COMNAVIDFORINST M-5239.2D, COMMANDER'S CYBER SECURITY AND INFORMATION ASSURANCE HANDBOOK

Question 1

What centralizes command of cyberspace operations, strengthens DoD cyberspace capabilities, and integrates and bolsters DoD’s cyber expertise?

Answer 1

U.S. Cyber Command (USCYBERCOM)

Question 2

What manages the entire DoD Information Network (DoDIN)?

Answer 2

Defense Information Systems Agency (DISA)

Question 3

Who serves as the Navy’s cryptologic commander?

Answer 3

Commander, Tenth Fleet (C10F)

Question 4

What sets cyber policy for the Navy?

Answer 4

U.S. Fleet Cyber Command (FLTCYBERCOM)

Question 5

What provides integrated communications and IT systems that enable Information Dominance and the C2 of maritime forces/

Answer 5

Program Executive Office for Command, Control, Communications, Computers, and Intelligence (PEO C4I)

Question 6

What designs, develops, and deploys advanced communications and information capabilities?

Answer 6

Space and Naval Warfare Systems Command (SPAWAR)

Question 7

What, as the Navy’s C5I capability TYCOM, provides relevant, resilient, and effective C5I capabilities and a highly trained cyber workforce to maximize fleet readiness through Train and Assist Visits (TAVs) to support all Naval missions throughout cyberspace?

Answer 7

Navy Information Dominance Forces (NAVIDFOR)

NAVIFOR

Question 8

What operates and defends the Navy’s portion of the DoD Information Network (DoDIN), current Information Condition (INFOCON) level, and issues tasking orders and guidance to the Fleet in the form of Communications Tasking Orders (CTOs) and Naval Telecommunications Directives (NTDs)?

Answer 8

Naval Network Warfare Command (NAVNETWARCOM)

Question 9

What has the mission of coordinating, monitoring, and overseeing the defense of Navy computer networks and systems and to be responsible for accomplishing Computer Network Defense (CND) missions as assigned by C10F and Commander, USCYBERCOM?

Answer 9

Navy Cyber Defense Operations Command (NCDOC)

Question 10

What afford the ability to confirm an event based on live system analysis, and/or determine any additional data gathering actions required to facilitate an investigation?

Answer 10

Cyber Tactical Teams (CTTs)

Question 11

What is the Navy’s Center of Excellence for Information Operations (IO)?

Answer 11

Navy Information Operations Command (NIOC), Norfolk

Question 12

Who is responsible to the Commanding Officer (CO) for the proper development, implementation, and enforcement of the command’s personnel and traditional/PHYSEC posture?

Answer 12

Command Security Manager (CSM)

Question 13

Who is responsible for ensuring the command’s Information System (IS) is operated, used, maintained, and disposed of per governing security policies and practices?

Answer 13

Information Systems Security Manager (ISSM)

Question 14

Which Navy Enlisted Classification (NEC) must Information Systems Security Mangers (ISSMs) have?

Answer 14

NEC 2779

Question 15

What is the minimum required pay grade for personnel holding the Information Systems Security Manager (ISSM) position at the tactical/shipboard level?

Answer 15

E-7

Question 16

Who implements and enforces system-level Cyber Security (CS) controls per program and policy guidance?

Answer 16

Information System Security Officer (ISSO)

Question 17

Which personnel administer and maintain a command’s Information System (IS), and are the backbone fo the Cybersecurity Workforce (CSWF)?

Answer 17

Privileged users

Question 18

How often must authorized users of a network system participate in Cyber Awareness Challenge training as mandated by the DoD?

Answer 18

Annually

Question 19

What is the DoD IA Implementation Guide that implements policy, assigns responsibilities, and prescribes procedures for applying integrated, layered protection of the DoD IS and networks?

Answer 19

DoDI 8500.2

Question 20

What is the DON IA Workforce Management Manual that provides guidance for managing your local Cybersecurity Workforce (CSWF) and addresses training/certification requirements for members of the Cybersecurity Workforce (CSWF)?

Answer 20

SECNAV M-5239.2

Question 21

What is the DoD governing instruction on Incident Response?

Answer 21

CJCS-M 6510.01F

Question 22

Which publication provides specific Navy policy for developing an Incident Response program locally?

Answer 22

SECNAVINST 5239.19

Question 23

Which Naval Telecommunications Directive (NTD) addresses Electronic Spillage (ES)/Negligent Discharge within the Navy enterprise, and must be incorporated into a local command Incident Response Plan?

Answer 23

NTD 11-08

Question 24

What must all commands maintain for their network systems as granted by the AO for an Information System (IS) to process, store, or transmit information?

