3D053 CDC Edit 02 Vol 2
The is the URE's from vol 2, edit code 02 which became active after 4 April 2013
- 1.What provides protection of the base network perimeter using a protection device or system of devices?
- A.
Network assurance.
- B.
Network protection.
- C.
Boundary protection.
- D.
Information assurance.
- 2.What severity code applies to any vulnerability that provides information that gives an unauthorized person the means to circumvent security controls?
- A.
Category I.
- B.
Category II.
- C.
Category III.
- D.
Category IV.
- 3.What severity code applies to any vulnerability that provides information that potentially could lead to a compromise?
- A.
Category I.
- B.
Category II.
- C.
Category III.
- D.
Category IV.
- 4.What severity code applies to any vulnerability that, when resolved, will prevent the possibility of degraded security?
- A.
Category I.
- B.
Category II.
- C.
Category III.
- D.
Category IV.
- 5.How many Integrated Network and Operation Security Centers (INOSC) does the Air Force have?
- A.
One.
- B.
Two.
- C.
Three.
- D.
Four.
- 6.How many hours prior to change implementation does the Integrated Network Operations and Security Centers (INOSC) notify a base communications flight about removing unused filters?
- A.
12 hours.
- B.
24 hours.
- C.
48 hours.
- D.
72 hours.
- 7.What is the primary intrusion/misuse tool used in the Air Force Enterprise Network (AFEN)?
- A.
Firewall.
- B.
Proxy server.
- C.
Intrusion detection system (IDS) software.
- D.
Automated security incident measurement (ASIM).
- 8.An active intrusion detection system (IDS) is normally incorporated into
- A.
Switches.
- B.
Firewalls.
- C.
Routers.
- D.
Servers.
- 9.Which intrusion detection system (IDS) monitors network traffic and alerts administrators about suspicious traffic?
- A.
Active IDS.
- B.
Passive IDS.
- C.
Host-based IDS.
- D.
Network-based IDS.
- 10.Which intrusion detection system (IDS) examines servers or client computers for the patterns of an intrusion?
- A.
Active IDS.
- B.
Passive IDS.
- C.
Host-based IDS.
- D.
Network-based IDS.
- 11.When using an intrusion detection system (IDS), remember to
- A.
Deploy one IDS for the entire network.
- B.
Deploy IDS on 50 percent of the network segments.
- C.
Consider using only a network-based IDS or host-based IDS.
- D.
Use a centralized management console for system management.
- 12.The disadvantage of a host-based intrusion detection system (HIDS) is that it
- A.
Can analyze any encrypted data if it is decrypted before reaching the target host
- B.
Consumes resources on the host it resides on and slows that device down.
- C.
Monitors log files for inadvisable settings or passwords.
- D.
Monitors traffic on the host on which it is installed.
- 13.One advantage of a network-based intrusion detection system (NIDS) is that it
- A.
Can decrypt data
- B.
Uses very few network resources
- C.
Monitors logs for policy violations.
- D.
Can analyze encrypted network traffic.
- 14.What intrusion detection system (IDS) is not commonly used due to increasing cost of implementation?
- A.
Host-based IDS.
- B.
Network-based IDS.
- C.
Hardware-based IDS.
- D.
Application-based IDS.
- 15.Host-based intrusion detection systems (HIDS) are
- A.
Active only.
- B.
Passive only.
- C.
Passive and active.
- D.
Neither passive nor active.
- 16.A logical connection point for the transmission of information packets is known as a
- A.
Entrance point.
- B.
Service point.
- C.
Protocol.
- D.
Port.
- 17.Above which layer of the open systems interconnect (OSI) model are protocols designed to reside?
- A.
Presentation.
- B.
Transport.
- C.
Network.
- D.
Session.
- 18.Which is not a common service?
- A.
File transfer protocol (FTP).
- B.
Domain name service (DNS).
- C.
Hypertext transfer protocol (HTTP).
- D.
Open system interconnection (OSI).
- 19.Which port range constitutes well-known ports?
- A.
0–1023.
- B.
1024–23535.
- C.
23536–49151.
- D.
49152–65535.
- 20.Which port is used for telnet?
- A.
7
- B.
20
- C.
23
- D.
53
- 21.Which port is used for hypertext transfer protocol (HTTP)?
- A.
21
- B.
22
- C.
60
- D.
80
- 22.In which type of port scan does the scanner attempt to connect to all ports?
- A.
Sweep scan.
- B.
Vanilla scan.
- C.
Fragment packet scan.
- D.
File transfer protocol (FTP) bounce scan.
- 23.Which type of scan is also known as a half open scan?
- A.
Fragment packets.
- B.
Synchronous (SYN) scan.
- C.
User datagram protocol (UDP) scan.
- D.
Transmission control protocol (TCP) scan.
- 24.What should you do with unused ports?
- A.
Monitor ports.
- B.
Keep ports open.
- C.
Keep ports closed.
- D.
Ensure all ports are used.
- 25.One of the responsibilities of the Air Force Network Operations Center (AFNOC) in implementation of ports, protocols, and services (PPS) is to
- A.
Maintain the AF PPS database.
- B.
Develop AF PPS policies and procedures.
- C.
Develop countermeasures on threats associated with PPS traversing the AF enclave boundaries.
- D.
Provide information on threats and vulnerabilities associated with PPS traversing the AF enclave boundaries.
Questions: 176 | Attempts: 7320 | Last updated: May 31, 2019
-
Sample Question(001) Which squadrons form a maintenance group?
Questions: 266 | Attempts: 7298 | Last updated: Oct 13, 2020
-
Sample QuestionWhen turning a patient, what is the MOST IMPORTANT precaution to take whether you are pushing or pulling the patient?
Questions: 48 | Attempts: 6011 | Last updated: Jul 12, 2019
-
Sample QuestionHow many individual options do sats have built-in within the reports list?
Back to top