CANES Flashcards
(299 cards)
1
Q
Directive that Defines measures that protect information and information systems
Ensures Availability, Integrity, Authentication, Confidentiality, non-repudiation
Includes measures to provide restoration of information
Protection, Detection, Reaction
Successful protection of assets requires:
Compliance
Understanding Vulnerabilities
A
Cybersecurity DoD 8500.01 Directive
2
Q
To WSUS patch administration steps
A
Login to CM01
From the Windows Start Menu open Windows Administrative Tools
Windows Server Update Services
3
Q
How to Modify Times for Automated synchronization in Windows Server Update Services (WSUS)
A
In the left pane of the WSUS management console, expand CM01, and select Options > Synchronization Schedule
4
Q
Add WSUS email notifications
A
In the left pane of the WSUS management console, expand the node labeled with the computer name and select Options. All available options appear in the center pane.
Select e-mail notifications
5
Q
Add user to the WSUS Domain Administrators Group
A
Windows Administrative Tools > Computer Management
System tools > Local Users and Groups > Groups
6
Q
Set the WSUS Server to Autonomous Mode
A
From WSUS, expand the node, Options, Update Source and Proxy Server, Update Source, Synchronize from another Windows Server Update Services Server radio button.
Ensure This server is a replica of the upstream server checkbox is NOT selected and click OK
7
Q
How to filter WSUS Update Reporting Views
A
Expand Updates node > All Updates > Actions > New Update View > Select Properties
View appears in the tree view pane under Updates, it displays like the standard views, in the center pane when selected
8
Q
What server to access WSUS from
A
CM01
9
Q
Log in to Exchange Admin Center
A
From MRDS01 desktop, double-click the Exchange Administrative Center (EAC) icon
10
Q
Set up email forwarding
A
From EAC > Set up an email contact > Recipients > mailboxes > Select user > edit > mailbox features > Mail flow View details > Enable forwarding
11
Q
EAC
A
Exchange Administrative Center
12
Q
Set up an email contact
A
From EAC, select recipients in the left pane and select contacts from the top menu. Click the Add (+) icon, select Mail contact
First Name, Last Name, Display Name, Name, Alias, External email address (address to forward to)
13
Q
Log in to Exchange Toolbox and use Queue Viewer
A
Remote IAEXET > Windows Star Menu > Microsoft Exchange Server 2016 > Exchange Toolbox > Queue Viewer
14
Q
What does Suspend in Queue Viewer do?
A
Prevents the email from leaving
15
Q
River City
A
OP SEC CON
4 everyone access
3 Chiefs
2 DH
1 Triad
16
Q
HBSS
A
Host Based Security System: Provides tools to prevent, detect track, report, and remediate malicious computer-related activities and incidents across all Department of Defense (DoD) networks
17
Q
McAfee Agent and Modules
A
McAfee Agent
McAfee Host Intrusion Prevention System (HIPS)
McAfee Rogue System Detection
McAfee Policy Auditor
McAfee Asset Baseline Module
McAfee VirusScan Enterprise (VSE)
18
Q
Is available only in extreme cases; can be initiated by the shipboard admin and will disable HIPS on entire network
A
SADR “Killswitch”
19
Q
SADR
A
Super Agent Distributed Repository (SADR) HBSS Configuration
CANES security uses SADR HBSS configuration on unclassified and SECRET networks. HBSS on the Secret Releasable (SR) and Sensitive Compartmented Information (SCI) networks
20
Q
SADR Servers
A
UNCLAS and SECRET enclaves each have two CANES SADR Servers (SADR01 and SADR02) that connect to the HBSS ePO Ashore server
Provide load balancing and fault tolerance
All CANES HBSS policies on UNCLAS and SECRET networks located on the Ashore HBSS Server
Access to Ashore HBSS Server via web interface
21
Q
Circumstances required to use killswitch:
A
No access to Shore HBSS server - No way to modify
HIPS interfering with functionality of a system or programs on a system that has official mission requirements
Several systems need to have HIPS disabled, and individually unlocking the HIPS Client User Interface (UI) is not feasible
Shipboard admins are provided HIPS Client UI password to unlock individual computers for troubleshooting
22
Q
VRAM
A
Vulnerability Remediation Asset Manager (VRAM)
Stores Assured Compliance Assessment Solution (ACAS) scans for:
Nonsecure Internet Protocol Router Network (NIPRNET)/UNCLAS
SECRET Internet Protocol Router Network (SIPRNET)/SECRET
ACAS personnel ensure assets (scanned IPs) are properly categorized
23
Q
Which VM supports the synchronization of Microsoft Outlook with a PDA?
