Upgrade to remove ads
IOIC Phase IV
Terms in this set (215)
Warfare, decision superiority
____________ in the Information Age and its resultant goal of ____________ have led to a growing reliance on organization and control of information processes, new/enhanced skill sets, rapid development and fielding of new technologies both in existing and new military fields, and their use to confer an operational advantage on commanders of our forces.
Copper Twisted Wire
A form of wiring in which two conductors (two halves of a single circuit) are wound together for the purposes of canceling out Electromagnetic Interference (EMI). Primary wire type for telephone usage and is very common for computer networking.
Made up of super-thin filaments of glass or other transparent materials that can carry beams of light. Used for telephone backbone architecture and as the long-distance connection between city phone systems. One end is a transmitter using Light-Emitting Diode (LED) or an Injection-Laser Diode (ILD) generating light pulses
Single Mode Fiber
Is used in many applications where data is sent at multi-frequency Wave-division-multiplexing (WDM) so only one cable is needed. Provides better performance at a higher cost. Higher transmission rate and up to a distance of 50 times farther than multimode.
Slightly larger diameter than single mode. Similar performance to glass cable at very short runs, but at lower cost. Multi-mode offers high bandwidth at high speeds over medium distances.
Electromagnetic (EM) spectrum
The entire range of wavelengths ot frequencies of EM radiation extending from gamma rays to the longest radio waves, including visible light.
The band of frequencies designated by upper and lower frequency limits and specified for use under specific conditions.
The specification of the frequencies or frequency band that authorizes a broadcaster to operate on within the EM spectrum.
one way communication
transmits and receives in both directions, but not at the same time.
two directions at the same time.
combinations of two or more information channels onto a common transmission medium.
voice and data carried over same twisted copper cable.
voice and data to be digitally transmitted, Beaer (B) channels, Data (D) channels.
Transmitting Digital Signals (DS)
a system of classifying digital circuits according to the rate and format of the signal.
Synchronous Optical Network (SONET)
optical telecommunications standard for carrying many signals of different capacities through a synchronous flexible optical hierarchy.
Desktop or laptop computers that are on a network
Provide access to services that enable workstations to benefit from being on a network
Devices that connect one node on a network to many nodes
Provide central place for multiple connections
Direct traffic from network to network according to the destination IP address
Perform the job of filtering traffic entering and leaving a network
INTRUSION DETECTION SYSTEM (IDS)
Device that attempts to identify when a hacker has broken into your network based on predefined rules or signatures
Parts of the network that connect components together
An Operating System is a software program that controls the operation of a computer. It's role is to manage computer hardware, run apps, serve as an interface between a computer and user, and allocate computer resources to various functions
standard methods of information transfer and processing.
Domain Name Service (DNS)
translates IP addresses to names, and names to addresses
Dynamic Host Configuration Protocol (DHCP)
issues IP addresses to nodes on a network
Transmission Control Protocol (TCP)
set of rules used along with the Internet Protocol (IP) to send data in the form of message units between computers over the Internet
User Datagram Protocol (UDP)
Similar to TCP, but it is a stateless or connectionless protocol. It does not establish or maintain a connection between nodes.
Hyper Text Transfer Protocol (HTTP)
responsible for linking web pages. HTTP uses port 80
Denial of Service (DoS) attack
a generic term to describe an attempt to make a computer resource unavailable to intended users.
a simple DoS attack where the attacker overwhelms the victim with "ping" packets. Ping Floods will succeed only if the victim has limited bandwidth.
Smurf attacks generate and direct significant computer network traffic to a victim network in an attempt to flood a target system via spoofed broadcast ping messages.
attempts to manipulate people into divulging confidential information or performing actions that compromise their information systems.
a process that attempts to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity.
a program that attempts to copy itself to a computer without owner permission or knowledge. Requires some type of user interaction to activate the program and almost always corrupts files on the targeted computer.
a self-replicating computer program. Uses a network to send copies of itself to other network nodes without any user intervention.
Designed to allow a hacker remote access to a target computer. Once installed, the hacker has remote access to perform operations.
a software program or combination of several programs designed to hide or obscure the fact that a system has been compromised. They often modify parts of the operating system or install themselves as drivers or kernel modules.
a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them. The targets believe they are talking directly to each other over a private connection, when in fact, the entire conversation is controlled by the attacker.
