VOLUME 1, SET 2 - COMPREHENSION Flashcards
1
Q
What is the name of the Air Forces’ safety program?
A
Mishap Prevention Program (MPP).
2
Q
What AFI implements the installation safety offices’ Mishap Prevention Program?
A
AFI 91–202, The US Air Force Mishap Prevention Program.
3
Q
What agency dictates what must be accomplished in the workplace, but not necessarily, how it will be accomplished?
A
OSHA
4
Q
Who is responsible for the safety of their facilities and personnel, including the correction of all hazards and deficiencies in their work places?
A
The commander.
5
Q
What should you do when there is conflicting safety guidance?
A
Apply the guidance that offers the most protection.
6
Q
Match the characteristics of each situation to its corresponding title.
____ (1) Follow all OSHA safety and health standards.
____ (2) Working conditions that do not pose a risk.
____ (3) Receive training about chemicals and hazards.
____ (4) Review records of work-related injuries.
____ (5) Keep records of work-related injuries.
____ (6) Not retaliate against any worker.
____ (7) File a complaint.
a. Employers must.
b. Employees have the right to.
A
(1) a. (4) b. (7) b.
(2) b. (5) a.
(3) b. (6) a.
7
Q
What AF series publications make up AFOSH standards?
A
AF 91–series publications.
8
Q
What office/individual is responsible for managing proactive on- and off-duty safety programs?
A
Installation Safety Office.
9
Q
What office/individual manages the occupational and environmental health surveillance program according to AF guidance?
A
BE.
10
Q
What office/individual is responsible for implementing a safety and health program in their unit or area of responsibility?
A
Commander.
11
Q
Who is required to complete the AF Risk Management Fundamentals course?
A
USR.
12
Q
What office/individual is responsible for developing JSTOs?
A
The supervisor.
13
Q
How many US workers were killed on the job in 2014?
A
More than 4,600.
14
Q
What are the three sub-categories of human factors?
A
(1) Physiological.
(2) Physical.
(3) Organizational.
15
Q
What are some physiological factors that can contribute to an unsafe attitude?
A
Unhealthy emotions, job or domestic pressures, distractions, job knowledge, shift work, hurrying or feeling rushed.
16
Q
What are some examples of physical factors?
A
Fatigue, strength limits, lack of sleep, ergonomic design constraints, drugs/alcohol.
17
Q
Who is responsible to mitigate human factors?
A
Everyone.
18
Q
What should be done before considering the use of PPE?
A
Hazards should be engineered out if possible, substituting a less hazardous material or process, isolation of operations, workaround procedures, rearranging or moving elevated or tall objects or furniture, or providing administrative controls whenever possible.
19
Q
When shall PPE be used?
A
Whenever there are hazards that can do bodily harm through absorption, inhalation or physical contact.
20
Q
Within the office space what is the most common hazard?
A
Falls.
21
Q
List the most common causes of office falls.
A
(1) Tripping over an open desk or file drawer, cords, loose carpet, or objects in walkways.
(2) Bending or reaching for something while seated in an unstable chair.
(3) Using a chair in place of a ladder.
(4) Slipping on wet floors.
(5) Inadequate lighting.
22
Q
Define horseplay.
A
Horseplay is rough or boisterous play or pranks that occur in the workplace.
23
Q
What could be the consequences of a workplace horseplay incident?
A
Workplace horseplay incidents may lead to serious injurie or death at work, divide the workplace, and prevent employees from getting their jobs done.
24
Q
Who is responsible to ensure that all employees have access to a safe, respectful, and harassment free place to work?
A
The commander.
25
What AFI provides detailed guidance of office safety?
AFI 91–203, Air Force Consolidated Occupational Safety Instruction.
26
Who is responsible for developing and maintaining a training and certification system to ensure employee training on fire prevention and protection responsibilities?
The facility manager and supervisors.
27
Fires in facilities are usually attributed to what factors?
Improper use, selection or placement of heaters, coffee makers, holiday decorations or improper storage or disposal of flammable and combustible materials.
28
What three items are needed to complete the fire triangle?
(1) Fuel,
(2) Heat.
(3) Air (oxygen).
29
What are the four ways to put out a fire?
(1) Cool the burning material (fuel).
(2) Eliminate oxygen from the reaction.
(3) Remove the fuel.
(4) Break the chemical reaction.
30
List the classes of fires.
Class A, B, C, D, K.
31
What does the PASS acronym stand for?
Pull Aim Squeeze Sweep.
32
What determines the severity of electric shock?