A
(Personal Device Assistant) BES/BUEM
24
Q
Which Linux command is used to report the amount of disk space that files or directories occupy?
A
du
25
For which two enclaves can ACAS be configured to automatically send reports to VRAM?
UNCLASS and SECRET
26
Which DoD document identifies cybersecurity work in Special Area categories?
8140.01
27
PMS
Planned Maintenance System
28
FBR
Feedback Report
29
OPANAVIST PMS
4790.4
30
TFBR for discrepancies
CAT B
31
CANES have two types of user
Admin and non-admin
32
When forest-level enterprise access is needed
Enterprise Administrator
33
sa da na wa admin role email nomenclature
adminrole.first.last@FQDN
34
Service accounts
allows one application to access another, mainly system management applications
35
xxx.internals should be
Stored safely
36
Security technology that enables delegated administration for anything that can be managed with PowerShell.
Just Enough Administration (JEA)
37
Security principle and technology aimed at minimizing the risk associated with privileged access.
Just In time-Administration (JITA)
38
Tier 0, 1, and 2 administrators
0 Domain/enterprise 1 Server 2 Workstaton
39
Juno Techonologies
Scripts, for example to create an account
40
Canes account creation script server location
MCA01
41
Password complexity enforced by what server
Active Directory
42
Chapter for proper shutdown
Chapter 4, IETM
43
MECM
Microsoft Endpoint Configuration Manager
44
What type of hypervisor is run by ESXi
type 1 or bare metal
45
DCUI
Lowest level interface to ESXi
46
DISA Services
Cybersecurity, Network Connetions, Testing, Spectrum
47
C5ISR
Navy Command, Control, Communications, Computers, Combat Systems, Intelligense,, surveillance, and Reconnaissance
48
Primary Technical framework supporting Network Centric Operations (NCO)
Global Information Grid (GIG)
49
Services by DISA
Quality Assurance Enterprise Engineering
50
Provides end-to-end connectivity throughout the submarine
SubLAN
51
Provides Secret and Unclassified Local Area Networks within the ship and allows aess to DISN
ISNS
52
Provides sharing of information with different groups of nations at the SECRET level and below.
SR Network
53
Allows ships at sea protected and reliable access to special intelligence and SCI data
SCI Network
54
Transport link between NCTANPS PAC; NCTS San diego ; NCTAMS LANT; NCTS Naples, Italy and NCTS Bahrain?
Circuit-to-Packet (CTP)
55
Low probability for intercept and high chance of surviving a nuclear blast?
EHF
56
Provides a transit path off the ship for onvoard secure voice, data, and video?
Automated Digital Network System (ADNS)
57
Which system is a set of meteorology and oceanography forecast, database, and decision aid tools for weather forecasting?
Naval Integrated Tactical Environment Subsystem (NITES)
58
Which system supports the use of vending machines aboard ships?
Navy Cash
59
Provide supor for all NAVY C5ISR services
The NCTAMSs and NCTSs
60
Afloat and ashore networks provide connectivity
within a ship, ship-to ship , and ship-to-shore
61
Allow information to travel to and from a ship via the ADNS.
RF transports
62
How to swap EXSi hosts
In maintenance mode
63
Wording in the application for turning off
Power off = corrupt Shut down = gracefully
64
Redundant array of independent disks used by CANES
CANES 5
65
Device backup displayed by
SCOM
66
AAA
This stands for Authentication, Authorization, and Accounting. It's a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. These processes are important for network management and security:
Authentication verifies who a user is.
Authorization determines what a user is allowed to do.
Accounting keeps track of what the user does.
67
What systems are used to login with a CAC to a network device?
AAA RADIUS
68
Manages access to networks and networked resources efficiently and securely.
AAA RADIUS
69
RADIUS
(Remote Authentication Dial-In User Service) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users who connect and use a network service.
70
Service allows files to be sent from one host/node to another while maintaining data integrity
File transfer
71
Which enclave is designed to interoperate with coalition partners such as NATO
SR Network
72
Which wevsite for C4I systems provides a single point of customer service
Navy 311
73
A scalable method of managed network devices to synchronize to an accurate time source is provided by
NTP
74
CANES Routers and switches LAN Design
CANES Two-Tier: -Collapsed Core/ Distribution -Access
75
In a switch, blinking amber vs solid amber
Blinking amber: fault with network module, power supply or fan module. Solid amber: Configuration Error
76
ISE
Identity Service Engine
77
A CANES client successful connection requires:
-Device registered as CANES asset, indicated by being member of Active Directory domain - Cisco Network Admissions Control (NAC) Agent loadeed and enabled - Device MAC address added to the ISE Endpoint Management Identity Group
78
Three types of Router
-Cisco Integrated Service Router (ISR) - Cisco Integrated Services Digital Network (ISDN) Gateway - Cisco Adaptive Security Appliance (ASA)
79
Cisco ISDN Gateway
-Provides CANES with HD video conferencing capabilities - Inegrates between IP and ISDN networks - Specific to VTC service
80
The Cisco Switch contains two sets of IOS images for every feature and version
One set contains only the IOS image file extension .bin; The other set contains an IOS image plus a web-based device manager extension .tar
81
Each privileged account will need a separate
SAAR-N form completed and submitted.
