DAU ISA 101 Module 13 Test 1

DAU ISA 101 Module 13 Test 1 Critical Requirements: Safety, Security, and Privacy Exam Here is your test result.The dots represent the choices you have made. The highlighted questions are the questions you have missed. Remediation Accessed shows whether you accessed those links.'N' represents links not visited and 'Y' represents visited links. Back to Status page contains 16 Questions 1) What are some characteristics of the Program Protection Plan (PPP)? Select Three (3) that apply. [26.101.1.1 Identify the purpose of a Program Protection Plan (PPP).] The PPP helps to ensure that programs adequately protect their technology, components and information. The PPP contains three main components: 1) Critical Program Information (CPI), 2) Program Office protection measures and 3) Mission-Critical Functions and Components. The PPP helps to manage the risks to critical program information and mission-critical program functions and components.  Preparation of the PPP is intended to help program offices consciously think through what needs to be protected. 2) What elements of the PPP consist of technology, components, and information that provide mission-essential capability to our defense acquisition programs? Select all that apply. [26.101.1.2 Identify the key components of a Program Protection Plan (PPP).]  Critical Program Information (CPI)  Mission-Critical Functions and Components Multi-level Security Mode (MLS) System High Security Plans Systems Safety Analysis 3) What law requires establishment of security plans by all operators of Federal computer systems that contain sensitive information? [26.101.1.3 Identify key laws dealing with critical requirements of security and privacy.] The Federal Information Security Management Act. The Computer Fraud and Abuse Acts. The Privacy Act. The Electronic Communications Privacy Act. 4) True or False. The purpose of Information Security (INFOSEC) is to keep government information from release to outsides sources. [26.101.1.4 Summarize the need for information security.] False True 5) One key primary security technology is: [26.101.1.5 Recognize technologies that can be used to improve information security.] encryption. file locking. domain restriction. classified user IDs. 6) Which Evaluation Assurance Level (EAL) of a commercial software product represents the highest level of confidence, security assurance and lowest risk to use? [26.101.1.6 Recognize how the Common Criteria is used to evaluate the security of software products used in Department of Defense (DoD) information systems.] EAL 7 EAL 1 EAL 3 EAL 5 7) True or False. Information Assurance acknowledges the increasing need for prevention and a proactive approach while Cybersecurity does not. [26.101.1.7 Define Cybersecurity.] True False 8) What is defined as verifying the identity or other attributes claimed by or assumed of an entity (user, process, or device), or to verify the source and integrity of data? [26.101.1.8 Define the five (5) attributes of cybersecurity.] Authentication Integrity Availability Non-repudiation Confidentiality 9) Focus areas that the RMF deems critical to the establishment of an effective cybersecurity risk management program include which of the following? [26.101.1.9 Identify the overarching principles of the Risk Management Framework (RMF) for DoD Information Technology (IT).] All of the choices are correct Continuous monitoring Operational resilience Cybersecurity reciprocity 10) What types of emergency events does COOP plan for? [26.101.1.10 Define a Continuity of Operations Plan (COOP).] All of these are correct acts of nature technological attacks requirement to establish back-up sites 11) The DoD requires that the following elements shall be included in a COOP, EXCEPT for: [26.101.1.11 Identify elements of a Continuity of Operations Plan (COOP).] Assumption that warning or attack or event will be received. Emphasize the permanent and routine geographic distribution of leadership, staff and infrastructure. Ensure information is provided to leaders and other systems users by maximizing the use of technology solutions. Consideration for the probability of an attack or incident and its consequences Continuity requirements are incorporated into the daily and routine operations of all DoD Components. 12) For a C4I system the most critical requirement typically is related to: [14.101.1.1 Describe why safety, security and privacy are critical requirements.] Security. Safety. Privacy. Flexibility. 13) True or False. It is ok for agencies to provide disabled individuals the ability to access and use some information in a way that is comparable to access available to others. [28.101.2.1 Recognize federal accessibility requirements for electronic devices, software and websites.] [Remediation Accessed :N] True False 14) The vision of JIE is to ensure that DoD military commanders, civilian leadership, warfighters, coalition partners, and other non-DoD mission partners have access to information and data provided in a . (Fill in the blank.) [27.101.1 Describe the Joint Integration Environment (JIE).] secure, reliable, and agile DoD-wide information environment Contractor led information environment Mostly classified information environment Cloud-centric information environment 15) Which of the following is a benefit of the Joint Information Environment (JIE)? [27.101.1.2 Identify the benefits of the JIE.] All of these are benefits. Having a flexible, fused data-centric environment enabling access to information at the point of need (Smart Services) Helping organizations across the DoD to achieve improved cybersecurity and interoperability Having the ability to adapt and include new technology into the JIE easily, quickly, and affordably 16) True or False. The vision of Joint Information Environment (JIE) is to enable information sharing with civilian leadership with DoD-approved devices and service providers. [27.101.1.3 Identify the purpose of the JIE.] [Remediation Accessed :N] True False