3D053 Vol 2

70 Questions | By CommV1 | Last updated: Jun 19, 2019

Settings

- +

These are just unit review questions.

More Air Force Quizzes

Which Air Force Career Is Best For You?

United States Air Force Enlisted Ranks! Trivia Quiz

7 Level CDC 2AX7X Air Force Volume 1

Featured Quizzes

The Ultimate Veteran's Day Quiz!

What Is Your Political Ideology?

How Well Do You Know Leonardo DiCaprio?

Related Topics

Questions and Answers

1.

What severity code applies to any vulnerability that provides information that gives an unauthorized person the means to circumvent security controls?
- A.
  
  I
- B.
  
  II
- C.
  
  III
- D.
  
  IV
2.

What severity code applies to any vulnerability that provides information that potentially could lead to a compromise?
- A.
  
  I
- B.
  
  II
- C.
  
  III
- D.
  
  IV
3.

What severity code applies to any vulnerability that, when resolved, will prevent the possibility of degraded security?
- A.
  
  I
- B.
  
  II
- C.
  
  III
- D.
  
  IV
4.

The integrated network operations and security center (INOSC) has several responsibilities except
- A.
  
  Main sole administrative privileges on the firewall
- B.
  
  Standardize, configure, back up, and otherwise the firewall
- C.
  
  Maintain a single naming/configuration standard for boundary devices
- D.
  
  Install patches or perform any upgrade provided by the AF Enterprise Network
5.

Active intrusion detection system (IDS) blocks network traffic when it detects an intrusion. Normally, active IDSs are incorporated into
- A.
  
  Switches
- B.
  
  Firewalls
- C.
  
  Routers
- D.
  
  Servers
6.

Which intrusion detection system (IDS) examines traffic for suspicious patterns?
- A.
  
  Active IDS
- B.
  
  Passive IDS
- C.
  
  Hosted-based IDS
- D.
  
  Network-based IDS
7.

Which intrusion detection system (IDS) examines servers or client computers for the patterns of an intrusion?
- A.
  
  Active IDS
- B.
  
  Passive IDS
- C.
  
  Host-based IDS
- D.
  
  Network-based IDS
8.

When using an intrusion detection system (IDS), remember to
- A.
  
  Update IDS signatures periodically
- B.
  
  Deploy one IDS for the entire network
- C.
  
  Use a centralized management console for system management
- D.
  
  Consider using either a network -based IDS or host-based IDS
9.

The disadvantage of a host-based intrusion detection system (HIDS) is that it
- A.
  
  Can analyze any encrypted data if it is decrypted before reaching the target host
- B.
  
  Consumes resources on the host resides on and slows the device down
- C.
  
  Monitors log files for inadvisable settings or passwords
- D.
  
  Monitors traffic on the host which it is installed
10.

The disadvantage of a network-based intrusion detection system (NIDS) is that it
- A.
  
  Cannot analyze encrypted packets because it has no method for decrypting the data
- B.
  
  Monitors log files for inadvisable settings or passwords
- C.
  
  Monitors traffic on the network on which it is installed
- D.
  
  Consumes very few network resources
11.

Which intrusion detection system (IDS) uses software sensors?
- A.
  
  Active IDS
- B.
  
  Passive IDS
- C.
  
  Host-based IDS
- D.
  
  Network-based IDS
12.

Which intrusion detection system (IDS) monitors packets for protocol anomalies and known virus signatures?
- A.
  
  Active IDS
- B.
  
  Passive IDS
- C.
  
  Host-based IDS
- D.
  
  Network-base IDS
13.

Which port range constitutes well-known ports?
- A.
  
  0-1023
- B.
  
  1024-23535
- C.
  
  23536-49151
- D.
  
  49152-65535
14.

Port Scanning
- A.
  
  Is the act of sporadically scanning a computer's ports
- B.
  
  Sends out a request to connect to any computer
- C.
  
  Notes which ports responded to the scan
- D.
  
