ࡱ> % p:bjbj%% +GG1lJ"J"J"8"<"VJ#V$&:&:&:&:&*\",IIIIIII$K NI],:&:&,,I3:&:&J333,`:&:&I3,I3V3$9A D:&# @ G5J"2.C D&J0VJC6N:0N D3SYSTEM Administrator/ISSO Interview Questions This section lists questions that must be asked of the System Administrator or the Information Systems Security Officer (ISSO) in an interview prior to the SRR.  TOC \o "1-3" \h \z  HYPERLINK \l "_Toc87663102" 3 SYSTEM Administrator/ISSO Interview Questions  PAGEREF _Toc87663102 \h 3-1  HYPERLINK \l "_Toc87663103" 3.1 [M] Controlling Access to Automated Information Systems (AISs)  PAGEREF _Toc87663103 \h 3-2  HYPERLINK \l "_Toc87663104" 3.2 [M] Users with Administrative Privileges  PAGEREF _Toc87663104 \h 3-2  HYPERLINK \l "_Toc87663105" 3.3 [M] Users with Backup Operator Privileges  PAGEREF _Toc87663105 \h 3-3  HYPERLINK \l "_Toc87663106" 3.4 [M] Shared Accounts  PAGEREF _Toc87663106 \h 3-3  HYPERLINK \l "_Toc87663107" 3.5 [M] Access to Security Event Log  PAGEREF _Toc87663107 \h 3-3  HYPERLINK \l "_Toc87663108" 3.6 [M] Audit Logs  PAGEREF _Toc87663108 \h 3-4  HYPERLINK \l "_Toc87663109" 3.7 [M] CMOS Configuration G  PAGEREF _Toc87663109 \h 3-4  HYPERLINK \l "_Toc87663110" 3.8 [M] Emergency Backups  PAGEREF _Toc87663110 \h 3-5  HYPERLINK \l "_Toc87663111" 3.9 [M] Mobil USB Disk Devices  PAGEREF _Toc87663111 \h 3-5  HYPERLINK \l "_Toc87663112" 3.10 [M] Windows Security Configuration Tools  PAGEREF _Toc87663112 \h 3-6  HYPERLINK \l "_Toc87663113" 3.11 [M] Active Directory Backup Policy (Windows 2003 domain controllers)  PAGEREF _Toc87663113 \h 3-6  HYPERLINK \l "_Toc87663114" 3.12 [M] System Configuration Changes  PAGEREF _Toc87663114 \h 3-6  HYPERLINK \l "_Toc87663115" 3.13 [M] Network Interface Card (NIC)  PAGEREF _Toc87663115 \h 3-7  HYPERLINK \l "_Toc87663116" 3.14 [M] Unencrypted Remote Access  PAGEREF _Toc87663116 \h 3-7  HYPERLINK \l "_Toc87663117" 3.15 [M] Intrusion Detection  PAGEREF _Toc87663117 \h 3-7 _____________________________________________________________________________________________ A  G symbol appearing in a section title indicates a Platinum Standard setting. The label (Future Check) next to a section title is to alert sites that this is a new check that will become active in the near future. This is meant to give sites sufficient time to incorporate these changes prior to being held accountable in a Security Readiness Review. Note: Each check is coded with its Gold Disk or Script automation status on the title line as follows: [A] Fully Automated (No reviewer interaction). [AP] - Partially Automated (May require review of output). [MA] - Currently a manual check, but could be automated or partially automated. [M] - Manual check (Cannot be automated) [M] Controlling Access to Automated Information Systems (AISs) This check verifies, by observation, that the equipment and all ancillary devices are adequately protected. Note: Critical servers should be located in rooms, or locked cabinets, that are accessible only to authorized systems personnel. User workstations containing sensitive data should be in access controlled areas. Category/MAC/IA:II / 1-CSP, 2-CSP, 3-CSP / PECF-1, PECF-2 PDI:1.001: Physical security of Windows Server/Workstation does not meet DISA requirements.Reference:DISA FSO Windows 2003 Addendum: Section 7.2 [M] Users with Administrative Privileges This check verifies that each user with