Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

SPeD SPSC Certification > Cybersecurity > Flashcards

Cybersecurity Flashcards

1
Q

Confidentiality

A

Guards against a user without proper clearance accessing classified information.

Preserves authorized restrictions on information disclosure.

Protects personal privacy and proprietary information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Confidentiality example

A

XX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Integrity

A

Guards against improper modification to or destruction of information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Integrity Example

A

Prevents a user from improperly or maliciously modifying a database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Availability

A

Ensures timely and reliable access to and use of information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Availability Example

A

Ensures that an information system is accessible when an authorized user needs it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Importance of Authentication

A

Mechanism that authorizes or allows access to computer systems and networks and the data that resides there.

Loss of or incorrect authentication services could allow unauthorized access to classified data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Authentication Example

A

Common Access Card (CAC)

-provides system identification that authenticates the user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Non-Repudiation

A

Ensures that a party in an electronic exchange cannot deny…

  • participation in the exchange
  • authenticity of the message
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Non-Repudiation Example

A

Digital signature

-confirms the identity of the sender of an email or the signer of a document

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

5 Attributes of Cybersecurity

A

Confidentiality

Integrity

Availability

Authentication

Non-Repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

2 Most Important Cybersecurity Attributes

A

Confidentiality
-Ensures the nation’s private information is contained.

Authentication
-One must prove who they are and why they need access before gaining access to the nation’s private information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Importance of the 5 Attributes of Cybersecurity

A

Susceptible to threats and vulnerabilities.

Overlooking one attribute could create a vulnerability that leaves data susceptible to attack.

Must be aware of attributes to ensure risk is managed appropriately across all areas.

Must maintain these areas to prevent loss.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Main Points of Security Policy

A
  • Identify and protect national security information and controlled unclassified information (CUI) in accordance with national-level policy issuances
  • Promote information sharing, facilitate judicious use of resources, and simplify management through implementation of uniform and standardized processes
  • Employ, maintain, and enforce standards for safeguarding, storing, destroying, transmitting, and transporting classified information
  • Actively promote and implement security education and training throughout the Department of Defense
  • Mitigate the adverse effects of unauthorized access to classified information by investigating and acting upon reports of security violations and compromises of classified information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

DODI 8500.01 - Risk Management

A
  • DoD will implement a multi-tiered cybersecurity risk management process.
  • DoD must consider all cybersecurity risks.
  • All DoD IT will participate in a cybersecurity program to manage risk.
  • Risk management will be addressed as early as possible.
  • Documentation regarding the security posture of DoD IS and platform information technology (PIT) systems will be made available.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

DODI 8500.01 - Operational Resilience

A
  • Information and services are available to authorized users.
  • Security posture is sensed, correlated, and made visible to mission owners, network operators, and to the DoD Information Enterprise.
  • Whenever possible, technology components have the ability to reconfigure, optimize, self-defend, and recover with little or no human intervention.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

DODI 8500.01 - Integration and Interoperability

A
  • Cybersecurity must be fully integrated into system life cycles.
  • Interoperability will be achieved through adherence to DoD architecture principles, adopting a standards-based approach, and by all DoD Components sharing the level of risk necessary to achieve mission success.
  • All interconnections of DoD IT will be managed to minimize shared risk.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

DODI 8500.01 - Cyberspace Defense

A
  • Employed to protect, detect, characterize, counter, and mitigate unauthorized activity and vulnerabilities.
  • Shared with all appropriately cleared and authorized personnel.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

DODI 8500.01 - Performance

A
  • Implementation of cybersecurity will be overseen and governed through the integrated decision structures and processes.
  • Performance will be measured, assessed for effectiveness, and managed.
  • Data will be collected to support reporting and cybersecurity management activities.
  • Standardized information technology tools, methods, and processes will be used to the greatest extent possible.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

DODI 8500.01 - DoD Information

A

-All DoD information in electronic format will be given an appropriate level of confidentiality, integrity, and availability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

DODI 8500.01 - Identity Assurance

A
  • Identity assurance must be used to ensure strong identification, authentication, and eliminate anonymity.
  • DoD will public key-enable DoD information systems (ISs) and implement a DoD-wide Public key Infrastructure (PKI) solution that will be managed by the DoD PKI Program Management Office.
  • Biometrics will be managed.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