Domain Name System (DNS) Cache Poisoning
a malicious attack providing erroneous data to a caching DNS server which did not come from a trustworthy DNS source. The result of this attack is a redirect away from the legitimate web site.
To damage a system or entity so badly that it cannot perform any function or be restored to a usable condition without being entirely rebuilt.
To break or interrupt the flow of information.
To reduce the effectiveness or efficiency of adversary's C2 or communications systems, and information collection efforts or means.
To prevent the adversary from accessing and using critical information critical information systems and services.
To cause a person to believe what is not true.
To gain access to adversary C2 systems to collect information or to plant false or misleading information.
To cause others to behave in a manner favorable to US forces.
To take action to guard against espionage or capture of sensitive equipment and information.
To discover or discern the existence, presence, or fact of an intrusion into information systems.
To bring information and information systems back to their original state.
Authentication of individuals Is by username and password combination. For systems that require usernames and password logins, the key is to balance security with convenience.
Public Key Infrastructure
framework issues certificates through the use of a private-public digital key pair and support a digital signature and encryption process. The private-public key pair consists of two simultaneously generated keys using an irreversible mathematical process.
Common Access Card
is the standard identification card for eligible DoD members. It's the size of a credit card, contains an integrated circuit chip, a magnetic strip, two bar codes, a computerized photo, and is considered a "smart card".
Public Key cryptography
Designed to allow two people to communication privately so that outsiders can't listen or interfere. No support is needed if the two people meet so that they may exchange encryption data (their keys) in confidence.
Virtual Private Network (VPN)
A network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with secure access to organizational network.
The simultaneous encryption of all channels of a multichannel telecommunications trunk.
DoD Unclassified network.
SECRET/US only network: Communications backbone for passing secret tactical and operational information.
Top Secret/SCI/NOFORN network. Offers military and intelligence community a wide range of capabilities.
Multi-National worldwide virtual network with intelligence products, apps, and services available at the Top Secret/Four-Eyes level.
Top Secret/Five-eyes network for world wide classified and unclassified requirements. Tightly controlled, limited access, and requires polygraph for user access
Secure Telephone Equipment (STE)
a telephone that utilizes a fortezza card to encrypt voice communications over a standard telephone line. It converts analog voice signals to digital voice signals and encrypts the data before transmission. The level of classification can go up to TS/SCI if both parties posses a TS/SCI fortezza card.
Defense Red Switch Network (DRSN)
uses the Defense Information System Network (DISN) to provide global secure voice services to the President, Secretary of Defense, Joint Chiefs of Staff, combatant commanders and selected agencies with command and control secure voice and voice-conferencing capabilities up to the TS/SCI level.
VOSIP (Voice Over Secure IP)
uses the DISN to provide Secret only Voice over Secure IP (VoSIP) as an adjunct to the DRSN for users that do not require the full command and control and conferencing capabilities of the DRSN and need simple Secret level phone service. This service requires Secret IP Router network (SIPRNet) service as transport.
NSTS (National Secure Telephone System)
provides TOP SECRET voice services over the NSANet infrastructure. Newer NSTS phones are connected by fiber optic modems to a fiber backplane that interfaces with the NSANet service delivery point router. The voice traffic is then bulk encrypted with data traffic utilizing an encryption device.
a building in which the phone lines in a home or office terminate to the PSTN. Houses local exchange carriers, control devices, and switching equipment that makes telephone calls work.
- CLASS 5 SWITCH
Also called end office (EO) switch, connects directly to the customer. Also called TIME DIVISION MULTIPLEXING (TDM) switch. The EO switch is a computer that is specialized for TDM based, circuit switched phone calls. Handles services such as basic dial tone, call forwarding, call waiting, and additional digital data services to customers using local loop
CLASS 4 SWITCH
Also called tandem switch, is a telephone CO switch linking telecoms end offices together and typically does not connect to the customer directly. Also called TDM switches because like and end office switch, it is a computer that is specialized for TDM-based, circuit switched phone calls.
PRIVATE BRANCH EXCHANGE (PBX)
A telephone system within an organization that switches between users on local lines while allowing all users to share a certain number of external phone lines. The main purpose is to save the cost of requiring a line for each user to the telephone company's CO.