Amount and duration of current flow.
33
When are you required to have a safety observer when installing or repairing C&I systems, communication cables and antenna systems that may expose you to energized equipment?
When the circuit voltage is above 600 volts or when low voltage circuits has a potential for high current flow
34
What is the primary hazard associated with ladders?
Falls.
35
When would you not use a metal framed ladder?
While working around energized electrical circuits.
36
What AFI identifies activities where the wear of finger rings is prohibited?
AFI 91–203.
37
Define risk management.
RM is a decision-making process used to systematically evaluate possible courses of action, identify risks, benefits, and determine the best course of action for any given situation.
38
How many principles govern all actions associated with the management of risk?
Four.
39
What is an unnecessary risk?
• Unnecessary risk comes without a commensurate return in terms of real benefits or available opportunities.
40
What are the five steps in the risks management process?
(1) Identify the hazards.
(2) Assess the hazards.
(3) Develop controls and make decisions.
(4) Implement controls.
(5) Supervise and evaluate.
41
What is the fundamental objective of risk management?
The fundamental objective of risk management is to enhance mission effectiveness at all levels while preserving assets and safeguarding the health and welfare of personnel.
42
What is IT?
Any equipment, or interconnected system or subsystem of equipment, that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the Executive Agency.
43
What is a NSS?
Any IS operated by the US government that involves intelligence activities, cryptologic activities related to national security, command and control of military forces, weapons systems, or is critical to the fulfillment of military or intelligence missions is a NSS.
44
Is a payroll system a part of the NSS?
No
45
The DODAF specification contains how many volumes?
Four.
46
Describe the vision of the DODAF
Provide architecture concepts to guide development of architectures throughout the DOD in support of decision processes for departmental programs, military components, and capability areas focus on architectural data as information required for making critical decisions and deemphasize individual or independent architecture models.
47
What architecture framework is designated as the framework for DOD architecture development?
The DODAF is the designated architecture framework for DOD architecture development.
48
List at least three ways that DODAF’s architecture framework supports change in organizations through building and using architectures.
(1) Enhance decision-making processes by leveraging knowledge in existing architectures and opportunities for reusing existing information assets.
(2) Respond to stakeholder, customer, and client needs for effective and efficient processes, systems, services, and resource allocation.
(3) Provide mechanisms to manage configuration of the current state of the enterprise and to maintain validity of the expected performance.
(4) Analyze designs for future states of the enterprise.
(5) Establish baseline architectures for solutions under development.
49
Where does the mandate to develop architectures come from?
Law, federal level requirements, DOD policies, and instructions.
50
What are enterprise architectures?
Enterprise architectures are formal blueprints for methodically and completely defining an organization’s current (baseline) or desired (target) operational process and enabling environment
51
What was the name of the system that was employed before the CIPS?
CSIR.
52
What is the approved automated information system for planning, installing, and managing the AF cyberspace infrastructure?
CIPS.
53
Documents generated in CIPS are historical documentation, how long will the records remain associated with the equipment?
Throughout the equipment’s life cycle.
54
What three parts make up the Communications and Information Systems Installation Record?
Administrative record, drawing record, and maintenance record.
55
What are legacy records that provide a history and audit trail for AF systems?
Administrative records.
56
What records depict physical layout of communications and information systems and provide engineering data?
Drawing records.
57
In what year was the OSI model published and by whom?
1984 by the International Standards Organization
58
What ability does the OSI model provide?
• The ability for both hardware and software to communicate with each other across any type of media.
59
What two unique categories make up the seven layers of the OSI reference model?
(1) Application layers.
| (2) Data transport layers.
60
Describe the application layers.
The Application layers of the OSI model deals with application issues and generally only implements in software. The highest layer, application, is closest to the end user. Both users and application-layer processes interact with software applications that contain a communications component. These layers deal with the user interface, formatting data, and access to applications.
61
What layer generally only implements in software?
Application layers.
62
Which layer of the OSI model is closest to the end user and interacts directly with the software application?
Application layer.
63
What are two key types of application-layer implementations?
(1) TCP/IP.
| (2) OSI applications.
64
Which layer establishes virtual circuits?
Transport layer.
65
Which layer of the OSI model provides logical addressing as opposed to physical addressing?
Network layer.
66
Who subdivided the Data Link layer into two sublayers and what are the sublayers called?
The IEEE, LLC and MAC.
67
Which specification allows for unique identification at the data link layer?
The MAC sublayer.
68
What does the physical layer of the OSI model define?
