS. INITIAL AND *EXTENSION CANT BE EXCEED 360 DAYS
Term
WHY WOULD DATO BE ISSUED?
 Definition
IF THE INFORMATION SYSTEM IS INADEQUATE
Term
WHAT IS ATD?
 Definition
AUTHORIZATION TERMINATION DATE
Term
WHO ISSUES ATD?
 Definition
DAA
Term
WHY IS ATD ISSUED?
 Definition
WHEN ATO/IATO AND IATT EXPIRE
Term
WHAT IS POAM
 Definition
PLAN OF ACTION MILESTONE - DETAILS OF DEFICIENCIES AND THE PLAN TO FIX THOSE DEFICIENCIES
Term
WHAT MUST BE ISSUED WITH POAM?
 Definition
IATO OR ATO REQUIRED
Term
HOW ARE ACCREDITATION APPROVALS RECEIVED?
 Definition
HARD COPY WITH SIGNATURE OR ELECTRONICALLY EMAILED WITH PKI SIGNATURE
Term
WHAT IS CA?
 Definition
CERTIFYING AUTHORITY - SENIOR OFFICIAL WHO HAS AUTHORITY OF CERTIFICATION OF INFORMATION SYSTEMS
Term
WHAT IS A DIACAP SCORECARD?
 Definition
SUMMARY REPORT ON INFORMATION SYSTEMS IN A FORMAT THAT CAN BE EXCHANGED ELECTRONICALLY
Term
WHO DOES THE DIACAP TEAM CONSIST OF?
 Definition
DAA, CA, PM, IAM, IAO AND USERS
Term
WHAT DOES THE IMMEDIATE SUPERIOR IN COMMAND ISSUE?
 Definition
VALIDATION IF MORE TIME THAT IS ALLOWED SPECIFIED IN YOUR IATO IS NEEDED
Term
WHAT DOES IT MEAN WHEN AN INFORMATION SYSTEM IS CONSIDERED NOT ACCREDITED?
 Definition
A DECISION HAS NOT BEEN MADE
Term
WHAT ARE THE THREE LEVELS IN THE INFORMATION ASSURANCE TECHNICAL AND MANAGER?
 Definition