82
What type of script is "CANES Create User"
Juno Technologies
83
What tabs are required to create a user
General and Organization (+Exchange)
84
Give the user access to all tabs in the Exchange Management Center and all drop-down menu options for Exchange Databases in the Create User tool
Add account to the Organization Management and Recipient Management Directory Groups by editing member of in Active Directory
85
Before running Vmware Tools
check the service is running
86
From where to run Vmware Tools
MRDS01
87
cd in command line to get to Vmware Tools
cd \Program Files\Vmware\Vmware Tools
88
Command from cd \Program Files\Vmware\Vmware Tools
VmwareToolboxCmd.exe stat
89
Commands available in VMwareToolbox.Cmd.exe stat
hosttime speed ballon swap memlimit memres cpures cpulimit
90
hosttime
date and tine of host
91
speed [command]
displays the CPU speed in MHz
92
ballon
memory reclaim from the virtual machine
93
some actions possible from vcsa html 5 suit
VM startup shutdown Snapshots
94
How to place EXSi in maintenance mode for swapping
From left panel right-click the esx and the workstation icon will get yellow strips once it's completed. Check "More Tasks"
95
Application to configure Switch
Putty name follow structure: U-BB-RTR-102
96
Initial commands in PuTTy to configure switch
adm.network password enable password config t
97
To display the most current backup file
show flash: | include backup
98
To overwrite the current startup-config file with the backup configuration file
copy backupfile.bak startup-config
99
After copy backupfile.bak startup-config confirm the destination filename:
startup-config // x bytes will be copied, proceed with // reload
100
Can provide time via triangulation
GPS
101
Statrum level 1 time servers provide time for CANES network Connect to one of four
GPS IRIG-B PPS 10 MHZ
102
For 3 dimentional position how many satellites do you need
4
103
Provides email, contact, and calendar synchronization for handgeld Commercial Mobile Devices
BlackBerry Unified Endpoint Manager (BUEM) 12.10 MR1
104
What services to check when handheld devices are not working
Verify BES/BUEM services
105
A Proxy works as a
funnel for all ips and web traffic
106
CANES employs the following proxy server:
Cisco Web Security Appliance Virtual (WSAV) proxy
107
Supports regular checking of percentage of decrypted traffic to ensure sizing in consistent with initial install
WSAV logs (Advanced Web Security Reporting log management) Another method of checking decrypted traffic regularly is via simple bash or PowerShell commands
108
Determines whether CANES users are accessing the network on an authorized, policy-compliant device
Identity Service Engine (ISE)
109
Assigns services based on the user role, group, and associated policy.
Identity Service Engine (ISE)
110
Provides Remote Authentication Dial-In User Service (RADIUS) services to the network
Identity Service Engine (ISE)
111
System Administrators can use Active Directory usernames and passwords to log in to _____ while being authenticated by Active Directory via the RADIUS server
Identity Service Engine (ISE)
112
Standatd defining how to provide authentication for devices that connect with other devices on Local Area Networks (LANs)
IEEE 802.1X
113
Used to authenticate non-IEEE 802.1X devices such as network printer, workstations, and Cisco IP phones
MAC Authentication Bypass for Bypassing IEEE 802.1X
114
Learns an endpoint's MAC address from the switch of the connecting device or an administrator can prepopulate the ISE server's MAB database before the device is connected
MAC Authentication Bypass for Bypassing IEEE 802.1X
115
EXEC mode is denoted by
The pound sign (#) at the end of the prompt in EXEC mode indicates that the user has entered Privileged EXEC mode, also known as Enable mode. This contrasts with User EXEC mode, which is indicated by a greater-than sign (>) and allows access to a more limited set of commands.
116
In the context of network equipment such as Cisco routers and switches, EXEC mode refers to
the command-line interface environment where users can execute privileged commands.