DODI 8500.01 - Information Technology

A
  • All information technology that receives, processes, stores, displays, or transmits DoD information will be acquired, configured, operated, maintained, and disposed of.
  • Risks, weaknesses or flaws, and vulnerabilities introduced through faulty design, configuration, or use will be managed, mitigated, and monitored.
  • Cybersecurity requirements must be identified and included.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

DODI 8500.01 - Cybersecurity Workforce

A
  • Cybersecurity workforce functions must be identified and managed.
  • Qualified cybersecurity personnel must be identified and integrated into all phases of the system development lifecycle.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

DODI 8500.01 - Mission Partners

A
  • Capabilities that are shared with mission partners will be consistent.
  • DoD originated and DoD provided information must be properly and adequately safeguarded, with documented agreements indicating required levels of protection.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Cybersecurity Concepts

A
  • Information Assurance Attributes
  • System Categorization
  • Assessment and Authorization Process
  • Data Spills
  • Disposal of Computer Media
  • Non-Traditional Work Environments
  • Processing Requirements for Specific Types of Information
  • New Technology and Equipment
  • Social Networking Services
  • Compilation and Data Aggregation
  • Marking Requirements for Electronic Information
  • Position Sensitivity Designation/Personnel Security Investigative Standards
  • Cybersecurity Policy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Importance of Cybersecurity Concepts

A
  • In order to put the policies into action, you must be able to identify fundamental cybersecurity concepts that are related to the protection of classified and controlled unclassified information.
  • Need to be able to explain your role in protecting DoD’s information systems and the information they process, transmit, and store.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What are the cybersecurity attributes?

A

Answer = All Confidentiality (correct response)  Integrity (correct response)  Availability (correct response)  Authentication (correct response)  Non-repudiation (correct response)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Why do you need to be aware of cybersecurity?

A

To uphold all elements of the National Industrial Security Program Operating Manual Answer =  To appropriately manage risk by mitigating threats and vulnerabilities  To examine your own actions and activities to uphold personal accountability  To ensure all appropriate measures are taken to protect a place and ensure only people with permission enter and leave it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What are the cybersecurity drivers?

A

Answer = All NIST 800-30 Rev 1, Guide for Conducting Risk Assessments  DoD 8530.01, Cybersecurity Activities Support to DoD Information Network Operations  DoD 8510.01, Risk Management Framework  DoD 8500.01, Cybersecurity  DoD Security Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Which skills do security personnel need?

A

Protect information systems. Answer 1 =  Identify all cybersecurity concepts.  Identify fundamental cybersecurity concepts that are related to the protection of classified and controlled unclassified information. Answer 2 =  Examine their role in protecting DoD’s information systems and the information they process, transmit, and store.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Responsibilities of Security Personnel in Cybersecurity

A
  • Protect classified information and controlled unclassified information.
  • Have proactive and continuous engagement and collaboration between security, information technology (IT), and cybersecurity personnel, at all organizational levels.
  • Manage threats, minimize vulnerabilities, use appropriate countermeasures, and respond to incidents swiftly and appropriately.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

DoD CIO Responsibilities

A
  • Monitors, evaluates, and provides advice to the Secretary of Defense regarding all DoD cybersecurity activities and oversees implementation of this cybersecurity.
  • Develops and establishes DoD cybersecurity policy and guidance consistent with this instruction and in accordance with applicable federal law and regulations.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

USCYBERCOM Responsibilities

A
  • Overall responsibility of directing the operation of and assuring the security of the global DoD network environment.
  • Leads the day-to-day defense and protection of the DoD networks and coordinates all DoD network operations.
  • Provides full spectrum support to military and counterterrorism mission.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Component Level Staff

A

Component and activity-level, you need to be aware of other cybersecurity staff as well, such as the

  • Authorizing Official (AO)
  • Personnel Security Specialist
  • Physical Security Specialist
  • Information Security Specialist
  • Industrial Security Specialist
  • Security Specialist
  • Security Officer
  • Risk Executive Function
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What skills do security personnel need to achieve their responsibilities?

