3D053 Cyber Surety Journeyman Volume 1. Information Protection –internal Control

The correct answer is "using the least privilege principle." This means that by providing users with only the necessary level of access to perform their jobs, you are following the principle of granting the minimum necessary permissions. This helps to reduce the risk of unauthorized access or misuse of resources, as users are only given the specific privileges they need to carry out their tasks. It is a security best practice to limit access rights to only what is required for a user to perform their job effectively.

The contract manager must validate a contractor employee's need to obtain a government PKI certificate with the Local Registration Authority/Trusted Agent (LRA/TA).

Administrative access is given to users who perform troubleshooting, configuration changes, or system reviews. This type of access allows users to have full control and authority over the system, including the ability to make changes, modify settings, and perform administrative tasks. It is necessary for these users to have administrative access in order to effectively carry out their responsibilities and ensure the smooth functioning of the system. Limited (general) access, remote user access, and end-user access do not provide the same level of privileges and permissions as administrative access.

The correct answer is IAO and security manager. The responsibility for verifying proper security clearances and background investigation checks prior to granting network user access to the AF GIG lies with both the Information Assurance Officer (IAO) and the security manager. These individuals play a crucial role in ensuring that only authorized personnel are granted access to the network, thereby maintaining the security and integrity of the AF GIG. The IAO is responsible for overseeing the overall information assurance program, while the security manager is responsible for implementing and enforcing security policies and procedures. Together, they collaborate to ensure proper security measures are in place.

TCP is responsible for verifying the correct delivery of data from client to server. It ensures that all packets are received in the correct order and without errors. DHCP is used for assigning IP addresses to devices on a network. HTTP is a protocol for transferring hypertext documents, and IP is responsible for routing packets across the internet.

The correct answer is Dynamic host configuration protocol (DHCP). DHCP is an IETF standard protocol that simplifies the process of configuring hosts on a TCP/IP-based network. It allows hosts to automatically obtain IP addresses, subnet masks, default gateways, and other network configuration parameters from a DHCP server. This eliminates the need for manual configuration, reducing the administration burden and complexity of managing network configurations.

Setting up a secure point-to-point communication is called tunneling. Tunneling is a technique that allows data to be encapsulated within a separate network protocol, creating a "tunnel" through which the data can be securely transmitted. This ensures that the communication between two points is protected from potential threats and unauthorized access. Dual stack refers to the implementation of both IPv4 and IPv6 protocols, dual layer is not a term related to secure communication, and peer-to-peer refers to a decentralized network architecture.

The risk outcome that results in the loss of services provided by the operation of an information system (IS) for a period of time is denial of service. This means that the system is intentionally or unintentionally made unavailable or inaccessible to its intended users, rendering it unable to perform its functions and provide services. This can occur due to various reasons such as network congestion, hardware or software failure, or malicious attacks.

A Trojan horse is a type of program that appears harmless or useful but actually contains or installs a malicious program. Unlike a boot sector virus, which infects the boot sector of a computer's hard drive, a worm program, which replicates itself and spreads across networks, or a macro virus, which infects documents and spreads through macros, a Trojan horse disguises itself as something legitimate to deceive users into executing it. Therefore, the correct answer is Trojan horse.

Fiber optic is the correct answer because it is the only option that describes a bound media with a core surrounded by cladding and a second layer surrounded by glass or plastic. Twisted pair, coaxial, and WiFi do not have this specific structure.

In a ring network, every device is connected to exactly two neighbors, one on each side. This creates a circular loop where data can be transmitted in both directions. This type of network is commonly used in token ring networks, where a token is passed around the network to control access to the shared communication medium.

A protective distribution system (PDS) is typically installed between two controlled access areas (CAA) because it is designed to provide secure communication and data transmission between sensitive areas. Controlled access areas have strict access controls and security measures in place to prevent unauthorized individuals from entering. By installing a PDS between two CAA, the communication and data transmission within these areas can be protected from potential threats and unauthorized access.

Destruction is the correct answer because it refers to the risk outcome that leads to the physical loss of assets, rendering them inoperable and usually requiring replacement. This means that the assets are completely ruined or damaged beyond repair, making them unusable and necessitating their replacement.

The term "RED" refers to any equipment or area in which classified information is processed. This term is commonly used in the context of information security and is associated with the highest level of classification.

As the migration to internet protocol (IP) V6 continues, many organizations rely upon subnetting to compensate for the lack of usable IP addresses. Subnetting allows organizations to divide a single IP network into smaller subnetworks, which helps in efficiently utilizing the available IP addresses. By dividing the network into smaller subnets, organizations can allocate IP addresses only to the devices that require them, reducing wastage and conserving IP addresses. This allows organizations to accommodate more devices within the limited pool of IP addresses provided by IP V6.

not-available-via-ai

The correct answer is "Log off your computer daily." This step is not directly related to virus protection. Logging off your computer daily helps to protect your privacy and prevent unauthorized access, but it does not specifically protect against viruses. The other three steps mentioned - installing the latest service packs, updating anti-virus software, and watching for files with certain attachments - are all important for virus protection.