117
Synchronize the timeserver in RHEL
Remote into YUM. Use "sudo chronyc -a sources"
118
Fron DC01 ping the hostname. For the Timeserver by typing
w32tm /query /status
119
Log on to Cisco Prime Infrastructure
From MRDS01 https://pi.
120
username for Cisco Prime Infrastructure
root
121
How to manage wireless devices
Log on to Cisco Prime Infrastructure
122
service to restart as common trouble shoot step equivalent to signing in and out
Windows Explorer
123
FSMO
Flexible Single Master Operation
124
FSMO what does these roles permit?
These roles permit only one domain controller update access to a specific part of the Active Directory database
125
Five FSMO roles can be trasferred to any domain controller in the CANES Active Directory domain, what server has all five roles by default?
DC01 is assigned all five roles by default
126
FSMO roles
Schema Master, Domain Naming Master, Relative ID (RID), Primeary Domain Controller (PDC), Infrastructure Master
127
FSMO Role: Domain Naming Master
Makes changes to the domain naming space of the directory; adds and removes domains from the directory
128
FSMO Role: Relative ID (RID)
Processes RID pool requests for DCs withinn the domain; RIDs are unique identifiers associated to Active Directory objects
129
FSMO Role: Primary Domain Controller (PDC)
Is the Network Time Protocol (NTP) authoritative source; account password changes and authentication failures replicate to the PDC emulator first.
130
FSMO Role: Infrastructure Master
Updates cross-domain references when an object in one domain is referenced by an object in another domain.\
131
FSMO Role: Schema Master
Performs updates to the directory schema
132
Network shared folders on CANES FS01: HomeShare
is a user shared drive that redirects CANES users local profile folders
133
Network shared folders on CANES FS01: Share
is the general network share location for CANES user file and folder storage
134
Network shared folders on CANES FS01: Software
contains CANES domain software repository used by CANES automation scripts and other domain services such as Microsoft System Center Configuration Manager (SCCM)
135
SCCM
Miscrosoft System Center Configuration Manager
136
Correct PMS with
Feedback Report
137
Sync to accurate time source
NTP
138
Number of switch rack is determined by the size of the unit
Edge switch racks
139
Service allows files from server to server
File Transfer service
140
What enclave is for intelligece and crypto analyst
SCI
141
Routers CANES software 3
Cisco
142
Chapter 2 of the IETM
Safety precautions
143
Stratum level is a reference clock
Statrum 0
144
What administrator account is for network devices
NA
145
PDA server health
SCSM
146
Protocol AAA Canes
Radius
147
Virtual NIC in vitual machines what connects the VINIX?
Virtual Switch
148
FSMO Role: Infrastructure Master
Updates cross-domain references when an object in one domain is referenced by an object in another domain.
149
Large group of storage devices
Array
150
Type of virtualization allows you to use a program over another computer
Application Virtualization
151
Control IP traffic within a network
Switch
152
Chapter of the IETM overall nature of the system
Chapter 1
153
Submarines use for firewall
5525
154
Lowest probable of intercept, survives nuclear
EHF
155
Wireless Access Point Cisco manager
WLC wireless LAN controller
156
Enclave that supports across domain solutions
Secret
157
Proxy server
WSAV
158
Back up and Storage system
IBM 35 12
159
Server feature secures CANES workstations Active Directory to assign
Group policy
160
VM feature VM machine from one host to another
vMotions
161
Number of switch rack is determined by the size of the unit
Edge switch racks
162
Directory Service
Required by Linux servers fo sharing administrative configuraion data as well as non-administrative data, such as telephone and e-mail directories
163
Shell
The operatin system layer that interprets commands received from the applications layer.
164
The operating system layer htat schedules various processes and tasks, and manages other vita functions like file management and storage.
Kernel
165
A program that is loaded into memory when the computer boots up, The core of Linux, controlling the allocation of available hardware resources.
Includes the necessary programs to talk to all the devices connected to it. The Linux Kernel
166
A multi-level, hierchical system called a directory tree. There are 15 standard directories in the root directory, which is designated by a forward slash (/)
Linux Standard File Structure
167
To properly log out of the Linux shell, users must
type :"logout" or "exit" at the command prompt
168
reports the amount of disk space that specified files or directories occupy.
du
169
creates a new directory in the current or a named directory
mkdir
170
Searches text or a given file for lines containing a match to a given strings or words
grep
171
Creates archives of files for backup, transfer, or storage purposes
tar
172
Lists the files in the current directory or a named directory
ls
173
Displays information about a named command, including all of its available options
man
174
The Linux syslog report provides users with information related to all of the following
* system errors * dates and times of backups * unauthorized access attempts
175
Print (display) the path of the current working directory
pwd
176
The tar command does not perform compression. However,
compression utilities can be used to compress archives created with tar
177
Command in Linux to display current system time
$ date +"%T"
178
Command for a dynamic, real-time view of the running system?