A
  • Analyze and manage risk
  • Counsel stakeholders on security-related concerns, issues, and challenges.
  • Support risk assessment and management.
  • Execute security awareness training and education requirements and respond to security incidents.
  • Accountable for cyber command readiness, in information security, personnel security, physical security, counterintelligence, and vulnerabilities assessment and management.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What is the primary responsibility of security personnel

A

Monitor, evaluate, and provide advice to the Secretary of Defense Answer =  Protect classified information and controlled unclassified information  Direct the operation of and assure the security of the global DoD network  Coordinate all DoD network operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What is security personnel’s primary skill in relationship to cybersecurity

A

 Analyze duties Answer =  Manage risk  Execute training  Respond to incident

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Risk Management System Components

A

Risk Assessment

Mitigation

Evaluation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Risk Management System

A
  • Provides overarching methodology to follow when managing risks.
  • Consists of assessment, mitigation, and evaluation (in that order).
  • Be aware of risk impacts
  • Reassess constantly as new solutions are deployed.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Risk Assessment

A
  • Determines the extent of the threat and risk associated with the information system.
  • Used to identify security controls to decrease the risk.
  • Security personnel identify and evaluate risks, risk impacts, and countermeasures.
  • Revisit risk assessment as you move through the other phases of risk management.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Mitigation

A
  • Prioritize, implement, and maintain risk-reducing measures.
  • Implement the most appropriate controls.
  • Accept the risk by simply continuing to operate the information system.
  • Avoid the risk by eliminating the risk cause and/or the consequence.
  • Limit the risk by implementing controls to minimize the adverse impact of a threat exploiting a vulnerability.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Evaluation

A

Risk evaluation is essential to the risk management process. It is the continual process of assessing and mitigating risk. Then purpose of evaluation is to ensure that as changes occur, you are reviewing and ensuring that new risks have not arisen

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What are the six RMF steps?

A
  • Step 1 is Categorize System
  • Step 2 is Select Security Controls
  • Step 3 is Implement Security Controls
  • Step 4 is Assess Security Controls
  • Step 5 is Authorize System
  • Step 6 is Monitor Security Controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What is RMF?

A
  • Integrated enterprise-wide decision structure for cybersecurity risk management.
  • Includes and integrates DoD mission areas.
  • Facilitates reciprocity among federal agencies.
  • Used to assess and authorize information systems.
  • Can help prevent issues and manage all information systems.
45
Q

What are the components of the Risk Management System?

A

Revision  Analysis Answer 1 =  Evaluation Answer 2 =  Assessment Answer 3 =  Mitigation

46
Q

What are the steps in the Risk Management Framework (RMF)?

A

Answer = All Monitor Security Controls  Categorize System  Authorize System  Assess Security Controls  Select Security Controls  Implement Security Controls

47
Q

Security Personnel Responsibilities:

Step 1: Categorize System

A

This step corresponds to assessment in the risk management system.

  • Know how to assess threats to your information technology (IT) infrastructure
  • Threats are a potential activity that may contribute to the risks associated with operating an information system, or IS – controlled or uncontrolled, intentional or unintentional.
  • Know how to spot vulnerabilities to your IT program.
48
Q

The overall threat environment can be addressed in four areas:

A

Adversarial

Accidental

Structural

Environmental

49
Q

Adversarial Threats

A

Threat from an individual, group, organization, or nation-state seeking to exploit the organization’s dependence on cyber resources.

50
Q

Accidental Threats

A

Unintentional threats made by a single user or privileged user or administrator when performing their everyday responsibilities.

51
Q

Structural Threats

A

Failures of equipment, environmental controls, or software due to aging, resource depletion, or other circumstances.

52
Q

Environmental Threats

A

Natural or man-made disasters, unusual natural events, or an infrastructure failure or outage.

53
Q

Cyber Attack

A

Attempts by hackers to damage or destroy a computer network or system.

54
Q

Insider Threat

A

Malicious threats to an organization that come from people within the organization who have legitimate access to information concerning the organization’s security practices, data and computer systems.

