7A Flashcards
(35 cards)
___ ___ compliance ensures appropriate implementation of measures to protect all Air Force information system resources and information
Computer Security (COMPUSEC)
The focus of COMPUSEC is on end-point security and ports, protocols, and services management ___ ___ ___.
within the AF
The COMPUSEC objective is to employ countermeasures designed for the protection of __, ___ and ___ of United States government information processed by Air Force ISs.
confidentiality, integrity and availability
COMPUSEC includes all measures to ____ ISs and information against sabotage, tampering, denial of service, espionage, fraud, misappropriation, misuse, or release to unauthorized persons.
safeguard
Air Force Manual (AFMAN) ____, Computer Security (COMPUSEC) is the publication that implements the AF COMPUSEC program.
AFMAN 17-1301
COMPUSEC applies to __ __ ___ __ used to process, store, display, transmit, or protect AF information, regardless of classification or sensitivity, unless exempted through the risk management framework process.
all AF information technology
As an information technology professional, you work to achieve the fundamental goals of information security. Those fundamental goals are confidentiality, integrity, and availability— collectively termed
the __ ___ (not to be confused with the Central Intelligence Agency).
CIA Triad
One of the goals of information security is to ensure _____ such that only authorized persons can gain access to information and are able to read the information.
confidentiality
Which technologies keep information confidential?
- Access Control/Permissions
- Encryption
- Steganography
The following describes which technology that keeps information confidential?
Most network administrators secure information on the organization’s network by implementing permissions on the files and folders. This is known as building an access control list (ACL) on the files because the network administrator is controlling who can access the files. By setting permissions on the files and allowing only a specific group of users access to the files, you are helping to maintain confidentiality.
Access Control/Permissions
The following describes which technology that keeps information confidential?
____ data puts the information in an unreadable format until an authorized person decrypts the data, which places it back in a readable format.
Encryption
The following describes which technology that keeps information confidential?
___ is a method of hiding information, such as a text file, in a graphic file. The information is placed in the graphic file using a program, and a password is placed on the file. After sending the graphic to the intended receiver, the intended receiver would use the ___ application to read the information out of the file.
Steganography
Files can be encrypted at two levels—either encrypt the file in ___ or encrypt the file while it is in ____ from one location to another.
storage
transit
The concept of ___ ___ (not to be confused with personal integrity, or ethics) is to ensure that when data is sent from a source to a destination, the information received at the destination has not been altered in transit. ___ ___ also means that if you store a file on a storage drive and open it later, you can be certain that the data has not been altered while in storage.
data integrity
What four things fall under integrity?
- Hashing
- Digital Signature
- Digital Certificate
- Nonrepudiation
The following describes which integrity method?
To ensure data integrity when communicating over a network, the sending system runs the data through a mathematical algorithm, known as a ____ algorithm, which then generates an answer, known as the ____ value. This ____ value is then sent with the data. On the receiving end of the transmission, the destination system runs the data through the same mathematical algorithm to generate an answer (___ value). Once the destination system has its own calculated ___ value, it then compares that to the ___ value sent with the message—if they are the same, then it is assumed the data has not been altered.
Hashing
The following describes which integrity method?
A ___ ___ is created on a message to prove the integrity of the sender of the message. Because the signature is created using a person’s private key and only that person has access to their private key, it proves the sender is who they say they are.
Digital Signature
The following describes which integrity method?
A ___ ___ is an electronic file used to transport keys used to encrypt or digitally sign messages
Digital Certificate
The following describes which integrity method?
___ is the concept of ensuring that someone cannot dispute that they sent a message or made a change, which adds to the integrity of the system. You can use digital signatures or auditing as a method to implement ___.
Nonrepudiation
____, the third fundamental goal of information security in the CIA Triad, is the concept of ensuring that the information is available when the user wants it. This is an often-overlooked aspect of information security.
Availability
What are the popular solutions used to help maintain availability?
- Permissions
- Backups
- Fault Tolerance
- Clustering
- Patching
The following describes which solution to help maintain availability?
Implementing ____ on a resource is a way to ensure availability because if you limit who can delete the data, then chances are high it will still be available when needed.
Permissions
The following describes which solution to help maintain availability?
Ensure you perform regular ___ of critical information so that if the data becomes corrupt or unavailable, you can restore it from ____.
Backups
The following describes which solution to help maintain availability?
You can implement data redundancy solutions to ensure that if one of the hard drives fails, the other drives have a copy of the information. Having multiple drives work together in this way is known as RAID, or Redundant Array of Independent Disks. With RAID, if one of the drives fail, the other drives provide the missing data.
Fault Tolerance
