Chapter 19 2013 Flashcards Preview

WAPS Testing > Chapter 19 2013 > Flashcards

Flashcards in Chapter 19 2013 Deck (51):
0

What are the three core disciplines of information assurance

COMSEC, COMPUSEC, Emissions Security (EMSEC)

1

Consist of measures and controls that ensure confidentiality, integrity, and availability of information systems assets including hardware, software, firmware, and information being processed, stored, and communicated.

COMPUSEC

2

Examples of malicious logic attacks

Virus, worm, botnet, Trojan horse

3

What is the maximum quantity of PII information that can be stored on removal devices

500 or more

4

Who must report lost or suspected lost removal media containing sensitive information to immediately

Local security manager or IA office

5

An IT threat that is received via email with embedded scripts or false links to provide access for hacker to control the users computer or install malicious logic

Phishing

6

Measures and controls taken to deny unauthorized persons information derived from information systems of the government related to national security and to ensure the authenticity of such information systems

Communication security (COMSEC)

7

What is the difference between transmission security and Emissions security

Transmission security falls under COMSEC and protects against exploitation by means of cryptoanalysis.
EMSEC prevents interception and analysis of compromising emanations from crypto equipment.

8

Process of identifying, analyzing, and controlling critical information

Operation security

9

Five steps of OPSEC

ID critical info, Analyse threats, analyze Vulnerabilities, Assess risk, Apply measures

10

What are the five basic characteristics of OPSEC indicators

Signatures, associations, profiles, contrasts, exposure

11

The characteristic of an indicator that makes it identifiable or causes it to stand out

Signatures

12

Relationship of an indicator to other information or activities

Associations

13

The sum of signatures and associations in an activities profile

Profiles

14

Differences observed between an activity standard profile and it's most recent or current actions

Contrasts

15

When or for how long an indicator is observed

Exposure

16

Classification, safeguarding, and sanctions are all components of what

Information security (INFOSEC)

17

What are the three levels of classification

Top secret, secret, and confidential

18

Who may classify information

Secretary defense, secretaries of military departments, officials specifically delegated authority

19

Document which details the original classification decision

Security classification guide

20

What four separate and parallel systems can bring about the declassification of information

Original classifier decides the time, automatically declassified on 25th anniversary unless actions are taken to keep classified, reviewed for declassification upon request, reviewed in a systematic manner for declassification

21

Which level classified information can be sent through the Postal Service or other authorized delivery service as long as receipts are used

Secret

22

Who grants, denies, revokes security clearance eligibility

AFCAF, Air Force Central Adjudication Facility

23

Where are security clearance records kept and who can access them?

In JPAS and unit security manager

24

What are the four steps in determining effects required of integrated defense program

Criticality of installation assets, analyzing threats, assessing vulnerabilities, make prudent ID desicions

25

The line that delineates the surface area of a base for the purpose of facilitating coordination and deconflictin of operations between adjacent units, formations, or areas.

(BB) Base Boundry

26

An Air Force unique concept to describe the area of concern around and airbase

(BSZ) base security zone

27

What is the command-and-control center for ID operations during routine and emergency operations

(BDOC) battle defense operation center

28

How many desired effects does a commander strive toward in risk management

Nine (ADDAWDDDR)

29

Achieved through intelligence analysis

Anticipate

30

Achieved through professional and persistent execution of security tactics, techniques, and procedures

Deter

31

Achieved through a variety of screening processes and observation technologies

Detect

32

Achieved through cognizance, readiness, and awareness of all Air Force personnel and an understanding of threat TTP

Assess

33

Achieved through standardized and reliable communications among and between units and personnel

Warn

34

Achieved through a multitude of force applications relevant to the threat

Defeat

35

Achieved through deliberate layers of defensive applications designed to progressively weaken or hinder the enemies effort

Delay

36

Achieved through the coordinated and synchronized force application of all airmen in a unified effort against the enemy

Defend

37

Achieved through prudent logistics and consequence management planning

Recover

38

Who plays a part in the intelligence fusion cell action group

Security forces staff function and subject matter experts from OSI

39

What does the intelligence fusion cell action group do

Conduct intelligence preparation for the operational environment

40

Critical assessment, threat and vulnerability assessment, risk assessment, risk tolerance, countermeasures, decisions and implementation are the seven steps of what

Integrated Defense risk management process

41

What protection level applies to assets that our nuclear weapons in storage, matted to the delivery system, or in transit; designated command, control, communication facilities; and aircraft designated to transport the president

PL1

42

Protection level of non-nuclear alert forces; designate space and launch systems; expensive, few in number, one-of-a-kind systems or facilities; and intelligence-gathering systems

PL2

43

Protection level of resources that are non-alert resources that can be generated to alert status, such as F-16s; selected C3 facilities, systems, and equipment; and non-launch critical or non-unique space launch systems

PL3

44

Protection level of facility storing category one, two, or three sensitive conventional arms, ammunition, and explosives; fuels and liquid oxygen storage areas; and Air Force accounting and finance vault areas

PL4

45

Within how many months of travel is the foreign travel briefing required

Three months

46

What are the four threat areas of human intelligence

Espionage, subversion, sabotage, terrorism

47

What is any action designed to undermine the military, economic, psychological, or political strength or morale of a regime

Subversion

48

What are the four efforts of human intelligence

Interrogation, source operations, debriefing, document and media exploitation

49

What is the act of questioning cooperating human resources to satisfy intelligence requirements, consistent with applicable law

Debriefing

50

Who is the point of contact between the Air Force and the Secret Service to report threats against the president vice president all former presidents wives or widows foruegn heads of state

OSI