55
Q

Social Media

A

Includes websites and applications that enable users to create and share content or to participate in social networking.

56
Q

Mobile Computing

A

Technology that allows transmission of data, voice, and video via a computer or any other wireless enabled device without having to be connected to a physical link.

57
Q

Evolving Threats

A

Constant changing threats and new technologies that leave the DoD vulnerable to attack.

*Challenge = keeping up with new threats as new environments are created.

58
Q

Common Cybersecurity Threat Methods

A
  • Sniffing and Eavesdropping
  • Malicious Code and Malware
  • Denial of Service
  • Spoofing
  • Password Cracking
  • Social Engineering
59
Q

Sniffing and Eavesdropping

A

Allows adversaries to tap into network traffic and capture packets.

60
Q

Malicious Code and Malware

A

Uses software to attack/damage computer systems and networks.

Examples: viruses, worms, and Trojans

61
Q

Denial of Service

A

Saturates resources on systems or networks so that the network or computers cannot provide required services to users.

Examples: teardrop attack, Smurf attack, and Distributed DOS (DDOS)

62
Q

Spoofing

A

Uses false information to gain unauthorized access to resources.

Examples: Forged IP addresses, Man-in-the-Middle attacks, and session hijacking attacks

63
Q

Password Cracking

A

Allows adversaries to derive passwords.

Examples: dictionary attacks, brute force and easy-to-guess passwords

64
Q

Social Engineering

A

Manipulates people into divulging confidential information.

Examples: pretexting/scenarios, phishing and dumpster diving.

*Information found from dumpster diving can provide an attacker with information to hack into system

65
Q

Threat Info

A

“There are many ways that cyber attackers can gain access.
Adversaries use probing and scanning to ascertain information about services, vulnerabilities, and hosts on a network. Please note that not all threats are issues. You must evaluate the threats and then make appropriate decisions”

66
Q

Vulnerabilities

A

Threats take advantage of weaknesses—or vulnerabilities–to gain unauthorized access to our information or systems. Vulnerabilities include physical security, IS software and hardware, and people. As security personnel, you need to assess the ease, rewards, likelihood, related threats, and residual risk of vulnerabilities. Your goal as security personnel is to be aware of vulnerabilities so that you can coordinate the appropriate countermeasures to prevent exposure.

67
Q

Vulnerability Tier 1

A

Vulnerability at the organization level.

68
Q

Vulnerability Tier 2

A

Vulnerability at the mission/business process level.

69
Q

Vulnerability Tier 3

A

Vulnerability at the information system level, which is where network vulnerabilities are categorized.

70
Q

What threat environments should you consider

A

Answer = All Adversarial  Environmental  Structural  Accidental

71
Q

What should you look for when assessing vulnerabilities?

A

Answer = All Residual risk  Ease  Likelihood  Related threats  Reward

72
Q

Which RMF steps assess risk?

A

Step 1 - Catagorization

73
Q

Which RMF steps mitigate risk?

A

Step 2 - Select Security Controls

Step 3 - Implement Security Controls

74
Q

4 Activities of Selecting Security Controls

RMF Step 2

A
  • Common Control Identification
  • Security Baseline and Overlay Selection
  • Development of a Monitoring Strategy
  • Review and Approval of Security Plan and Continuous Monitoring Strategy
75
Q

Common Control Identification

A
  • Chief Information Officer (CIO) provides resources and guidance for selecting security controls.
  • Actual selection of controls performed by the Information Security Officer (ISO) and the Common Control Provider (CCP).
  • CIO approves the selections made by ISO and CCP.
76
Q

Security Baseline and Overlay Selection

A
  • Identifies the baseline for the system based on impact levels.
  • Documented in the security plan.
  • Identifies overlays that apply to the information system (IS) or platform information technology (PIT) system.
77
Q

Monitoring Strategy

A
  • Defines how the continuing effectiveness of security controls will be evaluated.
  • Includes a plan for annually assessing the implemented security controls.
78
Q

Security Plan Review and Approval

A
  • DoD Components develop and implement the processes.
  • The Authorizing Official (AO) reviews the processes and decides whether to authorize the security plan and continuous monitoring.
79
Q

3 Areas Within Cybersecurity

A

Physical

Personnel

Procedural

80
Q

Physical Security

A

Limits physical access to the information systems.