The physical layer defines the electrical, mechanical, procedural, and functional specifications for activating, maintaining, and deactivating the physical link between communicating network systems.
69
Define a networks topology
A networks topology consists of the physical and logical arrangement of its stations in relation to one another.
70
What do we call a device that sits at the intersection of two or more transmission paths and switches traffic among those paths?
A node
71
Define topology
Topology is the branch of mathematics that examines the characteristics of geometric shapes.
72
If the topology cannot be seen or touched what type is it?
Logical topology
73
What considerations should you take when choosing a topology?
Type of equipment the network needs, capabilities of the equipment, growth of the network, and management of the network.
74
Name the two most common physical topologies
Bus and star topologies.
75
What is another name for a bus topology?
Linear bus
76
What IEEE standard applies to bus networks?
802.3.
77
List the advantages of a ring topology.
(1) Data packets travel at greater speeds.
(2) No collisions.
(3) Easier to troubleshoot.
(4) No terminators needed.
78
Which topology has cable segments connected to a centralized component?
Star topology
79
Which topology is the most common physical topology in Ethernet LANs?
Star topology
80
List the disadvantages of a star topology network.
Requires more media than a ring or bus, the failure of the centralized device will bring down the whole network, installation costs are higher.
81
What advantage does the extended star offer over the star topology?
The ability to cover greater distances for the central switch to the end nodes by adding repeaters or additional connectivity devices to the segments.
82
Which topology imitates an extended star topology and inherits properties of a bus topology?
Tree topology
83
List and describe the three tree topology layers.
(1) Access layer-the lowermost and is where computers attach.
(2) Distribution layer (middle)-is the mediator between upper layer and lower layer.
(3) Core layer (top)-central point of the network root of the tree form which all nodes fork.
84
What ensures effective, secure and efficient delivery of DOD IT communications?
Standards, policies and procedures.
85
List at least two of the standards used throughout the DOD to govern IT
(1) MIL-STD.
(2) DISA Instructions.
(3) DISA Circulars and numerous commercial standards.
86
What are the two classifications of transport protocols?
(1) Connection oriented.
| (2) Connectionless oriented.
87
In connection-oriented systems, what must happen prior to transfer of any data?
The connection is established between the sender and recipient.
88
List four protocols that use TCP.
(1) FTP.
(2) HTTP.
(3) SMTP.
(4) DNS.
89
What layer defines end-to-end connectivity between host applications?
The transport layer.
90
What method does TCP use to prevent network congestion by ensuring that transmitting devices do not overwhelm receiving devices with data?
Flow control
91
Describe error-control.
Determines whether transmitted data has become corrupt or otherwise damaged while traveling from the source to the destination.
92
What does a sliding window regulate?
A sliding window regulates how much information passes over a TCP connection before the receiving host must send an acknowledgement.
93
How do connectionless-oriented protocols differ from connection-oriented protocols?
Connectionless-oriented protocols simply send out the data packets to the receiving system and do not require a receipt acknowledgment.
94
What is UDP best at?
Sending small amounts of data for which guaranteed delivery is not required and minor packet loss is acceptable.
95
List four protocols that utilize UDP
(1) TFTP.
(2) SNMP.
(3) DHCP.
(4) DNS.
96
What is the de facto standard protocol of the internet and is the protocol of choice on LANs and WANs?
TCP/IP.
97
Which IEEE standard defines Data Link layer protocols that operate within TCP/IP?
Project 802 standards.
98
What are the four most important Network layer TCP/IP protocols?
(1) IP.
(2) ARP.
(3) RARP.
(4) ICMP.
99
How many fields make up a TCP segment?
13 fields.
100
Which field is a 32-bit number identifying the next data byte the sender expects from the receiver?
Acknowledgement number.
101
Describe the checksum field.
A TCP sender computes a value based on the contents of the TCP header and data fields. This 16-bit value will be compared with the value the receiver generates using the same computation. If the values match, the receiver can be very confident that the segment arrived intact.
102
In which field is the actual data that is transmitting inserted in the TCP segment?
Data field.
103
In the context of TCP/IP, what is a packet also known as?
A packet is also known as an IP datagram.
104
What are the two main parts of an IPv4 address?
(1) Network number.
| (2) Network host.
105
Who assigns network numbers?
Authorized representatives of Internet Assigned Numbers Authority (IANA).
106
What is the reserved IPv4 address for loop back?
127 in the network field, and any number in the host field.
107
What is the reserved IPv4 address for a limited broadcast?
255 in the network field and 255 in the host field
108
What is a subnet mask?