administrative privileges has been assigned a unique account, separate from the built-in Administrator account. This implementation permits the auditing of administrative actions by individual. This check also verifies that the default Administrator account is not being used. Administrators should be properly trained before being permitted to perform administrator duties. The ISSO will maintain a list of all users belonging to the Administrators group. If any of the following conditions are true, then this is a finding: ____ Each System Administrator does not have a unique userid dedicated for administering the system. ____ Each System Administrator does not have a separate account for normal user tasks. ____ The built-in Administrator account is used to administer the system. ____ Administrators have not been properly trained. ____ The ISSO does not maintain a list of users belonging to the Administrators group. Category/MAC/IA:II / 1-CSP, 2-CSP, 3-CSP / ELCP1, ECPA-1 PDI:1.006: Users with Administrative privilege are not documented or do not have separate accounts for administrative duties and normal operational tasks.Reference:DISA FSO Windows 2003 Addendum: Section 7.1 [M] Users with Backup Operator Privileges This check verifies that each user with backup operator privileges has been assigned a unique account with membership in the Backup Operators group, separate from their standard user account, has been identified, and has been properly trained. ____ Each BackupOperator does not have a unique userid dedicated for backing up the system. ____ Each Backup Operator does not have a separate account for normal user tasks. ____ Backup Operators have not been properly trained. ____ The ISSO does not maintain a list of users belonging to the Backup Operators group. Category/MAC/IA:II / 1-CSP, 2-CSP, 3-CSP / ELCP1, ECPA-1 PDI:1.007: Members of the Backup Operators group do not have separate accounts for backup duties and normal operational tasks.Reference:DISA FSO Windows 2003 Addendum: Section 7.1 [M] Shared Accounts This check verifies that all shared accounts on the system are documented and justified. Any shared account must be documented with the IAO. Documentation should include the reason for the account, who has access to this account, and how the risk of using a shared account, which provides no individual identification and accountability is mitigated. Note: A shared account may be permitted for a help desk or site security personnel machine, if that machine is stand-alone and has no access to the network. Category/MAC/IA:II / 1-CSP, 2-CSP, 3-CSP / IAIA-1 PDI:1.008: Shared user accounts are permitted on the system.Reference:DISA FSO Windows 2003 Addendum: Section 7.1 [M] Access to Security Event Log This check verifies that access to the Security Event Log is restricted to members of an auditors group, or other restricted-membership group that serves this purpose. Category:IIPDI:1.010: Access to the Windows Security Event Log has not been restricted to an Auditors group.Reference:DISA FSO Windows 2003 Addendum: Section 6.1.2 [M] Audit Logs This check verifies that Audit logs are reviewed and archived. If a site does not have a policy in place that defines procedures for reviewing and archiving audit logs, then this is a finding. Category/MAC/IA:II / 1-CSP, 2-CSP, 3-CSP / ECAT-1, ECRG-1, ECRR-1, ECTB-1 