81
Q

Physical Security Examples

A
  • Keeping information systems that process sensitive compartmented information (SCI) in a SCIF
  • Locking the server room doors
  • Securing workstations
  • Protecting portable devices such as laptops, tablets, and phones
  • Disabling drives
  • Protecting printers and waste
82
Q

Personnel Security

A
  • Limits access to the information system (IS) to cleared personnel with a need-to-know.
  • Ensures IS users are aware of the policies associated with IS and their responsibilities to protect the information it contains.
83
Q

Personnel Security Examples

A
  • Implementing unique identification
  • Correlating actions to users
  • Maintaining user IDs
  • Deactivating user IDs that are no longer eligible for access or no longer need-to-know
  • Implementing authentication requirements
84
Q

Procedural Security

A

Organization-wide countermeasures for information systems (IS) put into place.

85
Q

Procedural Security Examples

A
  • Internal Detection Systems (IDS) firewalls
  • Encryption
  • Not permitting thumb drives
86
Q

Implement Risk Controls

A
  • Implement controls consistent with DoD Component Cybersecurity architectures and documented in the security plan.
  • Products must be configured in accordance with the applicable Security Technical Implementation Guides (STIGs) or Security Requirements Guide (SRGs). -Identify any controls available for inheritance.
  • Implement controls consistently with DoD architectures and standards, and employ system and software engineering methodologies, security principles, and secure coding techniques.
  • Proposed security design must be addressed in preliminary and critical design reviews.
  • Security plan is updated to describe and document the security control implementation.
  • Existing security controls are reviewed. If they do not pose a risk, then they are inherited into the new practice.
87
Q

Which steps of the RMF are designed to mitigate risk?

A

Assess Security Controls  Monitor Security Controls Answer 1 =  Select Security Controls  Authorize System Answer 2 =  Implement Security Controls  Categorize Syste

88
Q

Which of the following are the activities that occur when performing RMF Step 2, Select Security Controls

A

Answer = All Common Control Identification  Monitoring Strategy  Security Baseline and Overlay Selection  Security Plan and Review Approval

89
Q

What activities occur during implementation of security controls?

A

Communicate updates to appropriate audiences  Seek approvals from CIO  Create appropriate training and communication plans Answer 1 =  Ensure consistency with DoD architectures Answer 2 =  Document security control implementation in the security plan Answer 3 =  Identify security controls available for inheritanc

90
Q

Which RMF steps evaluate risk?

A

Step 4 -Assess Security Controls

Step 5 - Authorize System

Step 6 - Monitor Security Controls

91
Q

4 Activities of Assessing Security Controls

A
  • Compare the security controls to the security assessment plan and the DoD assessment procedures.
  • Record the security control compliance status.
  • Assign the vulnerability severity value for security controls.
  • Determine the risk level for security controls.
  • Assess and characterize the aggregate level of risk to the system.
92
Q

Security Assessment Plan

A

Security Assessment Plans are developed, reviewed, and approved by…

  • Ensuring security assessment activities are coordinated.
  • Reviewing interoperability and supportability certification efforts, Developmental Test and Evaluation (DT&E) events, and Operational Test and Evaluation (OT&E) events.
  • Documenting the coordination of activities in the Security Assessment Plan.
  • Focus of the Security Assessment Plan is to maximize effectiveness, reuse, and efficiency.
93
Q

Assess Security Controls

A
  • Compare the security controls to the security assessment plan and the DoD assessment procedures.
  • Record the security control compliance status.
  • Assign the vulnerability severity value for security controls.
  • Determine the risk level for security controls.
  • Assess and characterize the aggregate level of risk to the system.

How do you determine the risk level for security controls?
You do this by using SCA’s determination that a credible or validated threat source and event exists. Consider the vulnerability severity level and pre-disposing conditions as well as the cybersecurity attributes and all impact levels related to the control. SCA’s consider the impact of a successful threat event.

