Update from this article:
On Wednesday, the NSA told the teams to disable their firewalls for several hours at a time. The request came after a period of relatively little activity from the hackers, which led Midshipman Trevor Baumgartner to boast that the Navy group's defense technologies had stymied the NSA hackers. . . Thomas Hendricks, a visiting NSA professor at the Naval Academy, chuckled at the notion that the NSA team used the firewall exercise as a last resort. The loss of the firewall, he said, exposed an unsecured administrative account on the Navy's network, allowing the NSA to wreak havoc. "They were taught -- though I'm not sure how much they listened -- to protect as many layers of the network as possible," Hendricks said. "This part of the exercise was designed to see how many layers of protection they had in place."
Yeah right! If the NSA had been able to get past the firewall, they could have used a compromised host as a launch pad for attacks against the "unsecured administrative account" or any other internal weakness.