PDI:1.029: Audit logs are not archived or reviewed.Reference:DISA FSO Windows 2003 Addendum: Section 6.1 [M] CMOS Configuration G This check verifies that the CMOS configuration, often treated synonymously with the term  BIOS configuration, provides a mechanism to restrict how the system may be booted, and who may boot the system. Do not take a server off-line to verify this setting. If necessary, question the System Administrator and/or the ISSO to verify that the CMOS is configured properly. Note: A CMOS password must always be set. If the system BIOS doesnt provide for a CMOS password, then a BOOT password must be set to meet the Platinum Standard. A BOOT password is not a requirement for workstations, or for servers that must remain available on a 24 X 7 basis. ____ The CMOS configuration permits the system to boot from a floppy or CD-ROM device. ____ A password is not required to make configuration changes to the CMOS. Category/MAC/IA:III / 1-CSP, 2-CSP, 3-CSP / IAIA-1 PDI:1.012The CMOS configuration does not conform to DISA requirements.Reference:DISA FSO Windows 2003 Addendum: Section 7.2.1 [M] Emergency Backups This check verifies that System information backups are maintained in accordance with DISA standards. Any System information backups should be created to include the registry. ____ The site does not maintain emergency system recovery data. ____ The emergency system recovery data is not protected from destruction and stored in locked storage container. ____ There is no emergency system recovery data for each W2K3 system created at the time of system installation. ____ The emergency system recovery data has not been updated following the last system modification. Category/MAC/IA:III / 1-CSP, 2-CSP, 3-CSP / COBR-1, CODB-1 PDI:1.013: Emergency Repair Disk(s) (ERD) or System information backups are not created, updated, and protected according to DISA requirements.Reference:DISA FSO Windows 2003 Addendum: Section 9.2 [M] Mobil USB Disk Devices This check verifies that the site has a clearly defined local policy on the use of Mobile USB Disk Devices. If no local policy exists, then this is a finding. If the policy doesnt require the following, then this is a finding: Devices will be formatted with the NTFS file system. Devices will have file ACLs and auditing configured in accordance with DOD requirements. Category/MAC/IA:II / 1-CSP, 2-CSP, 3-CSP / ECCD-1, ECCD-2 PDI:2.017: A local policy for the use of Mobile USB Disk Devices doesnt exist.Reference:FSO NT/WIN2K/XP Addendum, Sect. 7.3.1 [M] Windows Security Configuration Tools The Microsoft Security Configuration Toolset that is integrated in W2K3 should be used to configure platforms for security compliance. If an alternate method is used to configure a system (e.g. manually), that achieves the same configured result, then this is acceptable. Category/MAC/IA:III / 1-CSP, 2-CSP, 3-CSP / DCCS-1, DCCS-2 PDI:1.016: The Microsoft Security Configuration Manager is not being used to configure platforms to security compliance.Reference:MS Server 2003 Security Settings Guide, Chap 2 [M] Active Directory Backup Policy (Windows 2003 domain controllers) This check verifies that the Active Directory is backed up in accordance with DISA standards. The System State data on each Windows 2003 Domain Controller should be backed up on a frequent