INFORMATION ASSURANCE 107 Flashcards Preview

EIWS > INFORMATION ASSURANCE 107 > Flashcards

Flashcards in INFORMATION ASSURANCE 107 Deck (18):
1

IA

Information Assurance; Information operations that protect and defend data and IS by ensuring availability, integrity, authentication, confidentiality and non-repudiation.

2

ATO

Authority to Operate; usually over one year

3

IATO

Interim Authority to Operate; Usually 6 months

4

5 attributes of IA

Confidentiality, Integrity, Availability, Non-repudiation, Authentication

5

Confidentiality

Information or IS have been or may have been accessed, used, copied, or disclosed by someone who was not authorized to have access to the information.

6

Integrity

Protection against unauthorized modification or destruction of information.

7

Availability

Information the computing systems used to process the information and the security controls used to protect the information are all available and functioning correctly when the information is needed.

8

Non-Repudiation

Implies that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction.

9

Authentication

Security measure designed to establish the validity of a transmission, message, or originator, or means of verifying an individual’s authorization to receive specific categories of information.

10

9 categories of computer incidents

User Level Intrusion, Denial of Service, Malicious Logic, Unsuccessful Activity Attempt, Non-Compliance Activity, Reconnaissance, Investigating, Explained Anomaly.

11

IAVA

Information Assurance Vulnerability Alert

12

IAVB

Information Assurance Vulnerability Bulletin

13

IAVT

Information Assurance Vulnerability Technical

14

CTO

Communications Tasking Order

15

NTD

Navy Telecommunications Directive

16

Service Pack

A collection of updates fixes and/or patches

17

Difference between vulnerability and threat

Vulnerability: refers to the susceptibility of a person, group, society, or system to physical or emotional injury or attack.
Threat: An act of coercion wherein an act is proposed to elicit a negative response.

18

CSI

Cyber Security Inspection