LEVEL 1

LEVEL 2

LEVEL 3
Term
WHAT ARE THE TWO CATEGORIES OF INFORMATION ASSURANCE?
 Definition
TECHNICAL AND MANAGEMENT
Term
WHAT MUST EACH DAA COMPLETE WITHIN 60 DAYS OF ASSIGNMENT TO POSITION?
 Definition
COMPUTER BASED TRAINING
Term
WHEN MUST EVERY DAA CERTIFY?
 Definition
EVERY 3 YEARS
Term
WHAT DOES LEVEL ONE TECHNICAL (IAT) OR MANAGER (IAM) DEAL WITH?
 Definition
THE COMPUTER ENVIRONMENT: OPERATING SYSTEM, PERIPHERALS... ETC. (ON A SMALL SCALE)
Term
WHAT DOES LEVEL TWO, TECHNICAL (IAT) OR MANAGER (IAM) DEAL WITH?
 Definition
NETWORK ENVIRONMENT: LAN, WAN, GAN
Term
WHAT DOES LEVEL THREE, TECHNICAL (IAT) OR MANAGER (IAM) DEAL WITH?
 Definition
ENCLAVE ENVIRONMENT: ENCOMPASSES COMPUTER AND NETWORK ENVIRONMENTS INCLUDING PERSONNEL AND SECURITY POLICY
Term
DAA MAY WAIVE IAT OR IAM CERTIFICATION REQUIREMENTS UNDER WHAT CIRCUMSTANCES?
 Definition
SERVER OPERATIONAL OR PERSONNEL CONSTRAINTS
Term
WHAT MUST WAIVERS HAVE?
 Definition
MUST HAVE EXPIRATION DATE NOT TO EXCEED 6 MONTHS
Term
WHAT IS CND-A?
 Definition
COMPUTER NETWORK DEFENSE ANALYST
Term
WHAT DOES CND-A DO?
 Definition
COLLECTS AND ANALYZE INFORMATION
Term
WHAT IS CND-IR?
 Definition
COMPUTER NETWORK DEFENSE INCIDENT RESPONDER
Term
WHAT DOES CND-IR DO?
 Definition
PERFORMS INCIDENT MANAGEMENT AND RESPONSE
Term
WHAT IS CND-IS?
 Definition
COMPUTER NETWORK DEFENSE INFRASTRUCTURE SUPPORT
Term
WHAT DOES CND-IS DO?
 Definition
MAINTAINS DEVICES SUCH AS ROUTERS, FIREWALLS, INTRUSION PROTECTION SYSTEM AND INTRUSION DETECTION SYSTEM
Term
WHAT IS CND-AU?
 Definition
COMPUTER NETWORK DEFENSE AUDITOR
Term
WHAT DOES CND-AU DO?
 Definition
COMPLIANCE AND AUDIT TASK
Term
WHEN SHOULD A SYSTEM RECERTIFY?
 Definition
IMMEDIATELY IF THERE IS A THREAT OR ANY ISSUES DETECTED. IF NOT, EVERY 3 YEARS
Term
BEFORE A CRYPTOLOGIC INFORMATION SYSTEM CAN BE GRANTED APPROVAL TO OPERATE WHAT MUST BE DONE?
 Definition
A SITE VISIT BY DAA IS REQUIRED
Term
WHAT ARE THE STEPS TO ACCREDITATION?
 Definition
  1. IAO DEVELOPS SECURITY PLAN
  2. IAM REVIEWS SECURITY PLAN
  3. IAM SENDS TO PROGRAM MANAGER
  4. PROGRAM MANAGER ASSIGNS # TO PLAN
  5. PROGRAM MANAGER SENDS PLAN TO DAA FOR APPROVAL OR DISAPPROVAL
  6. DAA SENDS APPROVAL/DISAPPROVAL DIRECTLY TO IAM
  7. IAM MAINTAINS COPY AND SENDS ANOTHER COPY TO IAO
Term
WHAT IS THE MINIMUM CLASSIFICATION FOR A SECURITY PLAN FOR CRYPTOLOGIC INFORMATION SYSTEM (I.E. SCIF)?
 Definition
CONFIDENTIAL
Term
WHO IS A SCIF (SENSITIVE COMPARTMENTED INFORMATION FACILITY) ACCREDITED UNDER?
 Definition
DIA OR NSA
Term
WHAT IS THE INTERCONNECTING INFORMATION SYSTEM COMPOSED OF?
 Definition
SEPARATELY ACCREDITED INFORMATION SYSTEMS
Term
THE DECISION TO ALLOW FOREIGN NATIONALS ACCESS TO INFORMATION SYSTEMS SHALL BE                 ?
 Definition
EXPLICIT IN WRITING
Term
WHAT THREE THINGS MUST THE DAA USE TO DETERMINE THE PROTECTION LEVEL OF AN INFORMATION SYSTEM?
 Definition
  1. REQUIRED CLEARANCES
  2. FORMAL ACCESS APPROVAL
  3. NEED TO KNOW FOR ALL INFORMATION SYSTEMS
Term
HOW OFTEN DOES ATO HAVE TO BE REVIEWED AND WHY?
 Definition
ANNUALLY TO CONFIRM INFORMATION ASSURANCE REMAINS ACCEPTABLE AT ALL TIMES
Term
WHO DOES THE INFORMATION ASSURANCE OFFICER REPORT TO?
 Definition
INFORMATION ASSURANCE MANAGER
Term
WHO DOES THE INFORMATION ASSURANCE MANAGER REPORT TO?
 Definition
  • REPORTS TO THE CO FOR ULTIMATE SECURITY OF THE ENCLAVE ENVIRONMENT.
  • RESPONSIBLE TO DAA FOR ENCLAVE ENVIRONMENT
Term
WHO IS THE PAA?
 Definition
PRINCIPAL APPROVING AUTHORITY
Term
WHO DOES THE PAA DELEGATE DUTIES TO?
 Definition
DAA
Supporting users have an ad free experience!