basis. If the System State data (Active Directory and services upon which it is dependent) for each Windows 2003 Domain Controller is not included in the Sites daily system backups, then, this is a finding. Category/MAC/IA:II / 1-CSP, 2-CSP, 3-CSP / COBR-1, CODB-1 PDI:1.023: The Active Directory is not being backed up according to DISA requirements.Reference:DISA FSO Windows 2003 Addendum: Section 9.3 [M] System Configuration Changes If the site does not use a tool to compare system files (*.exe, *.bat, *.com, *.cmd and *.dll) on servers against a baseline, on a weekly basis, then this is a finding. Category/MAC/IA:II / 1-CSP, 2-CSP, 3-CSP / DCSL-1 PDI:1.024: System files are not checked for unauthorized changes.Reference:DISA FSO Windows 2003 Addendum: Section 2.1 [M] Network Interface Card (NIC) If the computer does not require network access, and contains NIC Card, then this is a finding. Unneeded network interfaces that are built into the motherboard should be disabled through the BIOS hardware settings. Unused NIC cards should be removed. Category/MAC/IA:III / 1-CSP, 2-CSP, 3-CSP / PDI:1.026: A computer that does not require network access has a NIC.Reference:DISA FSO Windows 2003 Addendum: Section 7.2 [M] Unencrypted Remote Access This check applies to machines whose services are accessed remotely. (e.g. FTP, Telnet, etc.). If the User account used for unencrypted remote access within the Enclave (premise router) has administrator privileges, then this is a finding. If User ID and Password information used for remote access to system services from outside the Enclave is not encrypted, then this is a finding. Category/MAC/IA:I / 1-CSP, 2-CSP, 3-CSP / ECCT-1, ECCT-2 PDI:3.061: Unencrypted remote access is permitted to system services.Reference:DISA FSO Windows 2003 Addendum: Section 7.6 [M] Intrusion Detection If a Server does not have a host-based intrusion detection (HID) system installed and enabled, then this is a finding. Note1: A finding can be downgraded to a Category III, if there is an active JIDS or Firewall protecting the network. Note2: A HID device is not required on a system that has the role as the Network Intrusion Device (NID). However, this exception needs to be documented with the site IAO. Category/MAC/IA:II / 1-CSP, 2-CSP, 3-CSP / ECID-1 PDI:1.025: A Server does not have a host-based Intrusion Detection System.Reference:DISA FSO Windows 2003 Addendum: Section 2.1 UNCLASSIFIED Windows Server 2003 Checklist 4.0.0 - 22 April 2005 Field Security Operations Section 3 Defense Information Systems Agency  PAGE 3-7 UNCLASSIFIED UNCLASSIFIED 567PQRUVWXYZuvwx{|)*+DEFIJKLիՕjgUj>*B*UphjqUCJaJj>*B*Uphj{U jU ;CJaJ0JaJj>*B*Uph0J j0JU jU:.XL}b ^ R > /0DE  &dP9o:LMNijklop34569:Z[\uvwz{|}~j>*B*UphjIUj>*B*UphjSUj>*B*Uphj]U jUCJaJj>*B*Uph0J j0JU; RTV\^`bdf        T V X Z ` b j>*B*Uphj+Uj>*B*Uphj5U0JCJ OJQJ\j>*B*Uphj?U jUCJaJ0J j0JU=    ; < = V W X [ \ ] ^ _ ` { | } ~     / 0 1 J K L O P Q R S ߻ߥj Uj >*B*Uphj Uj >*B*Uphj Uj >*B*Uph0JCJaJ j0JU jUj! U>S T o p q r v w . 0 2 8 : < > @ B x z | ~ 㙕;CJjCJUmHnHujUjj>*B*Uphj Ujt >*B*Uphj U jUCJaJ j0JUj~ >*B*Uph0J8 :JCDEJGLXYb+,8:+e1\$% cp !-!.!""###w$|$%%%%4&i&j&;mH nH u5;\mH nH u5655CJ OJQJ\ B*ph6]6 B*hphCJOJQJ^Jo(5\ CJ OJQJGoFG.YZ$ !$7$8$H$If$If^ & F Z[`|$Ifi$$Ifl0".04 lal\]c 0^`0i$$Ifl0".04 lal,-.3~t~i$$Ifl0".04 lal$ !