A subnet mask is a mechanism that allows a network device to divide an IP address into a network and host number
109
What are the two methods of subnet masking?
Classful and Classless.
110
What are some benefits to subnetting?
The benefits to subnetting are that subnets ease administration; improve network performance, and security.
111
How long is an IPv6 address?
16 octets long or 128 bits.
112
How is an IPv6 address expressed?
IPv6 is expressed in 16-byte fields using a colon hexadecimal format.
113
What are the two ways to shorten the expression of an IPv6 address?
(1) Leading zero compression.
| (2) Zero compression
114
What is a unicast address?
Unicast addresses identify a single interface. A packet sent to a unicast address delivers to the interface identified by that address.
115
What is a multicast address?
Multicast addresses (FF00::/8) identify a group of interfaces belonging to different nodes. Multicast packets send to all interfaces identified by that address.
116
What is an anycast address?
Anycast addresses identify a set of interfaces but the packets deliver to and accept by the closest interface.
117
What are the three types of unicast address?
(1) Link.
| (2) Site, and global.
118
What is the IPv6 loop back address?
0:0:0:0:0:0:0:1 or ::1 is the loopback address.
119
What allows servers the capability to provide multiple services?
Ports
120
What is the number range of registered ports?
1024-49151
121
What is the default port assignment for HTTP?
Port 80.
122
What is the default port used with credit card transactions on e-commerce sites?
Port 443-Secure Socket Layer.
123
What does RAM mean?
The term “random access” refers to the method of addressing memory. With random access, the CPU can address any memory location directly and read the data contained at that memory location.
124
What is the difference between ROM and RAM?
ROM is a type of memory that normally can only be read, as opposed to RAM, which can be both read and written. The data stored in ROM is always there, whether there is power or no power.
125
Name the special type of memory used to store the BIOS settings in a PC.
CMOS memory.
126
What speed enhancement is a small amount of memory placed inside the CPU or between the CPU and the main memory computer?
Cache.
127
How much data can be stored on a DVD-ROM?
Up to 4.7 GB.
128
What interface was the evolution of the parallel ATA physical storage interface from a parallel bus to a serial bus architecture?
SATA.
129
What is the primary internal interconnecting for desktop and mobile PCs, connecting the host system to peripherals such as hard drives and SSD?
SATA.
130
Describe the latest version of SCSI.
The latest version, 16-bit Ultra-640 (Fast-320) SCSI, was introduced in 2003 and has a 640 MBps transfer speed, connecting up to 16 devices with a 12-meter cable length.
131
What is the key difference between SCSI and SAS devices?
SAS devices have two data ports, each of which resides in a different SAS domain. This enables complete failover redundancy as if one path fails; there is still communication along a separate and independent path.
132
Which connection enables data transfer speeds of 480 Mbps and can handle up to 127 peripherals at once?
USB 2.0.
133
Define a peripheral device.
A peripheral device is not a main component of a computer and can be either internal or external.
134
What type of internal component most high-volume printers use to connect to a network?
Integrated NIC.
135
What is the internet?
The Internet is a network of networks.
136
What is the name for networks that use the same software and protocols as the public internet, but exist as a portion of an entities private network?
Intranets.
137
What is a group of computers and devices that share a common communication line and resources in a small geographical area?
LAN.
138
What type of network interconnects several local area networks by bridging them with backbone lines?
MAN.
139
What is the name for a network connected between two cities?
WAN.
140
Primary addressing in WLANs is achieved by using what type of address?
MAC.
141
WLAN implements what algorithm to prevent data collisions?
CSMA/CA
142
List the advantages to using WLAN.
(1) Mobility.
(2) Ease of installation.
(3) Lower cost.
143
List each of the IEEE wireless standards.
(1) 802.11b.
(2) 802.11a.
(3) 802.11g.
(4) 802.11n.
144
At what speed does the 802.11n standard operate?
2.4 GHz and 5 GHz.
145
What network provides a private tunnel through the Internet?
VPN.
146
Most VPN traffic in the Air Force is done in what type of configuration?
Gateway-to-gateway configuration.
147
What data transport method grew out of the need for a worldwide standard to allow interoperability of information, regardless of the information type or “end-system”?
ATM.
148
How many bytes make up the ATM cell, header and payload?
53 byte cell, a five byte header and a 48 byte payload.
149
ISDN channels are separated into two sub-channels, list and describe the sub-channels.
