This site is 100% ad supported. Please add an exception to adblock for this site.

URE's Vol2 2

Start Studying!

Terms

undefined, object
copy deck
What establishes a person’s right to access and need to know classified information?
An access list.
What is the preferred method for listing material on the AFCOMSEC Form 16?
Alphabetically by short title.
AFCOMSEC Forms 16 COMSEC inventories are retained for the current inventory plus
6 months.
The individual who is required to use and safeguard COMSEC aids in the performance of
official duties is the COMSEC
manager.
The term used when referring to specific COMSEC material (other than equipment) is
COMSEC
aids.
The listing of your accounts holdings that helps you verify which COMSEC responsibility
officer (CRO) requires particular aids is the
account database.
What agency is responsible for shipping most COMSEC aids to the base COMSEC
accounts?
Cryptologic Systems Group (CSGP).
Where does the next unused voucher number come from that is used on transfer reports?
AFCOMSEC Form 14.
In what folder of the COMSEC account 6-part folder is the account copy of the Standard
Form 153 transfer report filed?
1.
Which phase is not involved in issuing COMSEC material?
Protection.
In which phase does the COMSEC manager determine which materials the COMSEC
responsibility officers need?
Preparation.
In which phase does the COMSEC responsibility officer check the material issued against
the list on the SF 153?
Preparation.
What should each COMSEC responsibility officer do prior to signing the COMSEC hand
receipt?
Ensure the required COMSEC material is listed on the SF 153 and ready for issue.
Where are original SF 153 hand-receipts maintained?
COMSEC manager’s replica of the CRO’s 6-part folder.
What term suggests movement of material from one place to another by someone with an
active interest in that material?
Transport.
You do not get approval to ship or transfer COMSEC material from the
MAJCOM.
What is the maximum number of different actions that can be accomplished on a single SF 153?
1.
On the SF–153 is the transfer voucher number is placed in block number
4.
Within how many days after you ship COMSEC materials, should you expect to receive a
transfer report from an addressee?
30.
When a transfer report for COMSEC materials is received from the addressee, where is the
form filed?
In folder 1 of the COMSEC account 6-part folder.
What is the most overlooked area of COMSEC material protection procedures?
Proper and timely destruction of used material.
What form is commonly used as a destruction certificate of COMSEC material?
SF 153.
What block on the Standard Form 153 is marked with “destruction”?
3.
What is used as a segment disposition record of accessed and destroyed multiple keytape?
AFCOMSEC Form 22.
For destruction purposes, what is the most sensitive keying material?
Superseded keying material.
In which folder of the COMSEC account 6-part folder are destruction certificates filed?
6.
Whenever COMSEC material needs to be replaced or amended immediately, who develops
the original messages for COMSEC accounts by urgent electronic message?
Cryptologic Systems Group (CSGP).
Who is ultimately responsible for disseminating information affecting COMSEC material
issued is the user holding the material?
OMSEC manager.
If it is physically impossible to conduct an inventory of a user because of distance, the
COMSEC manager
asks the user to verify his or her holding by letter or message.
What security classification is marked on the COMSEC account semiannual inventory?
UNCLASSIFIED For Official Use Only.
After completing the COMSEC inventory, where does the original copy of the voucher goes
to the
Cryptologic Systems Group (CSGP).
What are COMSEC incidents generally classified until receiving guidance from higher
agencies?
Confidential.
What is defined as a procedure that has the potential to jeopardize the security of COMSEC
material?
Incident.
Which type of COMSEC incident includes the recovery by salvage that can potentially
jeopardize COMSEC material?
Physical.
After a suspected COMSEC incident, what is one of the commander’s primary
responsibilities is to
appoint an investigating officer.
Within how many days after filing the initial report are interim reports submitted?
30 days.
Who issues a COMSEC incident a case number and determines when to close the case?
Air Force Communications Agency (AFCA).
Who is responsible for preparing the emergency action plan for the protection, security, or
destruction of COMSEC material in case of an emergency?
COMSEC manager.
Who is ultimately responsible for all Emergency Actions Plans on base?
COMSEC manager.
To conduct an inspection, COMSEC managers (CM) use the Air Force Form
4160.
What is the maximum time between Emergency Action Plan exercises at COMSEC
responsibility officers’ accounts?
6 months.
Look on the back of the AFCOMSEC Form 16 during an inspection of an account to
ensure all account personnel have initialed the AFCOMSEC Form 16.
When the COMSEC manager watches a user perform an inventory, the manager can tell
the kind of user training being conducted.
AFI 33–211, COMSEC Users Handbook, directs the COMSEC responsibility officer to
answer write-ups found during an inspection within what time period until the write-up is
cleared?
60 days.
When can a lone person transport Top Secret keying material?
When he or she has the proper clearance and be enrolled in the Cryptographic Access Program,
and the material is in a National Security Agency approved container.
Who is the final approval authority for a person going into two-person control positions?
The COMSEC manager of a unit holding two-person control material.
In the Public Key Infrastructure, who verifies user requests for digital certificates?
Certification authority.
Who issues and manages security certificates and public keys for message encryption and
decryption in Public Key Infrastructure?
ertification authority.
Which one does Public Key Infrastructure not support?
Software virus protection.
Judicious deployment of a single, unifying Public Key Infrastructure technology can help to
reduce the number of sign-on events required by end-users.
The shared secret information specifying exactly how the transformation of a message to
and from gibberish is to be accomplished is called a
cipher.
The transformation of gibberish back to the original text in a message is called
decryption.
The original message, after to being changed to gibberish called
cipher-text.
n what type of key cryptography are keys so different, that it would be possible to publicize
one without danger of anyone being able to derive or compute the other?
Asymetric cypher.
What type of method allows one of the keys in the pair to be revealed publicly without
endangering the other key?
Public-key cryptography.
In what technology is security based on the fact that it is computationally infeasible for
anyone other than the key pair creator to derive the private key from knowledge of the public
key?
Classified-key cryptography.
To create a digital signature, the private-key cryptography operation requires
an arbitrary-size input and computes a fixed-size output.
A cryptography hash is used to take
an arbitrary input and change it to a fixed input.
In public/key cryptography, key establishment can occur by key
security verification or key acknowledgement.
What algorithm was designed exclusively for signing/verification and data integrity?
Digital Signature Algorithm (DSA).
What algorithm is exclusively a key establishment protocol?
Diffie and Hellman (DH).
The Secure Hash Algorithm (SHA–1) was designed specifically for use with what other
algorithm?
Digital Signature Algorithm (DSA).
All DOD certificate management infrastructures (CMI) have the ability to generate, sign,
and process certificates that contain a
X.500 Distinguished Name (DN).
In all cases where the user generates keys, the user is required to prove possession of
the private key, that corresponds to the public key in the request.
Which class of certification establishes an identity through an association with a service,
agency, or other component of the DOD?
2.
Which class of certification requires the user to personally appear before a certificate
management authority (CMA), or an agent approved by a CMA, and present an official photo ID,
such as a military ID card?
3.
Which class of certification requires the user to personally appear before a Certificate
Management Authority (CMA), and present two forms of identification or credentials?
4.
What must be in place for users to locate the certificates needed to communicate securely?
Certificate repository.
When a given user has multiple “old” certificates and at least one “current” certificate, the
user has a key
history.
What certifies access to the user Personal Computer Memory Card International
Association (PCMCIA) FORTEZZA card?
Personal Identification Number (PIN).
What is used for the generation, management, and distribution of keying material, including
the programming of FORTEZZA cards?
Certification authority workstation (CAW).
Start Studying!

Deck Info

71

permalink