$7$8$H$If$If /%& efgx$If 0^`0i$$Ifl0".04 lal x%&1]~~i$$Ifl0".04 lal$If$ !$7$8$H$If]^_swxz$ !$7$8$H$If$Ifi$$Ifl0".04 lal %$Ifi$$Ifl0".04 lal%&'H$If1$i$$Ifl0".04 laldepr s $If  !$Ifi$$Ifl0!.04 la !.!/!0!1!"~s~~qqo  !$Ifi$$Ifl0!.04 la$If$ !$7$8$H$If "v$w$%%%%4&5&F&j&k&$ !$7$8$H$If$If 0^`0 $1$^1$ k&l&q&&&&&($Ifi$$Ifl0".04 lalj&&&''(p(u(((G)))%*P* ,!,".#.0000T1r12222R4S44466 7*777B8J8"9#9~9999999<:>:?:@:F:G:J:K:N:Z:\:]:m:p:0JCJmHnHuj0JCJU0JCJCJ<CJ 5CJ\CJ5\CJOJQJ^J6 B*hph?&&&'''''o(p(((G)H)|||||| 01$^`0 0^`0i$$Ifl0".04 lal H)Y)))))**%*Q*~L~s  !$Ifi$$Ifl0".04 lal$ !$7$8$H$If$If Q*R*S*o***++U++++++$If & F$1$i$$Ifl0".04 lal +!,",#,(,u,v,,,~L~i$$Ifl0$04 lal$If$ !$7$8$H$If,,,,,----#.$.s$ !$7$8$H$If$If"$1$i$$Ifl0$04 lal $.%.*.....$Ifi$$Ifl0".04 lal..."///D0000000o$ !$7$8$H$If$If 01$^`0i$$Ifl0".04 lal 000H1I1T11h  !$If$Ifi$$Ifl0".04 lal1111N2O2`222z$ !$7$8$H$If$Ifi$$Ifl0".04 lal2222223$Ifi$$Ifl0$04 lal333&3#4$454S4T4z$ !$7$8$H$If$Ifi$$Ifl0$04 lalT4U4Z44444$$Ifi$$Ifl0$04 lal4444U5V555z6{6666z$ !$7$8$H$If$Ifi$$Ifl0$04 lal 66677 787$$Ifi$$Ifl0$04 lal8797:7S777A8B889#9$9z$ !$7$8$H$If$Ifi$$Ifl0$04 lal $9%9*9r9s9~998$Ifi$$Ifl0$04 lal9999999:=:>:L:M:ppff $dN !H$&dP H$ !i$$Ifl0$04 lal M:\:]:^:_:m:n:o:p:$ ! $dN) 000P/ =!"#$%{DyK  _Toc87663102{DyK  _Toc87663102{DyK  _Toc87663103{DyK  _Toc87663103{DyK  _Toc87663104{DyK  _Toc87663104{DyK  _Toc87663105{DyK  _Toc87663105{DyK  _Toc87663106{DyK  _Toc87663106{DyK  _Toc87663107{DyK  _Toc87663107{DyK  _Toc87663108{DyK  _Toc87663108{DyK  _Toc87663109{DyK  _Toc87663109{DyK  _Toc87663110{DyK  _Toc87663110{DyK  _Toc87663111{DyK  _Toc87663111{DyK  _Toc87663112{DyK  _Toc87663112{DyK  _Toc87663113{DyK  _Toc87663113{DyK  _Toc87663114{DyK  _Toc87663114{DyK  _Toc87663115{DyK  _Toc87663115{DyK  _Toc87663116{DyK  _Toc87663116{DyK  _Toc87663117{DyK  _Toc87663117$ i8@8 Normal$CJ_HmH sH tH L@L Heading 1$ & F 1$<@&5;CJKH8@8 Heading 2  & F @&;CJBB Heading 3$ & F1$<@&5DD Heading 4$ & F<@&5KHHH Heading 5$ & F<@& CJOJQJDD Heading 6$ & F<@&6CJDD Heading 7$ & F<@&OJQJHH Heading 8$ & F<@& 6OJQJN N Heading 9 $ & F<@&56CJOJQJ<A@< Default Paragraph Font. @. Footer$ !.@. Header$ !(U@( Hyperlink>*B*&)@!& Page Number0>20 Title $$a$5CJ(D@DTOC 1 $ xx;CJmHnHuB@BTOC 2 $ ^CJmHnHu** TOC 3 ^CJ** TOC 4 ^CJ** TOC 5 ^CJ** TOC 6 ^CJ** TOC 7 ^CJ** TOC 8 ^CJ** TOC 9 ^CJ@C@ Body Text Indent $^hRhBody Text Indent 2%$$d%d&d'd^ mHnHuDSD Body Text Indent 3 $^0B0 Body Text $ & F8Y8 Document Map!-D OJQJ4P@"4 Body Text 2" 5CJ\>V@1> FollowedHyperlink >*B* ph2.XL}1^R~/0D E  o F G   . Y Z [ `  \]c,-.3/%& efgx%&1]^_swx%&'Hdeprs./01J01|} 789P  C D )!*!!!!!!!!a"b"m"""""##$#W#X###+$,$-$>$i$j$k$p$$$$$$$$%,&-&.&?&k&l&m&r&&&&#'$'%'j'.(/((((( )5)6)7)<))))))))*******+++I+J+K+n+k,l,},,,,,,,,--->---/.0......//H/I/T/////000071H1k1l1m1r11111111122W2222222 00000000000000000000000000000000 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0  00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0  00000000000000000000 00_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_ 00'0'0'0'0'0'0'0'0'0'0'0' 00000000000000000 001010101010101010101010101010101010101 0090909090909090909090909090909090909090909 00"0"0"0"0" 0" 0"0"0"0"0"0"0"0"0"0"0"0"0"0"0" 0 0$0$"0$0$0$0$0$0$0$0$0$0$0$0$ 0 0%'0%'0%'0%'0%'0%'0%'0%'0%'0%'0%'0%'0%'0%'0%'0%'0%' 0 0)0)0)0)0)0)0)0)0)0)0)0)0) 0 0K+0K+0K+0K+0K+0K+0K+0K+0K+0K+0K+0K+0K+ 0 0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0- 00/0/0/0/0/0/0/0/0/0/0/0/0/0/0/0/0/0/@0@0@0@0@0@0@0@0 0L S j&p: #$%&'5Zx]% "k&&H)Q*+,$..0123T44687$99M:p:!