MAN-MACHINE INTERFACE (MMI)
A computer interface that maintenance personnel use to access the switch database tables, can connect via a direct physical serial or IP connection, remotely over and IP network, or remotely via dial up modem connection.
Common Channel Signaling Seven (CCS7)
The primary protocol used in telephone networks is _____________
Identify the key signaling components of a telephone network
Common Channel Signaling Seven (CCS7), Service Switching Point, Signaling Transfer Point (STP), Service Control Point (SCP)
The process of scanning a large set of phone numbers within an organization to pin point unauthorized or unsecure modems.
Caller ID spoofing
Use the software Private Branch Exchange (PBX) with a connection into the public telephone system to display fraudulent caller information.
Dual Tone Multi-Frequency (DTMF) Manipulation
Targeted to guess passwords, access voice mail, and other voice systems.
Unauthorized Remote Access to Switches
Users often set up their own personal remote access. The reasons for this breach of security vary, but include a simple lack of awareness of the RAS, a real or perceived instability of the RAS, and a desire to work outside the monitoring of the VPN or RAS.
Unauthorized or Unsecured Modems
Activating an unauthorized modem on an Information Technology server, critical system or on his desktop PC.
Unauthorized access to the CCS7 network components
The ability to introduce CCS7 attack messages appearing to be from a trusted system.
Telecomm networks are in the process of converging with IP networks. They inherit all of the threats, vulnerabilities, and risks associated with data networks such as alware, phishing emails, man-in-the-middle attacks, media access spoofing, and DOS attacks.
Non-secure of unescorted person accessing telecomm systems to tamper, reconfigure, damage, and destroy network elements to include long haul mediums.
Identify NWOps effects against telephone networks
Loss of critical information, Registration Hijacking, Message Tampering, Proxy Impersonation, Un-patched systems, Un-encrypted media, Traditional IP Vulnerabilities
IDENTIFY KEY COMPONENTS OF VoIP NETWORKS
IP PHONES, REGISTRATION SERVER, PROXY SERVER, REDIRECT SERVER, CALL SERVER, MEDIA GATEWAYS
Session Initiation Protocol (SIP)
a call setup protocol and is the most commonly used open protocol; lightweight, relatively easy to understand, and text-based
VoIP Media Protocols
Real-time Transport Protocol (RTP) is the single protocol used (almost exclusively) for the transfer of VoIP conversations. RTP rides on top of UDP.
ID VULNERABILITIES ASSOCIATED WITH VoIP Networks
Loss of critical information, Registration Hijacking, Message Tampering, Proxy Impersonation, Un-patched systems, Un-encrypted media, Traditional IP Vulnerabilities (ie Dos, malware, MAC addresses spoofing, etc.)
ID Network Warfare Operations effects against VoIP networks
1.Toll Fraud, unauthorized subscriber calling 2.Misrouted, blocked or tracked calls 3. PSTN denial of service attack
Time Division multiple Access
uses many blocks of the spectrum is 800MHz and 1900MHz. TDMA's method of digital wireless communications transmissions allows a large number of users to access a single radio-frequency channel without interference. Each user is given a unique time slot within each channel.
Code Division Multiple Access
a digital air interface standard and employs a commercial adaptation of military spread-spectrum single-sideband technology. Because users are isolated by code and bot time, they can share the same carrier frequency, eliminating the frequency reuse problem.
Personal Communication Services
at 1900MHz is the north American version of Global System for Mobile communications (GSM) at 1800MHz.
Short Message Service
when a subscriber sends or receives a short string of text using a signaling channel. Text messaging is also extremely popular with the telecommunications industry.
Second Generation (2G)
utilizes various digital protocols including GSM, CDMA, and TDMA.
an interim step building up to third generation involving overlay of higher capacity data transmission capability.
a new wireless standard promising increased capacity and high-speed data applications up to two megabits. Third generation wireless networks employ wideband frequency carriers and CDMA air interface. Networks must be able to transmit wireless data at 144 kilobits per second at mobile user speeds.
system may upgrade existing communication networks and is expected to provide a comprehensive and secure Internet protocol (IP) based solution where facilities such as voice, data, and streamed multimedia will be provided to users on an "Anytime, Anywhere" basis. Sending a normal data rate of 100Mbit/s while the client physically moves at high speeds relative to the station and 1 Gbit/s while client and station are in relatively fixed positions.
