Hardest Trivia Quiz On Information Systems Security Officer!

50 Questions | Total Attempts: 39

SettingsSettingsSettings
Please wait...
Hardest Trivia Quiz On Information Systems Security Officer!

Below is the Hardest Trivia Quiz on Information Systems Security Officer! One of the major characteristics of information systems is there are a lot of threats it faces. The function of an officer in this position is to establish and maintain a corporate-wide information security management program to ensure that information assets are adequately protected. Take the quiz and see how equipped you are for the role.


Questions and Answers
  • 1. 
     What does the acronym MOU stand for?
    • A. 

      Memorandum of Understanding

    • B. 

      Memory of Understanding

    • C. 

      Memorandum on Understanding

    • D. 

      All of the Above

  • 2. 
     What are the requirements of a mobile processing plan at a Government Site?
    • A. 

      The contractor will provide the applicable government sites with a copy of the approved security plan.

    • B. 

      Prior to shipment, the applicable government activity must concur in writing to accept security oversight for a specific IS.

    • C. 

      An approved Memorandum of Understanding (MOU) must be provided if the DSS accredited system will connect to a government accredited system.

    • D. 

      None of the Above

    • E. 

      All of the Above

  • 3. 
     Shipping a mobile system requires 5 days notice prior to shipping a classified system to/from any off-site facility.
    • A. 

      True

    • B. 

      False

  • 4. 
    Security seals will not be affixed when equipment is relocated to detect tampering.
    • A. 

      True

    • B. 

      False

  • 5. 
     Are Mobile Systems with Interim Approval to Operate (IATO) allowed to relocate to a different facility? If so, who has to grant permission?
    • A. 

      Yes. Defense Security Service (DSS)

    • B. 

      Yes. Regional Designated Approval Authority (RDAA)

    • C. 

      No Mobility without a full ATO

    • D. 

      No. Information System Security Officer (ISSO)

  • 6. 
     A Mobile Processing Plan is required for equipment relocated to an area outside of its primary facility.
    • A. 

      True

    • B. 

      False

  • 7. 
    Why are Trusted Downloads completed?
  • 8. 
    What is Human-Readable Output Review?
  • 9. 
    What are the DSS authorized File Types and Formats for a Trusted Download?
  • 10. 
    Users shall be required to authenticate their identities at logon. This is accomplished by entering their password in conjunction with their user identification prior to the execution of any application or utility on the system. What is this called?
    • A. 

      Password Authentication

    • B. 

      Authentication at Logon

    • C. 

      Unique Identification

    • D. 

      None of the Above

  • 11. 
    Why is it important to introduce yourself to the Program Manager and System Administrator?
    • A. 

      To ensure you know who the point of contact is for that system as well as who to contact when an issue arises on your system.

    • B. 

      Because you’re working relationship with the program and system administrator are essential to the function of the system.

    • C. 

      Allows a face to face meeting with each person to ensure they know who to contact if they have any issues or questions.

    • D. 

      All of the Above

  • 12. 
    Why are DEM 6700 Forms used?
  • 13. 
    Who signs the DEM 6700 forms?
    • A. 

      ISSM/ISSO

    • B. 

      User/System Administrator

    • C. 

      ISSO/System Administrator

    • D. 

      User/Manager

  • 14. 
    Who signs the completed User Briefing Acknowledgement?
  • 15. 
    Who signs an ISSO or AISSO user briefing?
  • 16. 
    Who is responsible for filling out a DEM 6700 Form?
  • 17. 
    Who is responsible for briefing a user and managing an account on a classified system?
    • A. 

      ISSO

    • B. 

      ISSM

    • C. 

      User

    • D. 

      None of the Above

  • 18. 
    Where can you download an SSP from?
    • A. 

      Remedy Database

    • B. 

      Enterprise Product Data Management (EPDM)

    • C. 

      Information Assurance Center of Excellence (IA COE)

    • D. 

      IDE

  • 19. 
    Where are user briefings found?
  • 20. 
    Where are the completed forms sent to be processed?
  • 21. 
    Where are Maintenance Logs located?
  • 22. 
    When are NSCC briefings completed? 
  • 23. 
    What two categories do Mobile Systems fall under?
  • 24. 
    What is the Enterprise Product Data Mangement System?
    • A. 

      It is a newly created program that will be used to implement common processes and tools to manage the product development process.

    • B. 

      It will allow users to work seamlessly on engineering programs

    • C. 

      It will be used to download and upload completed SSPs and profiles for classified systems.

    • D. 

      All of the Above

  • 25. 
    What is the DSS Form Letter 16 used for?
  • 26. 
    What is Media Review?
  • 27. 
    What is a Trusted Download?
  • 28. 
    What is a nomination letter used for?
    • A. 

