CDC Volume 5
Terms
undefined, object
copy deck
- What level of network management activity are you working at when, as the network manager, you are monitoring and troubleshooting components to eliminate the side-effect alarms and isolate problems to a root cause?
- Interactive
- What is the first question \"network experts\" ask when they begin to troubleshoot a network problem?
- Where is the network map?
- Who must approve all information protection tools prior to their use?
- HQ USAF
- In what Windows NT System directory is the profiles directory located?
- WINNT_ROOT
- What diagnostic command shows if it connected to the distant end?
- Ping
- When accessing devices through the Network Management System, what community string gives you the ability to change the device settings?
- set
- What type of firewall generates audit trails of all network-related activity for monitoring and intrusion detection purposes?
- Bastion host
- What SNMP node is responsible for monitoring, collecting and reporting management data to the management system?
- Agent
- What action identifies options for minimizing the effects of detected or predicted faults?
- Fault correction
- What is required for Windows NT to run on most systems
- BOOT.INI and NTDETECT.COM.
- What are three classic ways to authenticate oneself?
- Something you know, have, or something you are.
- What software program protects classified data by erasing it from the disk so that it is unrecoverable?
- WIPEINFO
- What do you do after you gather all the facts about a network problem?
- Consider the possibilities
- What is at the very core of the Barrier Reef process?
- Base network security policy.
- What guides the creation of a new user account on a base network?
- Base operating instructions.
- What protocol enables virtual private networks to exist over the Internet?
- Point-to-Point Tunneling Protocol (PPTP
- What network protocol is typically used in small local area network (LAN) implementations of 50 nodes or less
- NetBIOS Extended User Interface (NetBEUI)
- What do we call frames that consist of garbled bits of data that are transmitted continuously on the network?
- jabbers
- Recertification/Accreditation on systems with no changes to the baseline are accomplished at a maximum of
- 36 months.
- Who is the IAVA process manager?
- DISA.
- What automatically runs in the background when the protocol analyzer application is activated?
- Node discovery.
- What type of user profile is specified within the User Manager for Domains environment profile settings and is downloaded from the server every time the user logs in?
- Roaming profiles
- What usually has the most significance when determining the amount of space and access time user are given on a file server?
- Job position only
- When a trigger point in HP Open View is reached, what is generated?
- Event.
- What network architecture has a network management platform on one computer system at a location that is responsible for all network management duties?
- Centralized.
- What is the classification of sanitized storage media unless prohibited by other policies?
- Unclassified.
- What is used to verify the level of availability an individual has to the resource
- Access control lists.
- What is the round-trip delay for each node usually indicated in?
- Milliseconds.
- hat type of network server is dedicated to an intensive application or database
- Member servers
- What network policy is a combination of user and computer settings that control a user\'s working environment?
- System policies
- What network devices act as electronic \"gate guards,\" inspecting traffic and allowing only authorized traffic to enter the base local area network?
- Proxy servers and firewalls.
- Within the 3 tiers of the DoD CERT, what is generated when new vulnerabilities exist but are generally categorized as low risk?
- DCTA
- What is the first logical step in network troubleshooting?
- Define the main problem.
- Within the 3 tiers of the DoD CERT, what tier addresses new vulnerabilities that do not pose an immediate threat to DoD systems, but are significant enough that noncompliance with the corrective action could escalate the threat
- IAVB.
- During the initial logon, what type of profile does the Windows NT server operating system use to create the local profile for that machine
- Default profiles
- An administrator would normally allocate more file space to users maintaining
- databases
- What is one of the greatest downfalls of personnel who must work together to troubleshoot a network problem?
- Failure to accurately observe and thoroughly document the results of their individual efforts
- What IP address is used to Ping a computer\'s own NIC?
- 127.0.0.1.
- How many seconds is the default time set to for the BOOT.INI file to wait before loading the default operating system?
- 30.
