Sys
Ops
Module
5
Terms
616
Operations
Center
(OC)
-
ANS-Will
task
NOSs
with
Priority
and
Emergency
vulnerability
remediation
actions
via
three-tiered
prioritization
model
as
shown
in
Three-Tiered
Prioritization
Model
Figure,
as
well
as
direct
actions
for
the
NOSs
to
cease
enterprise-level
patching
when
necessary.
690
Network
Support
Squadron
(NSS)/AMAC
-
ANS-Will
direct
NOSs,
base
NCCs/CFPs,
and
PMOs
through
the
Acknowledgement
Compliance
Tool
(ACT)
to
implement
Normal
vulnerability
remediation
actions.
They
will
authorize
NOS
personnel
to
test
software
and
OS
updates
as
well
as
update
the
associated
Remedy
CRQ
ticket
for
the
TCNO
with
relevant
changes
and
confirm
with
software
dashboard.
Accounting
-
ANS-Reviewing
log
events
to
determine
who
did
what,
when
they
did
it,
and
how.
Agent
Handler
-
ANS-Helps
to
load
balance
the
number
of
connections
to
the
ePO
server,
can
sustain
a
maximum
of
250
connections
Agent
to
Server
Communication
Interval
(ASCI)
-
-
ANS-Mandates
how
often
the
McAfee
Agent
"check-ins"
with
the
ePO.
Air
Force
Enterprise
Configuration
Management
Office
(AFECMO)
-
ANS-Creates
pre-configured
operating
system
images
that
are
compliant
with
all
applicable
TCNOs
and
STIGs.
Creates
Desktop
Operating
Systems
(SDC)
and
Server
Operating
Systems
(SSC)
images.
Asset
Configuration
Control
Module
(ACCM)
-
ANS-A
piece
of
software
within
ESS
that
can
be
utilized
for
scanning
clients
and
returning
information
from
their
current
state
of
Windows.
Assured
Compliance
Assessment
Solution
(ACAS)
-
ANS-Automatically
identifies
configuration
vulnerabilities.
Includes
a
scanning
device,
report
generator,
and
hierarchical
reporting
capability
to
the
Vulnerability
Management
System
(VMS)
Authentication
-
ANS-Ensure
that
a
user
is
who
they
say
they
are.
Authorization
-
ANS-Validating
that
a
user
has
permission
to
access
the
application
by
comparing
the
user's
identity
with
a
list
of
allowed
users.
Base
communications
squadrons
-
ANS-Ensure
McAfee
Endpoint
Products
are
applied
to
client
systems.
Have
no
access
to
ESS
servers.
Must
know
which
NOS/COS
they
fall
under CFPs
-
ANS-Responsible
for
monitoring
client
health
and
assisting
the
NOSs
with
remediation
of
vulnerabilities
that
cannot
be
remediated
with
enterprise
automated
tools.
CFPs/NCCs
-
ANS-Are
responsible
for
identifying
the
information
systems
controlled
by
a
Program
Management
Office
(PMO)
within
their
respective
AOR.
Will
review
test
groups
biannually
to
ensure
bases
are
meeting
the
3%
requirement.
Command
Cyber
Readiness
(CCRI)
-
ANS-A
DISA-led
formal
inspection
designed
to
increase
accountability
and
the
security
posture
of
DoD
Information
Networks
according
to
DoD
standards.
Configuration
Manager
Applet
-
ANS-Can
be
found
in
the
control
panel
and
provides
configuration
information
of
the
client
and
available
client
actions.
Must
be
running
to
make
client
configuration
changes,
to
deploy
software,
to
inventory
the
system,
to
process
compliance
audits,
etc.
Data
Loss
Prevention
(DLP)
-
ANS-Primarily
utilized
to
protect
the
endpoint
from
unauthorized
device
insertions.
Uses
rules
to
configure
the
scope
of
devices
that
are
targeted.
DISA
-
ANS-Responsible
for
maintaining
the
security
posture
of
the
Department
of
Defense
Information
Network
(DoDIN).
Distribution
Point
Role
-
ANS-Will
contain
programs,
software,
updates
and
even
operating
system
images
for
client
downloads.
The
AF
can
control
content
distribution
by
using
bandwidth
throttling
and
scheduling
options
at
Primary
and
Secondary
Sites.
Emergency
Remediation
Actions
-
ANS-24
hours,
forgo
all
testing.
Release
patch
within
24
hours,
with
a
mandated
minimum
70%
of
machines
Endpoint
Security
(ENS)
-
ANS-First
function
is
Access
Protection.
The
second
function
is
the
On-Access
Scan.
The
third
function
is
the
On-Demand
Scan.
Endpoint
Security
System
(ESS)
-
ANS-Provides
mechanisms
to
prevent,
detect,
track,
report,
and
remediate
malicious
computer
activities
and
incidents.
Purpose
is
to
enhance
the
overall
security
posture
of
DoD
endpoints.
ePolicy
Orchestrator
(ePO)
-
ANS-What
the
operational
units
use
to
perform
all
normal
control
and
management
of
the
ESS
suite.
Host
Intrusion
Prevention
(HIP)
-
ANS-Comprised
of
2
functions:
Intrusion
Prevention
System
(IPS)
and
Host
Based
Firewall.
Employs
firewall
policies
to
configure
IP
address
communication.
By
default
it
is
configured
to
deny
all.
Therefore,
unless
explicitly
stated
to
be
allowed,
it
is
denied.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller AnswersCOM. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.99. You're not tied to anything after your purchase.