()*+,-./012346789:;<=>?@ABCDEFGo:"6QUVXw*EIJLk5[vz{}*./1Pk <W[\^} 0KOPRq>\w{|~2 TX%TX%TX%TX%TX%TX%TX%TX%TX%TX%TX%TX%TX%TX%TX%TX%T̕!4+ _Toc423747824 _Toc423926489 _Toc87663102 _Toc408975781 _Toc418304680 _Toc423747825 _Toc423926490 _Toc87663103 _Toc408975785 _Toc418304685 _Toc423747830 _Toc423926495 _Toc87663104 _Toc423747831 _Toc423926496 _Toc87663105 _Toc87663106 _Toc423747833 _Toc423926498 _Toc87663107 _Toc87663108 _Toc423747834 _Toc423926499 _Toc87663109 _Toc423747835 _Toc423926500 _Toc87663110 _Toc383931378 _Toc383931628 _Toc55954643 _Toc56221158 _Toc87663111 _Toc87663112 _Toc56221161 _Toc87663113 _Toc22693561 _Toc87663114 _Toc22693562 _Toc87663115 _Toc87663116 _Toc22693563 _Toc56221164 _Toc87663117.. _'''11188:PP"""$$'%'))K+L+-///2   !"$#'%&)*(---      .rrrG11GGIHHO!!"""%i'i'))l+<-=-///26V*J[{/k<\0P\| 0>W]##;*=*@*E*G*J*111.2;222226V*J[{/k<\0P\|   !c&0D=@167|  C D I L )!*!/!2!!(((----111.2;22222333333333333E  Z [ [ -.. g:O_cx'+ys  15}  ':>!!!!v""""""V#W#+$+$-$j$k$k$$$.&l&m&m&%')'(6)7)7)))))****&+;+G+H+K+P+l,,,,,--#->-...//]/r/~//////06171l1m1m111112222;22222222DISA>D:\W2K3_Server\Checklist_082704\W2K3 Checklist - Section 3.DOCDISA>D:\W2K3_Server\Checklist_092404\W2K3 Checklist - Section 3.DOCDISA>D:\W2K3_Server\Checklist_102204\W2K3 Checklist - Section 3.DOCDISA>D:\W2K3_Server\Checklist_102204\W2K3 Checklist - Section 3.DOCDISA>D:\W2K3_Server\Checklist_121004\W2K3 Checklist - Section 3.DOCDISA>D:\W2K3_Server\Checklist_121004\W2K3 Checklist - Section 3.DOCDISA>D:\W2K3_Server\Checklist_012805\W2K3 Checklist - Section 3.DOCDISA>D:\W2K3_Server\Checklist_022505\W2K3 Checklist - Section 3.DOCDISA>D:\W2K3_Server\Checklist_032505\W2K3 Checklist - Section 3.DOCDISA>D:\W2K3_Server\Checklist_042205\W2K3 Checklist - Section 3.DOC}PTYw/2E/uvo 3I}9~[|7HCs^`.h ^`OJQJo(h pp^p`OJQJo(oh @ @ ^@ `OJQJo(h ^`OJQJo(h ^`OJQJo(oh ^`OJQJo(h ^`OJQJo(h PP^P`OJQJo(oh   ^ `OJQJo(P^`P@@^@`.0^`0..``^``... ^` .... ^` ..... ^` ...... `^``....... 00^0`........ B^`BOJQJo(P^`P@@^@`.0^`0..``^``... ^` .... ^` ..... ^` ...... `^``....... 00^0`........ ^`o(-9~[}E/E/E/E/E/E/E/E/E/E/E/E/E/E/E/E/E/E/3IHCsw/           . Z [ ` -.3%egx%&1]^wx%&'deprs./1|} 78!!!!!!a"b"m""",$-$>$j$k$p$$$$$$-&.&?&l&m&r&&&&#'$')'(( )6)7)<)))))))*****+++I+J+k,l,},,,,,,,-->-....//H/I/T////071H1l1m1r11111111222@8& XHH2`@``@` `@`"`H@UnknownG: Times New Roman5Symbol3& : Arial9 Webdings?5 : Courier New5& z!Tahoma;Wingdings"1hYtFfC#[:2)W!0d22Q/3 SYSTEM ADMINISTRATOR/ISSO INTERVIEW QUESTIONSDISA Field Security OperationsDISAOh+'0$ 4@ \ h t 03 SYSTEM ADMINISTRATOR/ISSO INTERVIEW QUESTIONS SYDISA Field Security OperationsEISA Normal.dotSDISAl.d35AMicrosoft Word 9.0 @i @(@@EG5:2)՜.+,D՜.+,` hp  DISA6W2 03 SYSTEM ADMINISTRATOR/ISSO INTERVIEW QUESTIONS TitleL 8@ _PID_HLINKSA`<\ _Toc87663117<V _Toc87663116<P _Toc87663115<J _Toc87663114<D _Toc87663113<> _Toc87663112<8 _Toc87663111<2 _Toc87663110=, _Toc87663109=& _Toc87663108=  _Toc87663107= _Toc87663106= _Toc87663105= _Toc87663104= _Toc87663103= _Toc87663102  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHJKLMNOPRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxz{|}~Root Entry F G5Data I1TableQNWordDocument+SummaryInformation(yDocumentSummaryInformation8CompObjjObjectPool G5 G5  FMicrosoft Word Document MSWordDocWord.Document.89q