- After the system completes the Power-on self-test, what happens next?
- The Master Boot Record is loaded and executed
- Areas of consideration for network planning include the
- licensing mode
- A feature of networking that enables individuals to designate resources they want other users to be able to access through the network we call
- sharing.
- What alarm browser category indicates if an alarm is related to other alarms?
- Cor.
- What diagnostics test is usually run on an NIC to ensure it is functional?
- Loopback.
- What standard is utilized by the DMS for messaging services?
- X.400
- What area of the simple network management protocol (SNMP) tree structure is reserved for vendors-related label and leaf objects associated with specific manufactured equipment?
- Private
- What network architecture uses multiple systems for network management, with one system acting as a central server and the others working as clients?
- Hierarchical
- In the event that the PDC is no longer functioning, what action is taken to make the BDC take over the responsibility
- The BDC is promoted to the PDC position
- What do we call the core set of software instructions contained in operating systems on which the higher-level functions are based?
- System Kernal.
- What provides information concerning the bandwidth utilization and the number of connections that are related to specific nodes?
- Connection statistics.
- In what step of the Barrier Reef process do you map your network topology (both the physical and the logical)?
- Know thyself
- What type of network problem(s) is caused by collisions on the domain?
- High utilization or jabbers
- Which function of performance management tracks historical data by tracking activities on the network?
- Monitoring
- The simplest and least expensive way to stop inappropriate network addresses we call
- packet filtering.
- What do we define as the capabilities, intentions, and attack methods of adversaries to exploit, or any circumstance or event with the potential to cause harm to information or an information system?
- Threat.
- What network protocol is used for network connection to Hewlett Packard network printers
- Data Link Control (DLC) Protocol
- What diagnostics command is used exclusively on Windows NT machines?
- Ipconfg
- What are the most common, immediate, and service-affecting types of faults?
- Devices that have lost power and broken network connections.
- What is one of the most important parts of security in DMS?
- Fortezza card
- What is the correct makeup of an Air Force network password
- Upper and lowercase letters, numbers and special characters
- In what step of the Barrier Reef process do you start a Base Network Steering Group?
- Determine requirements
- What are the two basic ways network faults can be detected?
- Reactively and proactively
- What is a measure used to verify the eligibility of a subject and the ability of the subject to access certain information?
- Authentication.
- Why do you troubleshoot only one possibility of a problem at a time?
- Isolate a definite cause if the action fixes the problem
- What type of firewall consists of a screening router and a set of rules that accept or reject a message based on information in the message\'s header (a packet): the source address, the destination address, and the port?
- Packet filtering.
- What policies allow administrators to control security settings for user accounts?
- Account policies
- What is the preferred method of sanitizing magnetic tapes?
- Degaussing.
- What operational SNMP message is used to modify the value of one or more instances of management information?
- Set
- What type of TCNO requires immediate attention from all agencies and identifies vulnerabilities being actively used to gain unauthorized access to DoD systems?
- Emergency.
- How many bytes does the minimum packet size for the IP protocol contain
- 28
- When bits are missing in one or more octets in a frame, what type of error occurs?
- Alignment.
- We can break performance management into what two separate functional categories?
- Monitoring and tuning
- In the Windows NT server operating system, what function controls features such as desktop colors and settings, program group, start menu settings, and network connections?
- User profiles
- When a volume is formatted with NTFS, what group is automatically assigned full control permission to the volume?
- When a volume is formatted with NTFS, what group is automatically assigned full control permission to the volume?
- Ideally, the average network utilization value should be less than
- 30 percent
- Within the 3 tiers of the DoD CERT, what tier documents are new vulnerability that poses an immediate, potentially severe threat to DoD systems
- IAVA.
- What form do we use to annotate storage media has been sanitized?
- Standard Form 711.
- Over 60 percent of all network problems occur at what layers of the OSI reference model?
- Data link and physical.
