Term
|
Definition
| info operations that protect and defend data information systems using the 5 attributes |
|
|
Term
|
Definition
| comprohensive evaluation of the technical and non technical security features of an is |
|
|
Term
|
Definition
| official management decision to operate an IS in a specified enviroment |
|
|
Term
|
Definition
designated approving authority
offical with authority to formally assume responsibility for operating a system at an acceptable level of risk |
|
|
Term
|
Definition
| formal document that fully describes planned security tasks required to meet system requirements |
|
|
Term
|
Definition
authority to operate
formal declaration form daa that info system is approved to operate |
|
|
Term
|
Definition
interim authority to operate
temporary authorization granted by daa or sco to operate in a particular security mode
can operate for up to 180 days and br extended for 180 days more |
|
|
Term
|
Definition
| assurance that information is not disclosed to unauthorized persons |
|
|
Term
|
Definition
| assurance that information is not modified by unauthorized parties or in an unauthorized manner |
|
|
Term
|
Definition
| assurance of timely reliable access to data and information systems by unauthorized access |
|
|
Term
|
Definition
| assurance that the sender of data is provided with proof of delivery and the recipient is provided with proof of the senders identity |
|
|
Term
|
Definition
| assurance of identity of a message sender or receiver |
|
|
Term
reconnaissance
(computer incidents) |
|
Definition
| seeks to gather information used to characterize DOD systems that may be useful in formulating an attack |
|
|
Term
|
Definition
info assurance vulnerability alert
announcement of a high risk computer vulnerability |
|
|
Term
|
Definition
info assurance vulnerability bulletin
announce of medium risk computer vulnerability |
|
|
Term
|
Definition
info assurance vulnerability technical advisory
low risk computer vulnerability |
|
|
Term
|
Definition
comms tasking order
dod wide instruction that promulgates mandatory changes in standing instuctions on how comms are handled |
|
|
Term
difference between vulnerability and threat |
|
Definition
vulnerability is an actual weakness in a system that can be exploited
threat is something that has the potential to become a vulnerability |
|
|
Term
| duties and responsibilities of the IAM |
|
Definition
repsonsible for establishing,implementing and maintaining dod info system ia programs
designated in writing
not a collateral duty
us citizen
hold highest clearance of IS possible
attend DAA training |
|
|