Fixed Wireless Access
radio-based local exchange service in which telephone services is provided by common carriers, also known as wireless local loop (WLL). It is primarily a rural application reducing the cost of conventional wireless.
Base transceiver station (BTS)
Handles the radio interface. The BTS connects to the Base Station Controller using the Abis interface.
Base station controller (BSC)
Controls a set of BTSs. Provides cellular specific functions such as handover power control, radio signal management functions for the base transceiver stations, managing functions such as frequency assignment and handoff.
Mobile Switching Center
A switching system used for mobile communication networks.
Home Location Register
Central database for a cellular network to store subscription information of users.
Visitor location register
Contains subscriber information needed in servicing a roaming mobile subscriber in a visited network.
Smart phone Operating System
Manages the hardware and software resources of smartphones.
ID cellular networks security vulnerabilities
1. Monitoring of conversations while using phone. 2.Turned into a microphone to monitor comms in the vicinity of phone while phone is inactive 3."cloning" or the use of your phone number by others to make calls that are charged to your account 4.Smartphones: additional vulnerabilities due to the underlying operating system and available use of the internet.
Possible Effects of Network Warfare Operations against Cellular Networks
a. Compromise and/or loss of mission critical data through exploits, eavesdropping or direct access attacks -b. Detrimental impacts to Command and Control networks -c. Toll Fraud, unauthorized subscriber calling -d. Installation of back door into system -e. Misrouted, blocked or trapped calls -f. Loss of critical information -g. Denial of service attack
Some of the effects on a _____ network are due to the increased vulnerabilities and attack vectors associated with Internet Protocol and Public Switched Telephone Network.
Hosts the DCS or Programmable Logic Controller (PLC) supervisory control software that is designed to communicate with lower-level control devices
SCADA SERVER aka MASTER TERMINAL UNIT
Master or heart of an IC system and typically located at the operator's central control facility.
REMOTE TERMINAL UNIT
Gathers data from field devices in memory until the MTU initiates a send command or request.
PROGRAMMABLE LOGIC CONTROLLER
A solid state control system that has a user-programmable memory for storing instructions for the purpose of implementing specific functions such as input/output control, logic, timing, counting, three mode control, communication, arithmetic, and data and file processing
INTELLIGENT ELECTRONIC DEVICES
A "smart" sensor/actuator containing the intelligence required to acquire data, communicate to other devices, and perform local processing and control
Software and hardware that allows operators to monitor the state of a process under control, modify control setting to change the control obj, and manually override automatic control operations in the event of an emergency
A centralized database supporting data analysis using statistical process control techniques
ICS vulnerabilities spring from what three key principles?
convergence, trust, and interdependencies.
Legacy ICS networks are in the process of converging with Information Technology networks just as with Telephony networks, all the vulnerabilities associated with IT networks are present.
a command issued from one device from another will be automatically executed.
exploiting a vulnerability in one sector can generate an effect in another.
Specific ICS vulnerabilities fall into what three general categories?
Policy and Procedure, Platform, and Network
Policy and Procedure
Most easily targeted and exploited.
Flaws, misconfiguration, or poor maintenance of Hardware, Operating System, or ICS applications
Flaws, misconfiguration, or poor maintenance of ICS Networks and their connections
What are the critical nodes within an Electric Power Grid?
1.Power Generation Facilities 2.Transmission Facilities (substation) 3.Transmission Lines 4.Distribution Facilities (substation) 5.Power Control Center
What are the NW Ops effects against Industrial Control Systems?
•Loss of information •Loss of SA •Disabling/Destruction of ICS equipment •Loss of control over the system •Installation of a backdoor for future use •Disruption of critical infrastructure delivery
mission equipment and (COMSEC) encryption and decryption
Multiplexing equipment, transmission security, encrypt and decrypt, and transmitter/receiver
SPACE SEGMENT VULNERABILITIES
The most common attack vector against satellites is EW, specifically jamming
EARTH SEGMENT VULNERABILITIES
The earth station network is the weakest component of a SATCOM network.