When a protective distribution system (PDS) alarm is activated, an individual should respond within 15 minutes. This quick response time is necessary to address any potential issues or threats that the alarm is indicating. By responding promptly, the individual can assess the situation, take appropriate action, and ensure the safety and functionality of the protective distribution system.

Air Force information systems must complete the information technology (IT) Lean process to obtain an approval to operate unless these systems have been designated as a SPACE or SAP/SAR. This means that if an information system has been designated as a SPACE or SAP/SAR, it does not need to go through the IT Lean process to obtain approval to operate.

A tree network integrates multiple topologies because it is a combination of multiple star topologies connected to a central bus. Each star topology represents a branch of the tree, with devices connected to a central hub or switch, and all the branches are connected to the central bus. This allows for a hierarchical structure and efficient communication between devices in different branches of the tree network.

The designated approving authority has the authority to impose restrictions upon and prohibit the use of government-owned removable information systems storage media for classified systems or networks. This individual is responsible for approving the use of these storage media and ensuring that proper security measures are in place to protect classified information.

For in-transit storage on the flightline, an installation commander can authorize the classifications of Confidential and Secret. This means that only items with these classifications can be stored in this area. Other classifications such as Top Secret or Unclassified may not be authorized for storage on the flightline.

When vulnerabilities are discovered within the Windows operating system and its other products, Microsoft releases bulletins. Bulletins are official documents or announcements that provide information about the vulnerabilities and offer guidance on how to mitigate them. These bulletins typically include details about the vulnerability, its potential impact, and the steps that users can take to protect their systems. By releasing bulletins, Microsoft aims to inform its users about the vulnerabilities and help them keep their systems secure.

A companion file virus is a type of virus that renames the original file and writes itself with the original file's name. This means that the virus disguises itself as the original file, making it difficult to detect. By renaming the file and replacing it with the virus, the user may unknowingly execute the virus instead of the intended file, allowing the virus to spread and potentially cause harm to the system.

The lowest level information condition (INFOCON) is 5. This level indicates that there is no current threat to the information systems and no specific actions need to be taken to protect them. This means that the systems are operating normally and there is no immediate risk or danger to the information.

A BIOS password should be implemented on desktop systems connected to critical networks to prevent unauthorized people from gaining control of the system when it is powered up. This password is set in the Basic Input/Output System (BIOS) of the computer and acts as an additional layer of security. It prevents unauthorized access to the system by requiring a password to be entered before the operating system can be loaded. This helps ensure that only authorized individuals can gain control of the system and protect sensitive information and resources.

A degausser is a device used to erase magnetic data from storage media. It is important to recertify a degausser regularly to ensure its effectiveness and accuracy. The correct answer states that a degausser must be recertified every 6 months for the first two years of operation. This means that the device should undergo a certification process every half year to ensure that it is working properly and meeting the required standards.

The sequence of leading bits in an internet protocol used to identify the network portion of an IP address is called the routing prefix. This prefix helps in determining the network address and allows routers to efficiently route packets to their destination. It is an essential component of IP addressing and plays a crucial role in network communication.

To ensure that replacement administrators can perform the same tasks as their predecessors, it is essential for administrators to maintain comprehensive and precise documentation for all configuration changes. This documentation serves as a reference and guide for new administrators, enabling them to understand the network setup, make necessary changes, and troubleshoot any issues effectively. By documenting configuration changes, administrators can ensure continuity and prevent any disruptions or errors that may arise from miscommunication or lack of information. This practice also promotes accountability and transparency within the network administration team.

Cyber Surety specialists are responsible for ensuring the security and integrity of information systems. They review information system audit logs to identify any instances of fraud, waste, and abuse. This involves analyzing the logs to detect any suspicious activities or unauthorized access attempts. By reporting such incidents, the specialists help in preventing any potential harm or misuse of the system. Therefore, the correct answer is to report fraud, waste, and abuse.

Threats that include flaws in building construction, improper implementation of utilities, inadequate wiring, and poor housekeeping practices are best classified as environmental threats. These threats arise from the physical environment and can cause damage or harm to individuals or property. They are not caused by human actions, technology, or unintentional mistakes, but rather by the conditions and elements present in the surrounding environment.

The Cyber Surety journeyman is responsible for monitoring and ensuring the security of various programs. This includes communications security (COMSEC), computer security (COMPUSEC), and emissions security (EMSEC). However, the journeyman does not monitor information security (INFOSEC) as it is not listed as one of their responsibilities.

Wired equivalency privacy (WEP) is the correct answer because it was originally intended to create a wireless security platform that would perform as securely as a traditional wired network by providing data encryption. WEP was the first security protocol used in Wi-Fi networks, but it is now considered to be weak and easily compromised.

