SBOLC CNR EXAM QUESTIONS WITH
VERIFIED ANSWERS
According to AR 380-40 what are the three categories of reportable COMSEC incidents?
Physical Incidents, Cryptographic Incidents, Personnel Incident
What are the four Types of Incident Reports?
Initial, Amplifying, Abbreviated, Final
Who manages all aspects of an operational account?
KMI Operational Account managers (KOAM) and alternate KMI
Operational Account managers (AKOAM)
What are the 3 main components of the Key Management Infrastructure (KMI) System?
Management Client (MGC), Advanced Key Processor (AKP), High Assurance Internet Protocol
Encryptor (HAIPE)
What are the two type of Keys
Symmetric keys, Asymmetric keys
What is the purpose of the Traffic Encryption Key (TEK)?
It is a key used to protect traffic passed on Point-to-Point circuits and multi-station nets that are
secured by KG-84A/C, KIV -7/7HS, KY-57/58/67, RT-1523/A, KYV-5/KY99/99A/100 and KY
68 equipment.
What is Key distribution?
The secure, accountable process of moving the key from the point
of generation to the point of use.
What does electronic key distribution consist of
Over-the-air Re-Keying (OTAR), Bulk Transfer, Electronic
Re-Keying to the Subscriber's Terminal.
Emergency plans must be ________ and ________
IAW AR 380-40 and TB 380-41?
rehearsed, documented
Scheduled COMSEC Changeovers are challenging,
what is critical to success?
Established SOPs and TTPs that are rehearsed and
practiced
, What is a SAT?
Signal assessment tables (SAT) used to communicate,
organize, sequence, and resource individual and collective training
requirements
What courses must all CAM and alternate CAMs successfully
Complete?
COMSEC account manager course and the management
client course.
What should the unit COMSEC SOP include?
Unit-specific instructions.
Routine destruction instructions.
Controlled cryptographic item management instructions.
Deployment instructions.
Emergency plan instructions.
Continuity of operations plan.
Information technology contingency plan.
What are the four options a unit has when they deploy?
Deploy without account, Deploy with account, Suspend account, Close account
Who controls most encryption keys and governs local key generation, distribution, and
storage?
The NSA
What is Key management?
The activities involving the handling of cryptographic keys and other
related security parameters (e.g. passwords) during the entire life cycle of the
keys, including their generation, storage, establishment, entry and output,
and destruction (CNSSI 4009).
How long must the KOAM maintain hard copies of SF-153s?
For a minimum of 36 months.
What do reportable COMSEC incidents include?
Loss of accountability.
Improper destruction.
Possible tampering.
Failure to perform key processor changeover.
Found on installation.
Unsecured or unauthorized access.
VERIFIED ANSWERS
According to AR 380-40 what are the three categories of reportable COMSEC incidents?
Physical Incidents, Cryptographic Incidents, Personnel Incident
What are the four Types of Incident Reports?
Initial, Amplifying, Abbreviated, Final
Who manages all aspects of an operational account?
KMI Operational Account managers (KOAM) and alternate KMI
Operational Account managers (AKOAM)
What are the 3 main components of the Key Management Infrastructure (KMI) System?
Management Client (MGC), Advanced Key Processor (AKP), High Assurance Internet Protocol
Encryptor (HAIPE)
What are the two type of Keys
Symmetric keys, Asymmetric keys
What is the purpose of the Traffic Encryption Key (TEK)?
It is a key used to protect traffic passed on Point-to-Point circuits and multi-station nets that are
secured by KG-84A/C, KIV -7/7HS, KY-57/58/67, RT-1523/A, KYV-5/KY99/99A/100 and KY
68 equipment.
What is Key distribution?
The secure, accountable process of moving the key from the point
of generation to the point of use.
What does electronic key distribution consist of
Over-the-air Re-Keying (OTAR), Bulk Transfer, Electronic
Re-Keying to the Subscriber's Terminal.
Emergency plans must be ________ and ________
IAW AR 380-40 and TB 380-41?
rehearsed, documented
Scheduled COMSEC Changeovers are challenging,
what is critical to success?
Established SOPs and TTPs that are rehearsed and
practiced
, What is a SAT?
Signal assessment tables (SAT) used to communicate,
organize, sequence, and resource individual and collective training
requirements
What courses must all CAM and alternate CAMs successfully
Complete?
COMSEC account manager course and the management
client course.
What should the unit COMSEC SOP include?
Unit-specific instructions.
Routine destruction instructions.
Controlled cryptographic item management instructions.
Deployment instructions.
Emergency plan instructions.
Continuity of operations plan.
Information technology contingency plan.
What are the four options a unit has when they deploy?
Deploy without account, Deploy with account, Suspend account, Close account
Who controls most encryption keys and governs local key generation, distribution, and
storage?
The NSA
What is Key management?
The activities involving the handling of cryptographic keys and other
related security parameters (e.g. passwords) during the entire life cycle of the
keys, including their generation, storage, establishment, entry and output,
and destruction (CNSSI 4009).
How long must the KOAM maintain hard copies of SF-153s?
For a minimum of 36 months.
What do reportable COMSEC incidents include?
Loss of accountability.
Improper destruction.
Possible tampering.
Failure to perform key processor changeover.
Found on installation.
Unsecured or unauthorized access.
