Cyber Security

Cyber Security What is the Marine Corps order for establishing a Cyber Security Program - ANS MCO 5239.2B Name the primary roles with IA/Cyber Security: - ANS -Authorizing Offical(AO)/Designated Accrediting Authority(DAA) -Commanding Officers & CG's -Certifying Authority Representative(CAR) -ISSM -ISSO What are the three environments that must be considered when performing system hardening? - ANS Computing Environment Network Environment Enclave Environment Name the site where you can locate STIGs - ANS -IASE.DISA.MIL OR -DISA Name a free software patching solution provided by DISA ? - ANS WSUS What is the name of the hardware based network firewall employed by the Marine Corps: - ANS 800 and 1000 FortiNET What kind of IPS does the Marine Corps utilize? - ANS MCAFEE Intrushield What is the primary tool utilized for vulnerability scanning? - ANS ACAS What are the components of ACAS? - ANS -Security Center -Nessus User Interface -Passive Vulnerability Scanner -3D Tool -xTool What product does the DoD utilize as a Host Based Security System? - ANS ePolicy Orchestrator Server What directive mandated the implementation of HBSS? - ANS FRAGO 13 - DOD Implementation of HBSS Name the modules of McAfee ePO: - ANS •Host Intrusion Prevention •Virus Scan Enterprise •Policy Auditor •Asset Baseline Monitor •Device Control Module •Rogue System Detection •Asset Configuration Compliance Module What is the definition of PKI? - ANS A set of hardware, software, people, policies and procedures needed to create, manage, distribute, use, store and revoke digital certificate Explain two factor or dual factor authentication? - ANS Something you have & something you know or CAC + PIN What directive will you follow when reporting incidents? - ANS MC ECSD001 What directive will you follow for vulnerability management? - ANS MC ECSD020 Understand the differences between signature and anomaly. - ANS Signature Based - Signature-Based IDS use a rule set to identify intrusions by watching for patterns of events specific to known and documented attacks. It is typically connected to a large database which houses attack signatures. Anomaly-Based IDS examines ongoing traffic, activity, transactions and behavior in order to identify intrusions by detecting anomalies. Requires an established baseline of normal behavior. Different ways to implement STIGs(Hardening) - ANS -GPO -Manually -STIG Viewer Which HBSS module is used to gather info and events and sends it to EPO server.(HBSS) - ANS ePolicy Orchestrator Lowest level of the training Continuum? - ANS Awareness