top
179
Command to sed four copies of the text files "issues.txt" to a printer named "main_printer" which is not the dafult printer
lp -n 4 issues.txt -d main_printer
180
Broadcasts an IP address to each machine on a network to identify the associated mac address
arp
181
A software utility designed to schedule a variety of jobs, or tasks, to run once or on a recurring basis at specified times or intervals
Cron
182
Files that are lists of other files, used to organize files
Domain Sockets
183
Ordinary data files, such as text files, image files, executable files, etc
Regular Files
184
References that point to other files
Directories
185
Special files that connect the output of one process to the input of another
Symbolic Links
186
Special files that allowtwo-way communication between two processes.
Named Pipes
187
Files that facilitate the communication between hardware and software
Device files
188
Command to make a mirror image of a system hard drive on a different hard drive
dd
189
Command seraches for a specific string of characters or words in a named file or files
grep
190
What does the user need to do before mounting a filesystem to a currently accessible filesystem in Linux
Determine the device name associated with the particular storage device using the fdisk command and identify or create a mount point for the device.
191
Agile Core Services ACS Software automation capabilities
Continuous improvements and extensions to capabilities, Catch erros quickly and continuosly, Integrate new application code, Obrain end user feedback
192
In SW1 and SW2 variants, ACS is referred to as
Afloat Core Services
193
ACS in SW3 and beyond is currently fielded on
several large deck platforms
194
Two major components of ACS
ACS Common Services (ACS-C) ACS Data Analytics Services (ACS-DA)
195
Exchange Toolbox is installed on
CANES EX01/02 and IAEXET
196
Exchange Toobox includes _____, which is a MMC snap-in that you can use to vidw information about and act on queues and messages in queues
Queue Viewer
197
System Admins can use Queeue Viewer to perform the following actions:
Remove Messages, Suspend Messages, Resume Messages, Redirect Messages
198
Are the software used to establish connections and obtain user information required to transfer files
FileZilla Client and FileZilla Server
199
FileZilla is located on:
IAEXET for SW1/SW2
WEB for SW3/SW4
200
FileZilla provides the File Transfer Protocol (FTP) and File Transfer Protocol Secure (FTPS) for hosted and connected systems such as:
Global Broadcast Service (GBS)
Theater Battle Management Core Systems (TBMCS)
Distributed Common Ground System-Navy (DCGS-N)
201
FTP is used to
transfer files between hosts and or servers and does not require authentication
202
FTPS is secured using
Transport Layer Security (TLS), data is encrypted in transit
203
Secure File Transfer Protocol (SFTP) uses
Secure Shell Protocol (SSH) to secure FTP transfers
204
Trivial File Transfer Protocol (TFTP) uses
User Datagram Protocol (UDP) for FTP transfers which means the data is less reliable, but faster
205
Generate a single certificate in on Navy Certificate validation Infrastructure (NCVI)
Remote MCA01
AIC Tools
right click Generate single Certificate
Run as Administrator
Single Certificate
CANESComputer
The Enter Device Name screen appears
Type name of certificate
206
Path to save Certificate created from AIC Tool
\\ds\Software\DomainCerts\certs
207
Verify a .rsp file
Run .cmd as administrator
open _cert.rsp with notepad verify --Begin Certificate-- and --End Certificate-- header and footer
208
Add an FTP User
\\web\F$\FTP\DDGXX
New Folder
sa..
209
Enable FTP User
Remote into MCA01
Active Directory Users and Computers
CANES Groups
FTP Users
Members
Add user name for the Sys Adm account you created
210
Add WEB to Site Manager
MCA01
FileZilla FTP client
Filezilla
File > Site Manager
New Site: "WEB"
211
Verify the user's FTP access
down arrow next to Site Manager icon WEB
Connectivity to the FTP server is established when Status: Directory listing successful is displayed
212
VoIP connection type
TCP to establish UDP to conduct the call. Because TCP because it is too heavy for real time applications.