Sub-channel B 56 Kbps or 64 Kbps and are used for both voice and data. Each B channel can carry a separate telephone call. The D-channel is a 16 Kbps use to carry call control (or supervisory) information. The information on the “D” channel tells the network switches what to do with the traffic on the “B” channels.
150
What T-carrier service can a subscriber request when the full bandwidth of a T1 line is not needed?
Fractional T–1 (FT–1).
151
What Ethernet standard has supplanted fast Ethernet in wired networks?
Gigabit Ethernet (GbE or 1 GigE)
152
What are the primary entry points for DSCS satellites?
STEP terminals.
153
STEP offers standardized support for whom?
Tactical forces.
154
What is the disadvantage of tactical terminals?
They require much more of the satellite’s downlink power to receive the signal.
155
DOD Teleport system implementation has how many phases?
Three
156
Define modems
A modem is a device that modulates signals to encode digital information and demodulates signals to decode the transmitted information.
157
What are the two types of modems used?
(1) Dial-up.
| (2) Dedicated or leased.
158
What is one of the principal functions of a CSU?
Provides a barrier for electrical interference from either side of the unit.
159
What is the main function of a DSU?
A DSU’s main function is to adapt the digital data stream produced by the customer equipment to the signaling standards of the telephone carrier equipment, and vice versa.
160
What layer of the OSI reference model do converters operate?
Layer 2, Data Link.
161
What is the primary use for a bridge in networking?
The primary use for a bridge is to decrease network congestion, but it also propagates a signal like a repeater.
162
What do LAN switches provide between network devices?
Switches provide collision-free, high-speed communication between network devices.
163
Can a switch connect LANs of different bandwidths? If so, give example.
Yes, this is accomplished with buffering
164
What type of switching is required when a moving a frame from a low-speed LAN to a high-speed LAN?
Store-and-forward switching is required whenever a frame must be moved from a low-speed connection to a high-speed connection.
165
What is the fundamental difference between Layer 2 and Layer 3 switching?
The fundamental difference between Layer 2 and Layer 3 switch operation is the layer at which each forwarding decision is made.
166
Which layer of the OSI model do routers operate?
Routers operate at layer three (network) of the OSI Model.
167
What does a typical router contain?
Internal processor, an operating system, memory, input and output jacks for different types of network connectors (depending on the network type); and, usually, a management console interface.
168
Routers compare metrics to determine optimal routes; these methods differ depending on what?
Design of the routing algorithm used.
169
What are routing protocols that manage traffic within an autonomous system called?
IGP.
170
Name two methods for directing data on the network.
Static or dynamic routing.
171
What is static routing?
Static routing is a technique in which a network administrator programs a router to use specific paths between nodes.
172
What is dynamic routing?
Dynamic routing automatically calculates the best path between two nodes and compiles this info in a routing table.
173
What protocols govern how networks share information beyond the gateway and behind the gateway device a network?
Gateway protocols.
174
What are the two common gateway protocols?
BGP and IGRP.
175
What are the two methods that encryption can be applied?
Link-by-link basis or end-to-end basis.
176
What is the most common telephone device used for voice encryption?
The STE is the most commonly used secure voice telephone.
177
What are the most common types of metallic cable used in networks?
Twisted pair cable and coaxial cable.
178
Which cable type is associated with the original designs of the Ethernet standard?
Coaxial cable.
179
List and describe the four most common coax cable types.
(1) RG–6 75Ohms.
(2) RG–58 50Ohms.
(3) RG–8 50Ohms.
(4) RG–11 50Ohms.
180
What medium is the primary carrier for voice telecommunications?
Twisted pair cable.
181
List and describe the categories of twisted pair cable.
(a) CAT 1–1 Mbps, voice only analog phone lines (not used for data communications).
(b) CAT 3–10 Mbps, Ethernet (10BaseT).
(c) CAT 5–100 Mbps, Ethernet (100BaseT).
(d) CAT 5e–1 Gbps (1000 Mbps), Ethernet (1000BaseT).
(e) CAT 6 and 6a–10 Gbps& 10 Gigabit Ethernet (10GbE).
182
An optical communications system requires three things to transport communications, list them.
An optical communications system requires a light source (transmitter), a transmission medium (cable), and a sensor (receiver).
183
List the advantages of fiber optic systems over conventional cable systems.
Larger bandwidths, freedom from interference, low cost, and lightweight.
184
(True/False) Fiber optic cable is immune to EMI.
True.
185
What is the most common wireless networking standard?
802.11.
186
At the simplest level, state the two things that an operating system does.
(1) Manages hardware and software resources of the computer system.
