Term Definition
OPSEC Process - Assessment of The fourth step in the OPSEC
Risks process is to decide what issues
need to be addressed in the rest
of the OPSEC process.
Give this one a try later!
True False
2 of 139
Term Definition
This type of symmetrical (private
SP 800-37
key,) cipher takes a
predetermined number of bits
,(binary digits; 1 or 0,) known as a
block, and encrypts that block
as a whole.
Can act as a stream cipher by
changing the block size to one
bit.
The majority of the encryption
algorithms currently in use are
_______ ciphers.
Strengths:
--Operate on larger blocks of
the message at a time, making
them more versatile than stream
ciphers.
--Can use block modes to
detect and compensate for
errors in implementation.
Weaknesses:
--Resource intensive.
--Prone to errors in the
implementation process.
--Complex to implement.
Works better with messages
whose sizes are fixed or known
in advance, such as files, or
messages whose sizes are
reported in protocol headers.
,Give this one a try later!
True False
Correct definition
Lays out the risk management framework in the following six
steps, which form the basis of many security programs:
1. Categorize: Categorize the system based on the
information it handles and the impact of exposing or losing
such data.
2. Select: Select controls based on the system's
categorization and any extenuating circumstances.
3. Implement: Implement the controls and document the
implementation.
4. Assess: Assess the controls to ensure that they're properly
implemented and performing as expected.
5. Authorize: Authorize or ban the use of the system based
on the risk it faces and the controls implemented to mitigate
that risk.
6. Monitor: Monitor the controls to ensure that they continue
to appropriately mitigate risk.
3 of 139
Term Definition
, OPSEC Process 1. Identification of Critical
Information
2. Analysis of Threats
3. Analysis of Vulnerabilities
4. Assessment of Risks
5. Application of
Countermeasures
Give this one a try later!
True False
4 of 139
Term Definition
Operational Security (OPSEC) A process you use to protect
your information.
Involves not only putting
security measures in place but
also identifying what exactly
you need to protect and what to
protect it against.
Give this one a try later!
True False
5 of 139