- What network function identifies the security events that administrators may want to track on a server?
- Audit policies
- Who is responsible for disseminating computer threat advisories in the form of TCNOs to Air Force units worldwide?
- AFCERT.
- What is the only approved method for sanitizing magnetic media?
- Degaussing.
- What function checks for damaged frames by recalculating the 32-bit Cyclic Redundancy Check of the received frame and comparing it to the received 32-bit Cyclic Redundancy Check in the Frame Check Sequence field?
- Media access control frame.
- What troubleshooting device physically connects the transmit pins to the receive pins to test a network device?
- Loopback plug
- What is the last step in file management?
- Archiving files.
- What phase of the DoD Information Technology Security Certification & Accreditation Process process gathers data about the system to analyze?
- Definition
- What are network attacks that bypass the firewall?
- Tunneling and application-based attacks.
- When a new folder or file is created on an NTFS partition, what permissions are automatically assigned?
- Inherited permissions of the folder in which it\'s contained
- What is a web-based process that incorporates identification and evaluation of new vulnerabilities disseminates technical responses and tracks compliance within the DoD community?
- IAVA.
- What operational SNMP message is used to retrieve multiple pieces of information with minimal overhead?
- GetNext
- What type of group has a wide set of predetermined functions plus rights and permissions already assigned to support those functions?
- Built-in groups
- What operational SNMP message is an unsolicited message from an agent to the manager?
- Trap
- What is the process of analyzing threats against and vulnerabilities of an information system?
- Risk analysis
- What is one way to increase file server efficiency?
- Reducing the hours of use of less important users
- What types of statistics does the HP Open View interface traffic graph display?
- Packets and errors transmitted and received
- What color does the Network Management System display when a network object may face A potential problem?
- cyan
- What provides information concerning the network utilization and frame errors that are related to a specific protocol?
- Protocol statistics
- What Windows NT line command is used to manually collect interface statistics on a particular network node?
- netstat.
- What reports errors that occur at the physical layer such as bad FCS, short frames, and jabbers?
- MAC node statistics
- Gathering information about current network device settings is a step of what functional network management area?
- Configuration management
- Most bases require a network password to be at least how many characters long?
- 8
- What is the first function that initiates when a machine is turned on?
- Power-on self test
- What is one of the most common types of hardware devices used for network troubleshooting?
- Loopback plug.
- What device provides a capability for digital network diagnostics and developing communications software?
- Protocol analyzer.
- What protocol\'s primary use is to obtain connectivity to the large base of Novell NetWare clients
- Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX)
- What action represents one of the greatest vulnerabilities to internal networks?
- Network-connected desktop systems with modems that make calls to and accept calls from the public-switched network
- What standard is utilized by the DMS for directory services?
- X.500.
- What network device performs rigorous examinations of systems to identify weaknesses that might allow security violations?
- Vulnerability scanners
- What is defined as a bundle of application software designed to significantly improve network efficiency and productivity?
- Network management server
- What action does an administrator accomplish to create a new network policy?
- Saves the changes to a default policy under a different name
- What diagnostics command is used exclusively on Windows machines?
- winipcfg.
- Where are global group profiles maintained?
- Primary domain controller
- What Unix line command is used to manually collect interface statistics on a particular network node?
- rNetstat
- What type of network errors do jabbers usually cause?
- High utilization and collisions
- Network management protocols are designed (in most cases) to reside above what layer of the OSI model?
- Session
- You can find the round-trip delay between a source and target node by using the utilities
- Ping and Trace.
- What is a hierarchical, structured format that defines the network management information available from network devices?
- Management Information Base
- What is an indication that a noteworthy event has occurred on the network
- Alarm.
- How many different categories of information does the performance monitor provide you about your network?
- 21.
- What color does the Network Management System display when a network object is not functioning?
- Red
- Why is a user required to change their password upon logging onto the network for the first time?
- To ensure the integrity of their unique password