(2) Provides a stable, consistent way for applications to deal with the hardware without having to know all of the details of the software.
187
What are the six task categories of the operating system?
(1) Processor management.
(2) Memory management.
(3) Device management.
(4) Storage management.
(5) Application interface.
(6) User interface.
188
Name the Microsoft Windows family of operating systems.
(a) Windows 98. (f) Windows 7.
(b) Windows NT. (g) Windows 8.
(c) Windows 2000 Series. (h) Windows 8.1.
(d) Windows XP. (i) Windows 10.
(e) Windows Vista.
189
What is a domain?
A domain is a collection of computers defined by the administrator of a Windows Server network that share a common directory/database.
190
What year did the Bell Labs develop the UNIX operating system?
Early 1970s.
191
What is the program called that you interact with directly from your terminal or workstation?
The program that you will interact with directly from your terminal or workstation is called the “shell”.
192
Name four common shells in UNIX.
(1) Bourne Shell.
(2) Korn Shell.
(3) C Shell.
(4) Restricted shell.
193
Define partitions.
Partitions are physical areas of disk allocated with specific sizes to hold file systems.
194
When are partitions established?
Partitions are established during system configuration.
195
In which directory are application programs contained?
Application programs are contained in the usr directory.
196
What is the firmware prompt called on Sun machines?
On the Sun machines the firmware prompt is “ok” (often called the O.K. prompt)
197
What type of programs are applications?
End-user programs.
198
Which application allows the creation of queries, forms, reports and macros?
Microsoft Access.
199
What program is free to download from Adobe’s website that allows you to PDF files?
Adobe Acrobat Reader.
200
What is the COMSEC program designed to do?
The COMSEC program is designed to detect and correct procedural weaknesses that could expose critical information.
201
COMSEC is part of what overall program?
OPSEC.
202
What poses the greatest threat to an organization’ mission critical information?
Hostile information operations/information cyber-warfare activities pose the greatest threats to an organization’s mission critical information via its communications and information systems.
203
What Air Force program meets public law, national, and DOD requirements to secure or protect classified and sensitive information processed using Air Force information systems?
AF COMSEC.
204
What is the objective of COMPUSEC?
The objective of COMPUSEC is to ensure the employment of countermeasures to protect and maintain the confidentiality, integrity, availability, and nonrepudiation of AF IS resources and information processed throughout the system’s life cycle.
205
Define vulnerability in relation to an IS.
It is a problem, or weakness, in a computer system that allows an intruder or hacker to exploit the system’s information security.
206
List the forms of threats in regards to COMPUSEC.
(1) Natural.
(2) Environmental.
(3) Human.
(4) Viruses.
207
Which type of COMPUSEC threat is a severe storm?
Natural.
208
What type of COMPUSEC threat is increased by poor housekeeping practices?
Environmental.
209
Can human threats be intentional or unintentional?
Yes.
210
What is one of the newest COMPUSEC threats?
One of the newest COMPUSEC threats comes from hand held portable electronic devices and wireless technologies.
211
Weaknesses or deficiencies in maintaining the environmental stability, control, and safety of a data processing area is an example of what type of vulnerability?
Environmental vulnerability.
212
Which COMPUSEC vulnerability defines deficiencies in the development of rosters, responsibilities, and identification?
Procedural vulnerability.
213
How many additional security requirements for safeguarding classified information are there?
8
214
What is required when using nonvolatile or non-removable storage media?
a) Install the information system in an area approved for open storage of information at or above the highest classification level of processed information.
(b) Use an approved product or technique to prevent storing classified information on nonvolatile, non-removable storage media.
215
Define COMPUSEC incident.
An incident is defined as an assessed occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an IS; or when the information on the system processes, stores, or transmits; or that constitutes a violation or imminent threat of violation of security polices, security, procedures, or acceptable use policies.
216
What is one of the most common COMPUSEC threats?
Malicious software.
217
Is malicious software capable of destroying disk directories and file allocation tables?
Yes
218
What is spyware?
Spyware is computer software designed to collect personal information about users without their informed consent.
219
What can you do in conjunction with installing a good antivirus program to protect against malicious software?
(a) Take precautions when any removable media (CD-ROMs or flash drives). Viruses can spread through infected disks; do not share disks unless it is absolutely necessary. Virus-check any disks before accessing files on the disk.
(b) Do not share software. Only use original software on the computer being used. Do not share software with anyone else or put copies of someone else’s software on another machine.
(c) Always back up files. If a computer is infected with a virus that wipes out the hard drive, the data can still recover up to the last backup.
(d) Schedule time to scan your system’s hard drive. Scan removable media for viruses before each use. Hard drive media scans can be automated if antivirus software is configured properly
220
What is a classified message incident?
A classified message incident occurs when higher classification level of data is transferred to a lower classification level system/device via messaging systems.
221
How do denial of service attacks differ from other types of exploits?
DOS attacks do not try to gain access to the system but designed to render the system unusable.
222
What is the only way to prevent access to your data if you fall victim to a direct-access attack?
The only way to prevent this is to encrypt the storage media and store the key separate from the system.
223
What is your responsibility when you realize an incident has occurred?
You must report the incident that is your number one responsibility.
224
What three core disciplines encompass information protection?
(1) Personnel.
(2) Industrial.
(3) Information security.
225
What are the three types of classification?
(1) Original.
(2) Tentative.
(3) Derivative.
226
What does correctly marked classified material conspicuously and immediately alert holders to?
The presence of classified information.
227
Who has the specific responsibility to properly mark a new classified document?
The proper marking of a classified document is the specific responsibility of the original or derivative classifier (i.e., the author or originator of the information).
228
What actions must you take if you are the holder of an improperly marked classified document?
Contact the document originator to obtain correct markings and shall apply those marking as required.
229
What actions should be accomplished if a document has components likely to be removed and used or maintained separately?
Mark each component as a separate document.
230
What markings are required on a classified document?
Banner lines, portion marks, component, office and date of origin, and classification authority block.
231
What information can be gained from the banner line?
The banner line specifies the highest level of classification (Confidential, Secret, or Top Secret) of information contained within the document and the most restrictive control markings applicable to the overall document (hereafter referred to as “overall classification”).
232
Where does the classification authority block appear on a classified document?
On the face of each classified document.
233
If required, where are downgrading instructions placed on classified documents?
On the face of each document to which they apply.
234
When would it be appropriate to store money and/or weapons in the same container as classified information?
Never under any circumstances.
235
At what level is the classified information in a container that must be checked every two hours if no other supplementary control is in place?
Top Secret
236
What supplemental controls are required for Confidential information?
None, supplemental controls are not required for Confidential information.
237
What process takes place to determine which supplemental controls will be the most effective?
A risk assessment
238
At a minimum, what should be considered when conducting a risk assessment?
Consider local threats, both known and anticipated, and vulnerabilities; the existing security environment and controls; the ease of access to containers or other areas where classified data is stored; the criticality, sensitivity, and value of the information stored; and cost verses benefits of potential countermeasures.
239
What form is used to maintain a record for containers, vaults or secure room doors, used for storing classified information?
SF 700.
240
Which part of the SF 700, when completed, is classified at the highest level of classification authorized for storage in the container?
Part 2.
241
What must be done to a container that is taken out of service or is no longer used to store classified?
The combination must be rest to the standard combination of 50-25-50.
242
List the routine methods used to destroy classified material.
(a) Burning.
(b) Crosscut shredding.
(c) Wet pulping.
(d) Mutilation.
(e) Chemical decomposition or pulverizing.
243
List the methods used to sanitize or destroy classified IT equipment and media.
(a) Overwriting.
(b) Degaussing.
(c) Sanding.
(d) Physical destruction.
244
What happens to classified materials that cannot be destroyed?
Reevaluation of the material, when appropriate, downgraded, declassified, or retired to a designated record center.
245
What service is used when physically transporting Top Secret material?
DOD component courier service.
246
What service is used when the Top Secret material is traveling through or within countries hostile to the US?
Department of State Diplomatic Courier Service.
247
Can classified COMSEC materials be shipped overnight?
No.
248
Why should you not ship secret information on Friday?
To prevent the package from remaining in the possession of the carrier service over a weekend.
249
Prior to using electronic media and when technically feasible what should you do?
Clear or format the media.
250
Why is it important to clear media?
This precaution removes malicious software and other types of software that may exist on previously used media or media obtained from vendors.
251
Whose missions and functions are supported by the DODIN?
• Department of Defense, National Security, and related Intelligence community missions and functions (strategic, operational, tactical, and business), in war and in peace.
252
Name the two elements that make up the DODIN’s access services.
(1) DISN Interface.
| (2) DOD Gateway.
253
What is the primary interface between the sustaining base and deployed forces?
DOD Gateway.
254
What DODIN service includes the Defense Red Switched Network?
Voice Service.
255
What does the aerial layer provide?