A minimum milli-ampere current of 50 can be lethal. This suggests that any current below 50 milli-amperes is not enough to cause harm or be lethal.

HQ AFNIC reviews IAAP reports and has the final authority to downgrade IAAP report ratings when incidents or deviations are involved.

802.11b is the slowest yet least expensive WiFi standard. Although it operates at a lower frequency than other standards, it still provides a decent speed for basic internet browsing and email. It is the most affordable option for those on a budget or with older devices that do not support newer WiFi standards.

Class A internet protocol addresses are used for very large networks. Class A addresses have a first octet range of 1-126, which allows for a large number of hosts in the network. These addresses are typically assigned to organizations or institutions that require a large number of IP addresses for their network infrastructure.

The correct answer is chroot. Running the UNIX Apache server in a chroot environment provides an added layer of security. Chroot allows the server process to be confined to a specific directory, preventing it from accessing the rest of the system. This helps to limit the potential damage that can be caused by a compromised server.

If the power source is disconnected or if there is a break in the wire, there will be a loss of signal. This is because the power source provides the necessary energy for the signal to be transmitted through the circuit. Without power, the signal cannot be sustained and will be lost.

A digital certificate is a type of certificate that is used to authenticate the identity of the user. It is a digital document that contains information about the user and is issued by a trusted authority. The certificate is used to verify the identity of the user in various online transactions and communications.

Consistently monitoring and controlling networked resources is important to ensure access to the network while minimizing risks posed by various cyberspace threats. By regularly monitoring the network, potential vulnerabilities or suspicious activities can be identified and addressed promptly. Additionally, by implementing controls and security measures, the network can be protected from unauthorized access or malicious attacks. Keeping complete and accurate documentation for all configuration changes is also crucial as it helps in tracking and auditing any changes made to the network, ensuring accountability and facilitating troubleshooting if any issues arise. Installing all applicable security patches is important but it alone does not address the broader goal of minimizing risks posed by various cyberspace threats.

ASIM transcripts are controlled and released only with approval from the Air Force network operations center (AFNOC). This suggests that AFNOC has the authority and responsibility to manage and oversee the release of ASIM transcripts. The wing commander, major command commander, and Air Force Office of Special Investigation (AFOSI) may have their own roles and responsibilities in security incidents, but in this case, it is specifically stated that AFNOC is the entity that controls the release of ASIM transcripts.

Requirements for availability and integrity are associated with mission assurance. Mission assurance refers to the measures taken to ensure the successful accomplishment of a mission or objective. In the context of information, availability refers to the accessibility and usability of information, while integrity refers to the accuracy, completeness, and reliability of information. Therefore, mission assurance encompasses the requirements for both availability and integrity of information to ensure the successful completion of a mission.

Initial information assurance (IA) awareness training for all network users ensures that users are aware of their role in IA, are trained on network security, and have satisfied network access requirements. However, it does not ensure that users have met investigative requirements. This means that the training does not guarantee that users have completed any necessary investigations or background checks that may be required for certain roles or access levels within the network.

Degaussing with an NSA-approved degausser is the only way to clear magnetic tapes. Degaussing is the process of erasing or demagnetizing the data stored on magnetic media. Magnetic tapes use magnetic particles to store data, and degaussing is necessary to completely remove all traces of data from the tapes. NSA-approved degaussers ensure that the degaussing process meets specific security standards set by the National Security Agency. Therefore, magnetic tapes can only be effectively cleared using an NSA-approved degausser.

A wireless wide area network (WWAN) is a type of network that typically provides wireless broadband data services. WWANs cover large areas, such as cities or even entire countries, and are used to connect devices to the internet or other networks without the need for physical cables. This type of network is commonly used by mobile network operators to provide internet access to mobile devices, such as smartphones or tablets, and is often associated with technologies like 3G, 4G, or 5G.

To improve system security, it is recommended to disable unnecessary services that come preloaded on UNIX systems. This helps to reduce the attack surface and potential vulnerabilities. Out of the given options, rfinger is the service that can be disabled. Rfinger is used to retrieve information about users on a remote system, but it is considered a security risk as it can provide valuable information to attackers. Disabling rfinger helps to protect the system from potential unauthorized access and information leakage.

When overwriting hard drives, it is important to verify the overwriting process to ensure that the data has been successfully overwritten and cannot be recovered. The minimum percentage to verify the overwriting process indicates the minimum amount of data that should be checked after the overwrite. In this case, the correct answer of 20 suggests that at least 20% of the data should be verified to ensure the effectiveness of the overwrite process.

not-available-via-ai

To completely sanitize sealed disks, removable disk packs, magnetic bubble memory, core memory, and flash memory, it requires six passes with a degausser. A degausser is a device that uses a strong magnetic field to erase or neutralize the magnetic data stored on these types of memory devices. By passing the devices through the degausser six times, it ensures that all residual magnetic traces are eliminated, making the data unrecoverable.