USER SEGMENT VULNERABILITIES
Space Service Providers (SSP) and Points of Preference (POP) are the weakest components of the user segment.
The components of the user segment make them defenseless to a multitude of NW Ops attack vector options such as?
Exploits, Eavesdropping, Denial of Service (DOS) attacks, Distributed Denial of Service (DDOS) attacks, Direct access attacks
Identify NW Ops effects against SATCOM networks
• Compromise and/or loss of mission critical data through exploits, eavesdropping or direct access attacks. •Temporary or permanent loss of mission critical applications or systems through exploits, DoS attack, DDoS attack or direct access attacks •Detrimental impacts to time-sensitive data through exploits, DoS attack, DDoS attack or direct access attacks, again by denial of SATCOM transmission media
private systems allowing communications between a base station and several mobile radios
also known as fixed station, receives that signal but does not re-broadcast the signal to other radio users in the system.
combination of receiver and transmitter that receives a week signal and retransmit at a high level/power to cover long distances without degradation.
Structure or device used to collect or radiate electromagnetic waves. This is a device connected to the base station/repeater to propagate the Radio Frequency energy.
What are the 3 types of terminals?
Portable radio, Mobile radio, Fixed-station radios
dedicates a single radio channel to a single group of users, similar to using a static IP address where all users must share the address and collision domain (think of a hub). All user share the same channel in a conventional system thus the information is easy to intercept. Depending on the number of users assigned to a channel, it may be difficult to make any calls since the users are all contending against one another.
electronically controlled sharing of a relatively small number of communications channels among a relatively large number of users, This system uses a computer-driven controller to dynamically assigned a channel to a user or group of users on a call-by-call basis.
ID vulnerabilities associated with LMR
INTERNET PROTOCOL CONVERGENCE, GOVERNMENT IT INFRASTRUCTURE VULNERABILITIES, CONVENTIONAL EM ATTACKS, OPEN vs. CLOSED LMR NETWORKS
ID Network Warfare OPS effects against Land Mobile Radio
1.Jamming: DoS 2.Malicious Associations: Stolen Passwords; Launch attacks on the wired network; Trojans in Plants 3.Man-in-the-Middle: Deny service; Confusion on the net; Unauthorized personnel access to sensitive system data 4.Monitoring or eavesdropping: Potential loss of critical information 5.Network injection attack: Required rebooting or even reprogramming of intelligent network devices.
Global Information Grid
Globally interconnected, end-to-end set of information capabilities, associated processes, and personnel for collection, processing, storing, disseminating and managing information on demand to warfighters, policy makers, and support personnel."
Comm support is managed by the?
Chief, AOC Networks, C2 Systems, Data Link, and AOC Area Support.
is senior C2 management function for the AOC.
The ____ normally executes tactical control of the AOC Area Support C2 unit(s) providing transmission, switch, radio, power and other services for AOC connectivity to external forces.
25 or Block 30, 16
The IP portions of an AF functional network is controlled by CITS, block ______, which has ____ gateways.
Defense Switched Network (DSN)
inter/intra base, non or secure global C2 telecommunication system the provides end-to-end telephone, voice-band data, and dial-up, vtc for authorized DOD and gov. agencies.
Defense RED Switch Network (DRSN)
network of secure C2 switches provide secure voice and conferencing capabilities to decision makers.
DISA led, fully integrate voice services VOIP allows end-to-end IP calls over DISN.
AF Satellite Communications Network
DSN phone calls overseas will traverse over SAT. know the process of a phone calls to overseas.
Industrial Control System (ICS)
used to control utilities and services. No standardizations to process or deployment, AF Civil Engineer Support.
Land Mobile Radio (LMR)
common systems on AF installations, deployed as trunked systems. 3 types: Personal, mobile, fixed.
According to ____ Doctrine, computer network defense involves actions taken using computer networks to protect, monitor, analyze, detect, and respond to unauthorized activity within DoD information systems and computer networks.
According to ______ doctrine, Network Defense (NetD) is the term describing the defensive tactics and tools used in the defensive component of our Network Warfare Operations. NetD is the employment of network-based capabilities to defend friendly information resident in or transiting through networks against adversary efforts to destroy, disrupt, corrupt, or usurp it.
