3D053 Cyber Surety Volume 2 Information Protection - Boundary Control Journeyman

70 Questions | Total Attempts: 250

SettingsSettingsSettings
CDC Quizzes & Trivia

CDC 3D053 Cyber Surety Volume 2. Information Protection - Boundary Control Journeyman URE's


Questions and Answers
  • 1. 
    (201) What severity code applies to any vulnerability that provides information that gives an unauthorized person the means to circumvent security controls?
    • A. 

      I

    • B. 

      II

    • C. 

      III

    • D. 

      IV

  • 2. 
    (201) What severity code applies to any vulnerability that provides information that potentially could lead to a compromise?
    • A. 

      I

    • B. 

      II

    • C. 

      III

    • D. 

      IV

  • 3. 
    (201) What severity code applies to any vulnerability that, when resolved, will prevent the possibility of degraded security?
    • A. 

      I

    • B. 

      II

    • C. 

      III

    • D. 

      IV

  • 4. 
    (201) The integrated network operations and security centers (INOSC) has several responsibilities except
    • A. 

      Maintain sole administrative privileges on the firewall.

    • B. 

      Standardize, configure, back up, and otherwise maintain the firewall.

    • C. 

      Maintain a single naming/configuration standard for boundary devices.

    • D. 

      Install patches or perform any upgrades provided by AF Enterprise Network.

  • 5. 
    (202) Active intrusion detection system (IDS) blocks network traffic when it detects an intrusion. Normally, active IDSs are incorporated into
    • A. 

      Switches.

    • B. 

      Firewalls.

    • C. 

      Routers.

    • D. 

      Servers.

  • 6. 
    (202) Which intrusion detection system (IDS) examines traffic for suspicious patterns?
    • A. 

      Active IDS.

    • B. 

      Passive IDS.

    • C. 

      Host-based IDS.

    • D. 

      Network-based IDS.

  • 7. 
    (202) Which intrusion detection system (IDS) examines servers or client computers for the patterns of an intrusion?
    • A. 

      Active IDS.

    • B. 

      Passive IDS

    • C. 

      Host-based IDS.

    • D. 

      Network-based IDS.

  • 8. 
    (202) When using an intrusion detection system (IDS), remember to
    • A. 

      Update IDS signatures periodically.

    • B. 

      Deploy one IDS for the entire network.

    • C. 

      Use a centralized management console for system management.

    • D. 

      Consider using either a network-based IDS or host-based IDS.

  • 9. 
    (203) The disadvantage of a host-based intrusion detection system (HIDS) is that it
    • A. 

      Can analyze any encrypted data if it is decrypted before reaching the target host.

    • B. 

      Consumes resources on the host it resides on and slows that device down.

    • C. 

      Monitors log files for inadvisable settings or passwords.

    • D. 

      Monitors traffic on the host on which it is installed.

  • 10. 
    (203) The disadvantage of a network-based intrusion detection system (NIDS) is that it
    • A. 

      Cannot analyze encrypted packets because it has no method for decrypting the data.

    • B. 

      Monitors log files for inadvisable settings or passwords.

    • C. 

      Monitors traffic on the network on which it is installed.

    • D. 

      Consumes very few network resources.

  • 11. 
    (203) Which intrusion detection system (IDS) uses software sensors?
    • A. 

      Active IDS.

    • B. 

      Passive IDS.

    • C. 

      Host-based IDS.

    • D. 

      Network-based IDS.

  • 12. 
    (203) Which intrusion detection system (IDS) monitors packets for protocol anomalies and known virus signatures?
    • A. 

      Active IDS.

    • B. 

      Passive IDS.

    • C. 

      Host-based IDS.

    • D. 

      Network-based IDS.

  • 13. 
    (204) Which port range constitutes well-known ports?
    • A. 

      0–1023.

    • B. 

      1024–23535.

    • C. 

      23536–49151.

    • D. 

      49152–65535.

  • 14. 
    (204) Port scanning
    • A. 

      Is the act of sporadically scanning a computer’s ports.

    • B. 

      Sends out a request to connect to any computer.

    • C. 

      Notes which ports responded to the scan.

    • D. 

      Is always malicious in nature.

  • 15. 
    (204) In which type of port scan does the scanner connect to the same port on more than one
    • A. 

      Strobe.

    • B. 

      Sweep.

    • C. 

      Stealth.

    • D. 

      Vanilla.

  • 16. 
    (204) Above which layer of the open systems integration (OSI) model are protocols designed to reside?
    • A. 

      Presentation.

    • B. 

      Transport.

    • C. 

      Network.

    • D. 

      Session.

  • 17. 
    (204) Which organization has the responsibility of developing Air Force Ports, Protocols and Services (AF PPS) policies and procedures?
    • A. 

      Air Force Network Integration Center (AFNIC).

    • B. 

      Air Force Network Operations Center (AFNOSC).

    • C. 

      Air Force Information, Services and Integration Directorate (SAF/XCIA).

    • D. 

      Air Force Network Operations Commander (AFNetOps/CC).

  • 18. 
    (204) Which organization has direct operational control of Air Force Ports, Protocols and Services (AF PPS)?
    • A. 

      Air Force Network Integration Center (AFNIC).

    • B. 

      Air Force Network Operations Center (AFNOSC).

    • C. 

      Air Force Information, Services and Integration Directorate (SAF/XCIA).

    • D. 

      Air Force Network Operations Commander (AFNetOps/CC).

  • 19. 
    (205) What is the default read community string of a simple network management protocol (SNMP) agent?
    • A. 

      Private.

    • B. 

      Public.

    • C. 

      Secure.

    • D. 

      Unsecure.

  • 20. 
    (205) To limit the risks associated with using simple network management protocol (SNMP),
    • A. 

      Use access control lists on SNMP agents to accept SNMP messages from all SNMP managers.

    • B. 

      Keep devices requiring SNMP together with those that do not through VLANs.

    • C. 

      Disable all SNMP devices/services if not required.

    • D. 

      Enable the set community strings if possible.

  • 21. 
    (205) Which tool is not used to test your simple network management protocol (SNMP) security?
    • A. 

      WU_PingProPack.

    • B. 

      SolarWinds.

    • C. 

      SNMPutil.

    • D. 

      Security mapper (SMAP).

  • 22. 
    (206) Which open source network-based intrusion detection system performs packet logging and real-time traffic analysis as well as protocol analysis, content searching/matching, and active blocking or passive detecting of a variety of attacks and probes?
    • A. 

      Snort.

    • B. 

      Open source security (OSSEC).

    • C. 

      Host based security system (HBSS).

    • D. 

      Intruder alert (ITA).

  • 23. 
    (206) Which network-based security tool is a hardware and software system that sits on AF networks “listening” for “suspicious activity” that is characteristic of intruder techniques?
    • A. 

      Snort.

    • B. 

      Automatic Security Incident Measurement (ASIM).

    • C. 

      Enterprise Security Manager (ESM).

    • D. 

      Internet Security Scanner (ISS).

  • 24. 
    (206) Which security tool is designed to manage sensitive data and enforce security policies across a full range of client/server platforms?
    • A. 

      Snort.

    • B. 

      Automatic Security Incident Measurement (ASIM).

    • C. 

      Enterprise Security Manager (ESM).

    • D. 

      Internet Security Scanner (ISS).

  • 25. 
    (207) Integration of the capabilities of personnel, operations, and technology, and the evolution to network centric warfare best describes what concept?
    • A. 

      Firewalls.

    • B. 

      Information condition (INFOCON).

    • C. 

      Security tools.

    • D. 

      Defense in depth.

Back to Top Back to top