213
Prerequisites for installation and configuration of VOIP and VOSIP
* Identity Services Engine (ISE) Configured network End User Access (EUA) with Power over Ethernet (PoE) capability or a 100VAC wall receptacle
* CANES fully configured Cisco Unified Communication Manager (CUCM)
* Connectivity to the Network Operations Center (NOC) with 8kbps bandwidth or higher
* Automated Digital Network System (ADNS) Increment III SP4
* Verify Access Control Lists (ACLs) have been created in the firewall on both inbound and outbound interfaces for phone to connect to the NOC
* Record of Media Access Control (MAC) addresses of all VoIP phones
214
XMPP
Extensible Messaging and Presence Protocol (XMPP)
Provides open standard for interoperability with Department of Defense (DoD) users
Required to exchange text-based messages
Resides on the chat server
Supports external chat sessions
215
Swift Chat
Full-featured instant messaging client for internal communication:
Uses XMPP protocol
Open-source IM client
Supports different platforms
Provides strong security
Allows end users to share files
216
Mako Chat Server/Client
Enables warfighter’s client to maintain better connections to chat servers
Located at shore-based command centers or on ships
Provides authentication, encryption, and login security features
Enables XMPP users to connect directly to Mako servers
Used on SECRET enclave to increase security based on:
Transitional architecture
Certificate credentials
Strong user authorization requirements
Solid information encryption software
217
VTC
Video Teleconference
218
VTC
- Combination of locations
Host connection points and are the gatekeeper:
- Naval Computer and Telecommunications Station (NCTS) Hampton Roads (UARNOC)
- Naval Computer and Telecommunications Area Master Station (NCTAMS) PAC (Makalapa)
Connects to the gatekeeper with CRITICOM Integrated Secure Encryption Console (ISEC) switch
219
System Management Tools Benefits
Goal is to recognize all system administrator responsibilities and to choose one or more methods for verifying target objectives or tasks necessary
Interactivity
Tools work best when integrated with one another
Complexity
Granular interpretations of data presentation
Multiple dashboard and widget options
Innovations
Custom reports
Graphic dashboard options
Granular filters
Remote access
220
Main reference for Incident Management
CANES SW4 IETM, EE689-2X-IEM-004 AN/USQ-208C(V)
221
Main reference for CANES in C5ISR
Naval Telecommunications Procedures (NTP) 4(E) Naval Communications, Naval Network Warfare Command, 18 January 2008.
222
Main refence for Platform Variants
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
223
Main reference for CANES Computing Environment
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
224
Main reference for Security Enclaves
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
DDG Production IP Plan SW4, IPPLAN_DDG_CG-HW2.0-SW4.0-V1.0
225
Main reference for Technical Documentation
CANES SW4 IETM, EE689-2X-IEM-004-AN/USQ-208C(V)
NAVY 311, https://navy311.navy.mil
SAILOR, https://sailor.navy.mil
226
Main reference for Planned Maintenance System
CANES IETM SW4 – EE689-2X-IEM-004-AN/USQ-208C(V)
Ship's Maintenance and Material Management (3-M) System, OPNAVINST 4790.4
227
Main reference for Account Management
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
COMPACFLINST 5230.1A, Fleet Functional Area Manager/Fleet Applications and Solutions Team Program, 5230.1A 13 MAR 2018
228
Main reference for CANES Services
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
COMPACFLINST 5230.1A, Fleet Functional Area Manager/Fleet Applications and Solutions Team Program, 5230.1A 13 MAR 2018
229
Main reference for Virtualization
CANES SW4 IETM, EE689-2X-IEM-004-AN/USQ-208C(V)
CANES Network Maintenance Addendum, AN/USQ-208(V)
VMWare vSphere Virtual Machine Administration, https://docs.vmware.com
230
Main reference for CANES Web Proxy Servers
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
231
Main reference for Storage Area Networks
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
vSAN Planning and Deployment – VMware vSphere 6.7, https://docs.vmware.com/
232
Main reference for Network Device Management
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
CICD SW3 End User Access Switch Configuration, CICD-PMW160-CANES-000243
CICD SW3 Pre-Production, CICD-PMW160-CANES-000238
DISA Network Device Management, SRG (V)
DISA Network Devices, STIG (V)
DISA Network Infrastructure Policy, STIG (V)
Cisco ASA Series General Operations CLI Configuration Guide, https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/general/asa-96-general-config.html
233
Main references for CANES Switch and Router Operations
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
Cisco 3900 Series, 2900 Series, and 1900 Series Integrated Services Routers Generation 2 Software Configuration Guide
234