CNDR (Computer Network Defense and Response System)
first-generation honey pot designed by AFIOC. A multi-mission weapon system.
CHAFF (Computer Hacker Area Façade Forensics)
This tool can emulate 19 different network devices by using virtual operating systems and even emulate a class B network. It can create over 65 thousand false targets and will respond appropriately to requests made by a hacker.
FLARE (False Logon with Automatic Redirect for Examination)
Covertly redirects an intruder to a different physical location, such as a CNDRS suite, for monitoring purposes.
A tool use to create a deceptive environment for an intruder by mimicking the network where the intruder thinks he/she is. This tool controls and contains the intruder dynamically, changing the environment accordingly with changes made by the hacker. MIRAGE helps make intrusion profiling more fruitful by keeping an intruder interested longer, for further observance and analysis.
ASIMS (Automated Security Incident Measurement System)
The AF standard intrusion detection system (IDS). It's part of the Combat Information Transport System (CITS). Used to provide transcripts for activities that it detects. Can also "drop" packets that it is programmed to reject without revealing its identity to the would-be intruder. Functions in two modes: active and passive.
CIDDS (Common Intrusion Detection Director System)
A centralized monitoring system. This hierarchical system is what the Network Operations Security Center (NOSC) uses to oversee traffic at the bases they are responsible for.
Identifying attackers true identity is time consuming and frustrating, if not impossible. All we can do is block their traffic or slow them down by securing our network devices.
A good network configuration can limit and mitigate the potential for damage or unauthorized access by an attacker, but poor network configuration can prevent proper security measures from being implemented and unauthorized activity can go on unnoticed.
With a limited amount of manpower at a distant location operating a great number of networks, dissimilarities between the base networks increases the difficulties in CND exponentially.
US Military activities in the information environment, as in the physical domains, are conducted as a matter of law and policy.
intends to protect information commensurate with the level of risk and magnitude of harm resulting from loss, misuse, unauthorized access, or modification.
a system providing a framework within which commanders can increase the measurable readiness of their networks to match operational priorities. Commanders may raise levels to re-establish the confidence level of systems based on the tradeoff in resources.
INFOCON level 5
(Normal Readiness Procedures): Operations at this level continue to be routine and personnel are at a normal level of readiness.
INFOCON level 4
(Increase Military Vigilance Procedures): At this level, the network change verification cycle happens more frequently, on a 90 day cycle.
INFOCON level 3
(Enhanced Readiness Procedures): At this level, personnel will continue to implement all actions required at the previous two levels. There is now a requirement to re-establish a secure baseline every 60 days and to conduct offline rehearsals for the rapid and consistent reestablishment of baselines for NIPRnet and SIPRnet critical equipment, as called for in INFOCON 2 procedures.
INFOCON level 2
(Greater Readiness Procedures): At this level, personnel will continue to implement all actions required at the previous two levels. Also, personnel are now required to re-establish a secure baseline on a 30 day cycle.
INFOCON level 1
(Maximum Readiness Procedures): In addition to accomplishing all of the requirements of the earlier levels, at level 1, personnel must re-establish a secure baseline on 15 day intervals
What are the CND limitations?
Non-repudiation, Manpower/resources, Configuration Management, Base standardization, Legal considerations
Computer Network Exploitation
Enabling operations and intelligence collection capabilities conducted through the use of computer networks to gather data from adversary/automated info systems.
Network Support (NS)
collection and production of network related data for immediate decisions involving NW Ops.
CNA/NetA and CND/NetD
CNE/NS supports both _____ and _____.
For _____ operations and activities, CNE/NS can provide nodal and system analysis and engineering to identify potential vulnerabilities in adversary systems.
_____ does not only provide knowledge of system(s) to exploit, rather it provides critical information that can aid in the determination of target priorities.
CNE/NS provides material support to _____ operations and activities.
Explain CNE limitations
1. potential consequences when conducting CNE/NS ops. 2. the potential for the target network to be unintentionally taken offline by the activity. 3. the scope of authorized activities, Under title 50, It does not authorize the 5 Ds, destroy, disrupt, deny, degrade, and disable. The types of activities fall under TITLE 10 USC, and CNA
______ provides ability to harm an adversary while reducing exposure of forces, avoiding detection and attribution, and by using a variety of weapon systems.
