Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
20 Cards in this Set
- Front
- Back
DoD Cyber Incident and Reportable
Category 0 |
Training and Exercises |
|
DoD Cyber Incident and Reportable
Category 1 |
Root-Level Intrusions |
|
DoD Cyber Incident and Reportable
Category 2 |
User-Level Intrusions |
|
DoD Cyber Incident and Reportable
Category 3 |
Unsuccessful Activity Attempt |
|
DoD Cyber Incident and Reportable
Category 4 |
Denial of Service |
|
DoD Cyber Incident and Reportable
Category 5 |
Non-Compliance Activity |
|
DoD Cyber Incident and Reportable
Category 6 |
Reconnaissance |
|
DoD Cyber Incident and Reportable
Category 7 |
Malicious Code |
|
DoD Cyber Incident and Reportable
Category 8 |
Investigating |
|
DoD Cyber Incident and Reportable
Category 9 |
Explained Anomaly |
|
CYBER INCIDENT AND REPORTABLE CYBER EVENT CATEGORIZATION Definition Category 0: Training and Exercises |
Operations performed for training purposes and support to exercises. |
|
CYBER INCIDENT AND REPORTABLE CYBER EVENT CATEGORIZATION Definition
Category 1: Root Level Intrusion (Incident) |
Unauthorized privileged access to an IS. Privileged access, often referred to as administrative or root access, provides unrestricted access to the IS. This category |
|
CYBER INCIDENT AND REPORTABLE CYBER EVENT CATEGORIZATION Definition
Category 2: User Level Intrusion (Incident) |
Unauthorized non-privileged access to an IS. Non-privileged access, often referred to as user-level access, provides restricted access to the IS based on the privileges granted to the user. This includes unauthorized access to information or unauthorized access to account credentials that could be used to perform user functions such as accessing Web applications, Web portals, or other similar information resources. If the IS is compromised with malicious code that provides remote interactive control, it will be reported in this category. |
|
CYBER INCIDENT AND REPORTABLE CYBER EVENT CATEGORIZATION Definition
Category 3: Unsuccessful Activity Attempt (Event) |
Deliberate attempts to gain unauthorized access to an IS that are defeated by normal |
|
CYBER INCIDENT AND REPORTABLE CYBER EVENT CATEGORIZATION Definition
Category 4: Denial of Service (Incident) |
Activity that denies, degrades, or disrupts normal functionality of an IS or DoD information network. |
|
CYBER INCIDENT AND REPORTABLE CYBER EVENT CATEGORIZATION Definition
Category 5: Non-Compliance Activity (Event) |
Activity that potentially exposes ISs to increased risk as a result of the action or inaction of authorized users. This includes administrative and user actions such as failure to apply security patches, connections across security domains, installation of vulnerable applications, and other breaches of existing DoD policy. Reporting of these events is critical for the gathering of useful effects-based metrics for commanders. |
|
CYBER INCIDENT AND REPORTABLE CYBER EVENT CATEGORIZATION Definition
Category 6: Reconnaissance (Event) |
Activity that seeks to gather information |
|
CYBER INCIDENT AND REPORTABLE CYBER EVENT CATEGORIZATION Definition
Category 7: Malicious Logic (Incident) |
Installation of software designed and/or deployed by adversaries with malicious intentions for the purpose of gaining access to resources or information without the |
|
CYBER INCIDENT AND REPORTABLE CYBER EVENT CATEGORIZATION Definition
Category 8: Investigating (Event) |
Events that are potentially malicious or |
|
CYBER INCIDENT AND REPORTABLE CYBER EVENT CATEGORIZATION Definition
Category 9: Explained Anomaly (Event) |
Suspicious events that after further investigation are determined to be non-malicious activity and do not fit the criteria for any other categories. This includes events such as IS malfunctions and false alarms. When reporting these events, the reason for which it cannot be otherwise categorized must be clearly specified. |