Answer 24

Authorization to Operate (ATO)

Question 25

Once an Authorization to Operate (ATO) is granted, the Authorization Termination Date (ATD) is technically within how many years of the authorization date?

Answer 25

3

Question 26

How many months prior to a site's Authorization to Operate (ATO) expiration must the Information Systems Security Manager (ISSM) contact their Immediate Superior in Command (ISIC) and begin to review and update the security authorization package for approval by Fleet Cyber Command (FLTCYBERCOM) Office of Operational DAA (ODAA)?

Answer 26

6

Question 27

What effectively terminated DIACAP as the DoD's IT accreditation process in favor of a "multi-tiered Cyber Security (CS) risk management process"?

Answer 27

Navy Cyber Power 2020

Question 28

Per which reference must afloat and shore sites place all DoD Information Systems (IS) under the control of a locally chartered Configuration Control Board (CCB)?

Answer 28

DoDI 8500.2

Question 29

How often at a minimum must the Configuration Control Board (CCB) meet?

Answer 29

Quarterly

Question 30

Which scanning software is currently in use at the time of this publication for afloat and ashore commands?

Answer 30

Nessus Scanner

Question 31

What replaced the eEye Retina tool, part of the Secure Configuration Compliance Validation Initiative (SCCVI)?

Answer 31

Assured Compliance Assessment Solution (ACAS)

Question 32

Per DISA Field Security Operations, CCRI Contributing Factors, command personnel who are responsible for executing the Incident Response and Recovery (IR&R) plan must be trained and the plan must be exercised and updated at least annually (for networks that are Mission Assurance Category (MAC) level II or III) or how often (for networks that are MAC level I)?

Answer 32

Semi-annually

Question 33

Which local plan is critical for shore commands to develop in order to have the ability to sustain mission essential functions in the event of a man made or natural disaster that precludes the sue of their current facilities?

Answer 33

Continuity of Operations Plan (COOP)

Question 34

NAVNETWARCOM Computer Tasking Order (CTO) 08-05A (221515Z Jul 08), Standard Consent Banner and User Agreements and which other publication must be read and understood by all command Information Systems Security Managers (ISSMs), as these serve as the backbone for training and certifying the Cybersecurity Workforce (CSWF)?

Answer 34

OPNAVINST 5239.1C

Question 35

Which online database consolidates and reports certification and training requirements for all workforce members and must be regularly viewed and tracked by command leadership?

Answer 35

Total Workforce Management System (TWMS)

Question 36

In which course do students learn to apply the Tactics, Techniques, and Procedures (TTPs) needed to defend shipboard networks against intrusions and exploitations?

Answer 36

Computer Network Team Trainer (CNTT)

Question 37

Which systems, combined with Intrusion Detection Systems (IDS) at the Network Operations Center (NOC) level, comprise the bulk of unit-level intrusion detection and prevention and represent a component of the Navy's overall Defense-in-Depth strategy?

Answer 37

Host Based Security System (HBSS)

Question 38

Administrators must ensure all subnets within each enclave are actively monitored in Host Based Security System (HBSS) by which module?

Answer 38

Rogue System Detection (RSD)

Question 39

For all systems, the Information Systems Security Manager (ISSM) must ensure that all network device and enclave passwords are stored offline and encrypted. Passwords must not be kept in a "master list," they must instead be protected via which Standard Form and stored in a General Services Administration (GSA)-approved container appropriate for the classification level of the system?

Answer 39

SF-700

Question 40

Which process is designed to provide positive control of the vulnerability notification and corrective action process in the DoD?

Answer 40

Information Assurance Vulnerability Management (IAVM)

Question 41

How many steps is the Information Assurance Vulnerability Management (IAVM) patching process for Program of Records (PoRs)?

Answer 41

7

Question 42

Where do commands report compliance for Information Assurance Vulnerability Management (IAVM) patching?

Answer 42

Vulnerability Remediation Asset Monitor (VRAM)

Question 43

How often must scans be conducted for all network-connected Programs of Record (PoR) systems?

Answer 43

Monthly

Question 44

Commands must ensure an archive of the past how many days' worth of scans exist in VRAM/VMS or are held locally?

Answer 44

90

Question 45

Anti-Virus (A/V) definitions must be maintained within a how many-day periodicity by requirement?

Answer 45

7

Question 46

What are published by Defense Information Systems Agency (DISA) for common network configuration and security requirements that specify how components should be configured to minimize the risk of vulnerability exploitation on the affected network?

Answer 46

Security Technical Implementation Guides (STIGs)

Question 47

Which tools are available to automate the Security Technical Implementation Guide (STIG) compliance validation?

Answer 47

Security Content Automation Protocol (SCAP)