Main reference for Firewalls
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
CICD SW1 CISCO ASA Firewall - CICD-CICD-PMW160-CANES-000080
CICD SW1.2 CISCO ASA Firewall - CICD-CICD-PMW160-CANES-000175
CICD SW2 CISCO ASA 5525x- Firewall and Firepower Software Installation and Configuration - CICD-PMW160-CANES-000197
CICD SW3 CISCO ASA 5525x- Firewall and Firepower Software Installation and Configuration - CICD-PMW160-CANES-000254
235
Main reference for Network Time Protocol
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
236
Main reference for Wireless Access
CANES SW4 IETM, EE689-2X-IEM-004-AN/USQ-208C(V)
CICD SW4 Wireless LAN Controller Configuration, CICD-PMW160-CANES-000332
CICD SW4 Submarine NIPR/SIPR Wireless LAN (SWLAN), CICD-PMW160-CANES-000353
237
Main reference for Mobile Device Management
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
238
Main reference for CANES Web Proxy Servers
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
239
Main reference for Cisco Identity Services Engine
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
Cisco Identity Services User Guide
Cisco Identity Services Administrator Guide
Cisco Identity Services Command Line Interface (CLI) Reference Guide
240
Main reference for Windows Workstation
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
https://docs.microsoft.com/en-us/windows/resources/
https://support.microsoft.com/en-us/windows#ID0EAABAAA=Windows_10
241
Main reference for Windows Server
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
Microsoft Docs Windows Server, https://docs.microsoft.com/en-us/learn/browse/?roles=administrator&expanded=windows&products=windows-server
242
Main reference for Red Hat Enterprise Linux
Linux Security Technical Implementation Guide
Red Hat Enterprise Linux 7 System Administrator's Guide
243
Main reference for Service Account Management
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
244
Main reference for ACS
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
Afloat Core Services (ACS) Developer’s Interface Guide, ACS-A060-DIG-(V)
245
Main reference for WSUS
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
Concept of Operations (CONOPS), Windows Semi-Annual Channel Release for CANES, 2017-001735 Version . 11, 30MAR2018
Concept of Operations (CONOPS) Windows Semi-Annual Channel Release for CANES, SW2.0.X.0, 2017- 001735 Version 1.6, 09DEC2019
246
Main reference for Windows Exchange and Mail Service
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
247
Main reference for Security Service Architecture
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
Cybersecurity, DODI 8500.01, Change 1, October 7, 2019
Cyberspace Information Technology and Cybersecurity Workforce Management and Qualification Manual, SECNAV M-5239.2 (series)
Cyberspace Workforce Management, DoD Directive 8140.01
DOD National Industrial Security Program (NIST) Operating Manual, DoD 5220.22-M, May 18, 2016
DODI Network Management (NM), DoDI 8410.03, Change 1, July 19, 2017
248
Main reference to HBSS Host Based Security System
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
U.S. Navy Host Based Security System (HBSS) ePolicy Orchestrator (ePO) Afloat Consolidation Concept of Operations (CONOPS), Version 7, 18 September 2015
249
Main reference for ACAS Assured Compliance Assessment Solution
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
CANES ACAS and VRAM Fleet SOP, SOP-PMW-160-CANES-00001
Configuration Item Configuration Document (CICD) Assured Compliance Assessment Solution (ACAS) Server Configuration for SR/SCI, CICD-PMW160-CANES-000258
250
Main reference for VRAM
ACAS Server Configuration for SR/SCI SW4- CICD-PMW160-CANES-000330
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
251
Main reference for NCVI Navy Certificate Validation Infrastructure
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
NAVY CERTIFICATE VALIDATION INFRASTRUCTURE, CICD-PMW160-CANES-000358 SW4
252
Main reference for File Transfer Service
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
CANES Network Manager’s Guide, EE689-2X-GYD-020(V)
MIL-STD- 1780 Military Standard File Transfer Protocol
CISCO Introduction to client FTP, https://www.cisco.com/c/en/us/td/docs/ios/sw_upgrades/interlink/r2_0/user/ugftpc1.html#wp199177
253
Main reference for Cross domain Solutions
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
254
Main reference for VoIP Operations
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
CICD SW4 Voice over IP (VoIP) Telephone, CICD-PMW160-CANES-000355
255
Main reference for Chat Operation
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
Mako CANES Software 3.0 Installation and Operation Guide, Version 1.1.5
256
Main reference for VTC Device (Video Teleconference)
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
257
Main reference for VTC Operation
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
258
