I Hate CBT's

View Original

JKO Establishing a Cyber Defense Information Sharing Framework

Select all true statements about taxonomies used for Cyber Situational Awareness.

Used for information preparation

Needed by collaborating organizations to understand and use information consistently and coherently across the community.

The classification according to a pre-determined system, resulting in a catalogue used to provide a framework for sharing information.

Choose the correct definition for the Cyber SA activity "planned changes."

A forecast and status of any changes or modifications being implemented that helps to avoid them being confused as incidents.

Choose all that apply. Functions that use, manage and generate Cyber SA include:

Information management

Incident Management

Coordination and communication

Intelligence

Decision Making, including legal and policy advisors

Using the architectural view of the Information Sharing Model, which includes (from top down) Process, Information, Application, Data, and Infrastructure, choose the minimum level required for collaboration between two entities.

Data

Unlike the current bottom-up structure of cyber defense organizations, MNE 7's approach to cyber defense is top-down, interconnecting and aligning existing organizations.

True

Multinational Experimentation (MNE) 7 defined Cyber SA as:

The human perception of the elements of cyberspace within an operational and business context, the comprehension of their meaning, and a projection of their status in the near future.

Risk posed by social networking on the Internet have enabled new __________.

Social engineering threats.

True or false. The growing number of internal and external attacks on cyber infrastructure has become one of the most serious economic and national security threats worldwide.

True

From the choices below, choose the two strategic threats of concern in protecting cyberspace.

Deliberate or inadvertent disruption of cyber services and infrastructure.

Data exfiltration.

A system operator incident report should include:

Impact of the incident.

Actions Taken to handle the incident.

Methodology used by the attacker.

Source and target description.

Incident report creator.

Source of each incident report component.

Source and target name.

Information preparation is accomplished through all but which of the following:

Perception building.

What best describes an agreement made between two or more collaborating organizations which describe verification and compliance methodologies?

Information Sharing Agreement.

Type of information, taxonomy, source and availability, roles, and classification are __________.

Key actions for information management.

The relationships between Hubs, Nodes and tactical cyber organizations are __________.

Interconnected.