Limited Risk to Forces
CAN provides the ability to incapacitate an adversary while reducing exposure of friendly forces, reducing collateral damage, or preventing excessive adversary losses.
The key here is that the capability exists to avoid detection by moving quietly.
Network Attack Weapon Systems
vary greatly depending on complexity, cost, and configuration. Dependent on several variables. For example launch platform, connections & vulnerabilities of the target, and weapons available, and the skill of the operator.
Primary effect of __________ is to influence the adversary commander's decisions.
Network attack ops
__________ should not be considered isolated from other war fighting operations by operational and tactical planners.
propagating a virus to an innocent computer, denial or disruption of critical services.
the abilities and actions on the receiving end of the network attack are the most difficult to anticipate. How are they postured to defend, how are people are trained to detect NA, Will they hack back?
a global domain within the information environment consisting of the interdependent network of information technology (IT) infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers
What are the characteristics of cyberspace?
--Cyberspace Exists Across the Air, Land, Maritime, and Space Domains: --Cyberspace Is a Non-Continuous Domain --Cyberspace Is a Heterogeneous Domain --Cyberspace Is Dynamic and Continually Evolving
What are the key components of IADS?
ASV, Battle Mgmt, Weapons Control
What are the C4 systems of IADS?
Data links, radios, communication satellites, landlines, IFF
MEans of connecting one location to another for transmitting and recieving data
IADS used datalinks to relay ________.
Provides the only link to fighter aircraft
Used to point-to-point communication, uses relays and/or troposcatter
Administrative communications flow
Usually begins with the ADOC that est. ROE and will delegate down the echelons
operational communications flow
Begins at ASV or sensor level and is passed up the echelons to various components of the IADS
Battle Mgmt Center
upper echelon command post producing an air situation picture for an AOR based on input from its subordinate ASV FCs
Traditional IADS are referred to as ______closed networks.
Capability and intent make up a _______.
Any weakness that can be exploited by a perpetrator to gain access and is made up of a threat and weakness.
6 potential threats to our networks are?
FIS, foreign militaries, terrorist orgs, criminals, recreational hackers, insider threat
Whaty are the 8 types of GIG vulnerabilities?
Physical, environmental, personnel, hardware, software, media, network, precedural
attempt to influence a person into either revealing info or acting in a manner that would result in unauthorized access to, us of, or disclosure of an info system, network or data
What are the steps in a standard Social Engineering attack?
Info gathering, developing relationships, exploitation, execution
What are the steps in a reverse social engineering attack?
Sabotage, Advertise, Assist
What are the 4 types of data social engineering attacks try to gain?
Personal info, network info, corporate info, system access info
What are the six basic principles of human behavior that produce results for Social engineering attacks?
Liking, Authority, Scarcity, Consistency, Reciprocity, Social proof
What physical security vulnerabilites do attackers exploit in social engineering attacks?
Proximity, shoulder surfing, recognition, tailgating, dumpster diving, support staff members
What are the social engineering attack vectors?
Phishing, spear phishing, whaling, vishing, pharming, drive-by pharming, malware
What are three network-based prevention techniques agains SE?
boundary protection, anti-virus software, patching
What are four user-based prevention techniques againt SE attacks?
education and training, policies and procedures, safeguarding info, physical security
What are 2 network-based means of detecting SE attacks on AF systems?
What are three user-based means of detecting SE attacks on AF operations?
misspelling punctuation errors and poor grammar, timing issues, request for sensitive info
is responsible for deployed location social engineering threats
is responsible for stateside social engineering threats incidents
YOU MIGHT ALSO LIKE...
CGS2100 chapter 12
CGS 2100 Exam 2 Winston (Summer B)
Network+ Chapter 1
Networking Vocabulary 1 (Study)
OTHER SETS BY THIS CREATOR
ANTH 3315 Test 2
SW Arch Unit 1
ANTH 3330 Exam 1
Villarreal/SOCI 1310/Final Exam
OTHER QUIZLET SETS
Def. Chap. 8
CCNA 1 CHAPTER 4 QUIZ
MS Graded Assessment #4
Chapter Eight: Wireless LANS