      Nominate a person for an award

    • B. 

      Nominate someone for an ISSO/AISSO position

    • C. 

      Nominate someone for a promotion

  • 29. 
    What is a DEM 6700 Form?
  • 30. 
    What does SSP stand for?
    • A. 

      Ship Security Plan

    • B. 

      Strategic Systems Program

    • C. 

      System Security Plan

    • D. 

      Site Security Plan

  • 31. 
    What are the requirements of a mobile processing plan at a contractor's site? 
    • A. 

      Identify the system

    • B. 

      List relocation site(s) and type of site

    • C. 

      Identify points of interest for each site

    • D. 

      List how the equipment, dedicated software, and all classified information are to be transported and safeguarded.

    • E. 

      Provide a statement that each person must have adequate physical security safeguards

    • F. 

      Provide a statement that only an appropriately cleared employee of the contractor holding the Accreditation Letter will act as the ISSO for the system while it is relocated.

    • G. 

      Before the accredited IS is relocated, the ISSO must notify the assigned IS Rep of the location(s) to which the IS will be moved.

    • H. 

      The DSS Rep must notify the receiving site when the equipment has been shipped and the method of shipment

    • I. 

      The FSO or ISSM must provide the receiving location with a copy of the SSP and the IS Accreditation Letter.

    • J. 

      DSS retains security cognizance for IS under control of a cleared contractor while it is in transit to or from the facility and/or a government installation.

    • K. 

      When an IS travels a copy of SSP and accreditation letter will accompany it.

  • 32. 
    What are maintenance Logs?
  • 33. 
    Under the new ODAA requirements passwords for a classified system should be at a minimum 12 characters long and will only be valid for no longer than 365 days?
    • A. 

      True

    • B. 

      False

  • 34. 
    There are 5 common Operating Systems used on a classified system?
    • A. 

      True

    • B. 

      False

  • 35. 
    The definition of a hardware list is any piece of equipment that is not associated with that particular classified system and is not marked appropriately?
    • A. 

      True

    • B. 

      False

  • 36. 
    The anti-virus on a classified system are updated on a as needed basis?
    • A. 

      True

    • B. 

      False

  • 37. 
    Privileged users have access to IS control, monitoring or administration functions.
    • A. 

      True

    • B. 

      False

  • 38. 
    Prior to installation, the ISSM or appointed designee must approve all software unless already approved, both new and modifications to previously installed software.
    • A. 

      True

    • B. 

      False

  • 39. 
    Prior to installation on an accredited system, software that is received directly from the vendor and installed into a protected environment does not have to be screened or tested.
    • A. 

      True

    • B. 

      False

  • 40. 
    Passwords shall be protected at a level commensurate with the sensitivity level or classification level and classification category of the information which they allow access?
    • A. 

      True

    • B. 

      False

  • 41. 
    Name of the five common Operating Systems associated with a classified system.
  • 42. 
    In an audit log, the resolution to problems that might have occurred is added to this log. This is done to show the DoD that you have found a potential problem and have rectified any issues.
    • A. 

      True

    • B. 

      False

  • 43. 
    If a user's need-to-know, clearance level, or employment status changes, what steps should be taken to protect your classified systems?
    • A. 

      The user will be terminated from the user list

    • B. 

      Their accounts should be disabled

    • C. 

      All combinations on storage devices will be changed to prevent access

    • D. 

      All of the Above

    • E. 

      None of the Above

  • 44. 
    If a system requests to stay offsite for longer period of time, what three options are available to the ISSM:
    • A. 

      Transfer the system over to the gaining ISSM for accreditation under that location’s cage code.

    • B. 

      Submit a request and justification from the customer concurring with the need to extend the relocation period beyond the 120 days and provide a date when the system or components will be returned or transferred. This may be either a formal letter or e-mail.

    • C. 

      Return the system back to the owning facility.

    • D. 

      All of the Above

  • 45. 
    If a mobile system is connected to a separately accredited system at the remote location it will be treated as an Interconnected LAN.  What is required prior to this connection occurring?
  • 46. 
    How often are user briefings completed?
  • 47. 
    How often are back ups completed on a classified system?
    • A. 

      Weekly

    • B. 

      Monthly

    • C. 

      Yearly

    • D. 

      As needed

  • 48. 
    How often are audits completed?
    • A. 

      Monthly

    • B. 

      Yearly

    • C. 

      Weekly

    • D. 

      All of the Above

  • 49. 
    How long is the Letter 16 valid for?
  • 50. 
    How do you back up audit logs on a classified system?