94
Q

Security Assessment Report (SAR)

A
  • Documents issues, findings, and recommendations from the security control assessment.
  • The Security Controls Assessor (SCA) prepares the SAR.
  • The SAR is required for an authorization decision.
95
Q

Remediation Actions

A

When you conduct remediation actions on NC security controls, you base your findings and recommendations on the SAR. You will also reassess remediated controls

96
Q

Step 5 - Authorize System

A

Security authorization package is submitted and consists of the…

  • Plan of Action and Milestones (POA&M)
  • Security plan
  • Security Assessment Report (SAR)

The Authorizing Official (AO) issues an authorizing decision.

*The AO may have feedback that requires revision of the security authorization package, which must then be resubmitted to the AO for review and final acceptance.

97
Q

Step 6 - Monitor Security Controls

A
  • Impact of changes to the system and environment are determined
  • Selected security controls are assessed according to the continuous monitoring strategy
  • Remediation actions are taken
  • Security plan, Security Assessment Report, and POA&M are updated as necessary
  • Security status is reported to Authorizing Official (AO) who reviews the status reports
  • System decommissioning strategy is implemented when needed.
98
Q

Determining Impact of Changes

A

The information system owner…

  • Continuously monitors the system or information environment.
  • Periodically assesses the quality of security controls.
  • Reports any significant change in the security posture of the system.
99
Q

Assess Selected Controls

A
  • A selected subset of controls must be assessed in accordance with the continuous monitoring strategy.
  • The assessor must create a written and signed Security Assessment Report (SAR) that indicates the results of the assessment.
  • The Authorizing Official must review the SAR.
100
Q

Determining Remediation

A

Remediation actions are based on ongoing…

  • Monitoring activities
  • Assessment of risk
  • Outstanding items in the POA&M.
101
Q

Updating Documentation

A
  • The security plan, SAR, and POA&M must be kept up-to-date.
  • Updates result from changes due to system-level continuous monitoring.
  • The Program Manager (PM) and/or Security Manager (SM) perform all primary activities.
102
Q

Security Status Reports

A
  • Is reported to the Authorizing Official (AO).

- Must include the effectiveness of security controls employed within and inherited by the system.

103
Q

AO

A

During continuous monitoring, the AO reviews the reported status. The AO review includes the effectiveness of security controls employed within and inherited by the system.

104
Q

Decommissioning Strategy

A

If a system is no longer necessary, the decommissioning strategy is implemented.

The information system (IS) owner executes the actions outlined in the decommissioning strategy in the security plan.

When a system is removed from operation…

  • Assess the impact on control inheritance relationships
  • Update security plan to reflect decommissioned status
  • Dispose of artifacts and supporting documentation according to sensitivity or classification
  • Review data or objects that support DoD information enterprise
105
Q

Which steps of the RMF are designed to evaluate risk

A

Answer 1 =  Select Security Controls Answer 2 =  Assess Security Controls Answer 3 =  Monitor Security Controls Answer 4 =  Authorize System  Categorize System  Implement Security Controls

106
Q

What activities occur when assessing security controls?

A

 Prepare the Plan of Action and Milestones (POA&M)  Conduct final risk determination Answer 1 =  Develop, plan, and approve Security Assessment Plan Answer 2 =  Prepare Security Assessment Report (SAR)

107
Q

What activities occur when authorizing the system?

A

 Implement decommissioning strategy  Develop, review, and approve Security Assessment Plan Answer 1 =  Prepare the Plan of Actions and Milestones (POA&M) Answer 2 =  Submit security authorization package

108
Q

What activities occur when monitoring security controls?

A

 Prepare the Plan of Actions and Milestones (POA&M)  Develop, review, and approve Security Assessment Plan Answer 1 =  Implement decommissioning strategy Answer 2 =  Determine impact of change

109
Q

What must security personnel be able to do regarding cybersecurity?

A

-Identify fundamental cybersecurity concepts that are related to the protection of classified and controlled unclassified information AND examine their role in protecting DoD’s information systems and the information they process, transmit, and store. Each of the cybersecurity attributes is susceptible to threats and vulnerabilities. Security personnel need to be aware of the attributes to ensure they are appropriately managing the risk across all areas.

SPeD SPSC Certification (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions