what is a measure used to verify the eligibility of a subject and the ability of the subject to access certain info?
what are 3 primary ways to authenticate ones self?
something you know, are, have.
knowledge based identification and authentication methods require the user to provide something you?
the AF requires a network password to be atleast how many characters long?
what regulation covers remanence security?
storage media that retains data after power is removed is considered?
which standard form is used to annotate storage media has been sanitized?
who can declassify storage media that has been sanitized?
what is the process of physically damaging the media to render is unusable in a computer and render the data on the media irretrievable by any known exploitation methods?
what is the process of erasing magnetic media by reducing the magnetic flux to virtual zero by applying a reverse magnetizing field?
what is the preferred method of sanitizing magnetic media?
what is a comprehensive evaluation and validation of an air force info system to establish the degree to which it complies with assigned info assurance controls based on standardized procedures?
what is a formal declaration by a designated approving official (DAA) that an info system is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk?
what is the DOD process for certifying and accrediting info systems to operate on the global info grid (GIG)?
Department of Defense Information Assurance Certification and Accreditation Process (DIACAP)
what documentation is required to permanently connect to the global info grid system?
Authorization to Operate (ATO)
what doc signifies that a system is not allowed to connect to the global info grid?
Denial of Authorization to Operate (DATO)
what process, along with AFI 33-210, air force certification and accredidation (C&A) program (AFCAP), provides the basic framework of the certification and accredidation?
Information Technology (IT) lean reengineering
what do you call the consolidated list of requirements that a program office must adhere to when fielding a system?
department of defense info technology system cert and accreditation process (DITSCAP)
what is the database of record for registering all systems and applications?
what is a collection of computing environments connected by one or more internal networks under the control of a single approval authority and security policy?
how many non-secure internet protocol router network (NIPRNET) gateways does the af possess?
which agency must approve all info protection tools prior to their use?
what device is placed outside the boundary protection mechanism to monitor all attempted attacks?
Intrusion Detection System (IDS)
what are examples of network attacks that bypass the firewall?
Tunneling and application based attacks
what is the intrusion practice of encapsulating a message that would be rejected by the firewall inside a second message that will pass through the firewall?
a base web server that inferfaces with the public must be placed in what area of a base network?
what is the simplest and least expensive way to stop an inappropriate netowork address?
what type of firewall consists of a screening router and a set of rules that accept or reject a message based on information int he messages header (a packet): the source address, the destination, and the port?
what type of firewall is used to separate secure sites, networks, or network segments from less secure areas?
what type of firewall generates audit trails of all network related activity for monitoring and intrusion detection purposes?
what network dvice performs regorous examinations of systems to identify weaknesses that might allow security violations?
what action represents one of the greatest vulnerabilities to internal networks?
network connected computer systems with modems that make calls to accept calls from the public switched network
what do you call a current and percieved capability, intention, or attack, directed to cause denial of service?
an ainformation system on your network that is not to require the use of a common access card or password would be considered a?
a program that replicates by attaching itself to a program is a?
what type of malicious logic can form large networks that can be used to launch a varitety of attacks without an info systems owners knowledge?
what type of malicious logic can become active on an information system without the need to infect a file?
what is a cryptographic key and certificate delivery system that makes possible secure electronic transactions and exchanges of sensitive information between relative strangers?
Public Key Infrastructure (PKI)
what is an electronic document that officially links together a user's identity with his public key?
what is a file that is kept with you and will allow you to decrypt files encrypted specifically for you using your openly available encryption code?
what is an electronic document that officially links together a users identity with his public key?
Which component of the PKI responsible for establishing, authenticating, maintaining, and revoking certificates?
the 2 ways key establishment can occur are key?
transfer and aggreement
which public key algorithm is exclusively a key establishment protocol?
diffie and hellman
what is the primary unclassified PKI token for individual PKI keys and certificates in the air force?
which team provides a communication link between forces securing the area and setting up support facilities?
initial communications support teams
sustained communications support becomes a part of the deployment if it exceeds how many days?
who provides uninterrupted flow of mission critical information to field and in-garrison units for the duration of a contigency?
sustained communications support teams
what program is known as a state of the are ground to ground communications infrastructure designed to provide base level full spectrum communications to the commander and all agencies on base?