Main reference for VDS (Video Distribution Service)
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
CANES Network Manager’s Guide, EE689-2X-GYD-020
Developer's Interface Guide (DIG) for Consolidated Afloat Networks and Enterprise Services (CANES), CVN-DDG-LHA-CG MOC-LSD-LCC
Configuration Item Configuration Document (CICD) Video Distribution System SW 4.0, CICD-PMW160-CANES-000342
259
Main reference for System Management
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
Cyberspace Information Technology and Cybersecurity Workforce Management and Qualification Manual, SECNAV M-5239.2
Department of the Navy Information Systems Security (INFOSEC) Program, SECNAVINST 5239.3
Microsoft System Center Resources, https://www.microsoft.com/en-us/systemcenter/resources
260
Main reference for Incident Management
CANES SW4 IETM, EE689-2X-IEM-004- AN/USQ-208C(V)
Navy Information Forces Navy Process Reference Model, COMNAVIFOR M-2620.2
Cyberspace Information Technology and Cybersecurity Workforce Management and Qualification Manual, SECNAV M-5239.2
Department of the Navy Information Systems Security (INFOSEC) Program, SECNAVINST 5239.3
Microsoft System Center Resources, https://www.microsoft.com/en-us/systemcenter/resources
CYBER-1 (Series) Incident Management
DEPARTMENT OF THE NAVY COMPUTER NETWORK INCIDENT RESPONSE AND REPORTING REQUIREMENTS SECNAVINST 5239.19 (series)
261
Main reference for Event Management
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
Cyber Incident Handling Program 2012, CJCSM 6510.01B
Cybersecurity Activities Support to DoD Information Network Operations, DODI 8530.01
Committee on National Security Systems Instruction, CNSSI No. 1010
CICD SW3 System Management Suite, CICD-PMW160-CANES-000255
Computer Security Incident Handling Guide, NIST SP 800-61
262
Main references for Configuration and Release Management
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
COMNAVIFOR, M-2620.2 NAVY INFORMATION FORCES NAVY PROCESS REFERENCE MODEL
COMNAVIFOR, M-5239.2D COMMANDER’S CYBERSECURITY MANUAL
SECNAVINST, M-5239
System Center, HTTPS://WWW.MICROSOFT.COM/EN-US/SYSTEM-CENTER
CYBER-1 (REV E), SUBMARINE FORCE CYBERSECURITY MANUAL
263
Main references for SIEM (Security Information and Event Management)
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
COMNAVIFOR M-2620.2, Navy Information Forces Navy Process Reference Model
COMNAVIFOR M-5239.2D Commander’s Cybersecurity Manual
SECNAVINST M-5239
Sentinel Administrator Guide
Sentinel User Guide
264
Main references for Fault Isolation Strategy
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
CANES Network Manager’s Guide, EE689-2X-GYD-020
265
Main reference for Remove and Replace
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
266
Main reference for Watchstanding Procedures
CANES SW4 IETM – EE689-2X-IEM-004-AN/USQ-208C(V)
267
SIEM software is
NetIQ Sentinel Application in SW3/4 NetIQ Security Center in SW1/2
268
Six Steps troubleshooting procedure
- Recognize Symptom
- Define Symptom
- List Probable Faulty Functions
- Localize Faulty Functions
- Localize Trouble to the Faulty Component
- Failure Analysis
269
First consideration for remove and replace (Planning Considerations)
Documentation is the first consideration for remove and replace
270
What does EDP do?
Electronic Data Processing (EDP) Installs, maintains, and repairs Navy's afloat tactical systems: GCCS-M TBMCS NITES DCGS-N
271
Process Incidents Using SCSM, get to Service Manager Console
Remote into MRDS01 > Microsoft System Center > Service Manager Console > IM01 connect
272
Process Incidents Using SCSM, once in Service Manager Console
IM01 connect > from the bottom left pane Work Items > Incident Management > All Incidents
273
Process Incidents Using SCSM, once in Incident Management
All incidents > Create Incident > From all incidents IR8 (SharePoint)
274
Portion that supports ACS hosting management applications
Platform as a Service
275
System to prevent Host based instructions
HBBS
276
VTC
unclass secret
277
How often updates
everyday
278
All of them
File Transfer Service
279
Removal device first documentation
Documentation
280
For Scans
Nessus
281
Operational test new vender products
DoD
282
Validate users PKI
Desktop Validator
283
Type of account to access another application
Service Account
284
Edge Trasnsport Role
IAEXET
285
Access service use
TTC
286
Tool for tracking incidents
VM Service Manager
287
chat authentification encrition
Macon
288
Server
BU
289
Bridges
MCU
290
Installs, maintains, and repairs Navy's afloat tactical systems: GCCS-M TBMCS NITES DCGS-N
EDP
291
System
Microsoft System Center
292
Convert analog and digital to IP
CODEC
293
SCOM recommended starting point
CANES System Summary Dashboard
294
Endpoint Security Software
SIEM
295
3 step
List probable
296
Basic computer skills
authorized user
297
Enclave result uploaded
Unclass SIPR SR
298
Which Service distribute video
VDS
299