The aerial layer provides additional communications capacity by using manned and unmanned systems to host communications packages for continuous communications coverage of large geographic areas.
256
What service provides a framework for protocols used by the DOD to support diverse telecommunication requirements for its organizations?
The DISN.
257
What are the DISN’s seven subgroups?
(1) Content delivery.
(2) Data.
(3) Messaging.
(4) Satellite.
(5) Transport.
(6) Voice.
(7) Virtual private network.
258
What are the three data services that DISN offers?
(1) SBU IP Data.
(2) Secret IP Data.
(3) TS/SCI Data.
259
What establishes a virtual point-to-point connection using dedicated connections, virtual tunneling protocols or traffic encryptions?
A VPN.
260
What are the two different Base Information Transport Infrastructure systems?
(1) BITI-Wired.
| (2) BITI-Wireless.
261
What are three DOD application examples that rely on SBU IP Data to communicate?
(1) E-mail.
(2) Web service.
(3) File transfer
262
What data rates are the SBU IP services capable of?
56kbps to 2.4Gbps.
263
What is the DOD’s largest interoperable C2 data network?
SIPRNET/Secret IP Data network.
264
What are the current data rates of Secret IP Data networks?
56 Kbps to 1 Gbps.
265
What provides a transmission path capable of secure video/data within the defense intelligence community?
JWICS.
266
What type of information can be exchanged by point to point or multipoint technologies?
Voice, data, graphics, video teleconferencing.
267
Why is the NSA network considered highly secure?
Because it is almost completely separated from the public Internet.
268
Define the Defense Switched Network.
DSN is a worldwide hierarchal network of telecommunication switches to which end instruments are connected.
269
What is the primary function of the Defense Switched Network?
To provide non-secure dial-up voice service.
270
How does DRSN provide secure communications to the various DOD, civilian and allied communities?
Through the use of cryptographically secured backbone trunks and access interfaces.
271
What systems use the DRSN as their primary network for secure conferencing?
World Wide Secure Voice Conferencing System (WWSVCS), Defense Satellite Communications System (DSCS), and the Military Strategic and Tactical Relay Satellite (MILSTAR).
272
Which system provides operation commanders with an integrated, near real-time picture of the battle?
Global Command and Control System.
273
What are the four systems that make up the GCCS-AF program.
(1) JOPES.
(2) GSORTS.
(3) DCAPES.
(4) COP.
274
Which system is a classified system designed to provide update to JOPES?
DCAPES.
275
What system was replaced by GCSS?
Defense Information Infrastructure Common Operating Environment
276
Which system provides the AF portal?
GCSS-AF.
277
What is the AF’s primary ISR CPAD system?
DCGS.
278
How does DCGS support multiple, simultaneous worldwide operations?
From in garrison and through scalable, modular system deployments.
279
What is the purpose of the Battle Control System-Fixed?
To track and intercept hostile aircraft.
280
How many sectors is the CONUS divided into?
Two
281
Where is the CONUS geographically divided?
The Mississippi River
282
What is the mission of the Global Broadcast Service?
The GBS mission is to provide warfighters with a one-way, high data rate, and high volume of intelligence info to forces garrisoned, deployed, or on the move.
283
What size is the GBS antenna?
18 inches in diameter.
284
What is the maximum data rate for the GBS?
1.5 Mbps.
285
What is the responsibility of the NMCC?
The generation of Emergency Action Messages (EAMs) to notify launch control centers, nuclear submarines, reconnaissance aircraft and battlefield commanders around the world.
286
What component of the GIG supports the President, SECDEF, and JCS in the exercise of their responsibilities?
The National Military Command System.
287
What are the command nodes for the NMCS?
NMCC, National Airborne Operation Center, USSTRATCOM Command Center, USSTRATCOM and USNORTHCOM mobile consolidated command centers, and other command centers designated by the SECDEF.
288
What is SACCS designed to support?
The Air Force’s strategic aircraft and missile functions.
289
How does the SACCS system achieve the requirement for survivability?
By using nuclear hardened equipment, redundant circuits, and alternate communications paths.
290
What is the mission of the HF-GCS?
To provide reliable, rapid, two-way communications between air-, land-, and sea-based users.
291
Which of the 15 Global HF System stations does not remotely control from the CNCS? Why?
The South Atlantic station. Because it only provides dedicated ALE support for AMC aircraft.
292
What is the purpose of the DCS HF entry?
To provide non-secure voice and secure/non-secure data connectivity to commanders and tactical units operating in areas of the world where DCS connectivity is unavailable or insufficient.