  Is always malicious in nature
15.

In which type of port scan does the scanner connect to the same port on more than one machine?
- A.
  
  Strobe
- B.
  
  Sweep
- C.
  
  Stealth
- D.
  
  Vanilla
16.

Above which layer of the open systems integration (OSI) model are protocols designed to reside?
- A.
  
  Presentation
- B.
  
  Transport
- C.
  
  Network
- D.
  
  Session
17.

Which organization has the responsibility of developing Air Force Ports, Protocols and Services (AF PPS) policies and procedures?
- A.
  
  Air Force Network Integration Center (AFNIC)
- B.
  
  Air Force Network Operations Center (AFNOSC)
- C.
  
  Air Force Information, Services and Integration Directorate (SAF/XCIA)
- D.
  
  Air Force Operations Commander (AFNetOps/CC)
18.

Which organization has direct operational control of Air Force Ports, Protocols and Services (AF PPS)?
- A.
  
  Air Force Network Integration Center (AFNIC)
- B.
  
  Air Force Network Operations Center (AFNOSC)
- C.
  
  Air Force Information, Services and Integration Directorate (SAF/XCIA)
- D.
  
  Air Force Operations Commander (AFNetOps/CC)
19.

What is the default read community string of a simple network management protocol (SNMP) agent?
- A.
  
  Private
- B.
  
  Public
- C.
  
  Secure
- D.
  
  Unsecure
20.

To limit the risks associated with using simple network management protocols (SNMP),
- A.
  
  Use access control lists on SNMP agents to accept SNMP messages from all SNMP managers
- B.
  
  Keep devices requiring SNMP together with those that do not through VLANs
- C.
  
  Disable all SNMP devices/services if not required
- D.
  
  Enable the set community strings if possible
21.

Which port tool is not used to test your simple network management protocol (SNMP) security?
- A.
  
  WU_PingProPackage
- B.
  
  SolarWinds
- C.
  
  SNMPutil
- D.
  
  Security Mapper (SMAP)
22.

Which open source network-based intrusion detection system performs packet logging and real-time traffic analysis as well as protocol analysis, content searching/matching, and active blocking or passive detecting of a variety of attacks and probes?
- A.
  
  Snort
- B.
  
  Open source security (OSSEC)
- C.
  
  Host based security system (HBSS)
- D.
  
  Intruder alert (ITA)
23.

Which network-based security tool is a hardware and software and software system that sits on AF networks "listening" for "suspicious activity" that is characteristic of intruder techniques?
- A.
  
  Snort
- B.
  
  Automatic Security Incident Measurement (ASIM)
- C.
  
  Enterprise Security Manager (ESM)
- D.
  
  Internet Security Scanner (ISS)
24.

Which security tool is designed to manage sensitive data and enforce security policies across a full range of client/server platforms?
- A.
  
  Snort
- B.
  
  Automatic Security Incident Measurement (ASIM)
- C.
  
  Enterprise Security Manager (EDM)
- D.
  
  Internet Security Scanner (ISS)
25.

Integration of the capabilities of personnel, operations, and technology, and the evolution to network centric warfare best describes what concept?
- A.
  
  Firewalls
- B.
  
  Information condition (INFOCON)
- C.
  
  Security tools
- D.
  
  Defense in depth
26.

Restricting what traffic travels in and out of the network best describes what concept?
- A.
  
  Firewalls
- B.
  
  Internet Security Scanner
- C.
  
  Security tools
- D.
  
  Defense in depth
27.

You can implement all of the following security features to help define our internet protocol (IP) telephony systems from attackers except
- A.
  
  Consolidating your voice with your data using virtual local area network (VLAN)
- B.
  
  Enabling access control lists (ACL) on firewalls, routers, an switches.
- C.
  
  Deploying protection from dynamic host configuration protocol (DHCP) spoofing
- D.
  
  Enabling port security access to only allow the required devices needed by the client.
28.

The use of two or more network interface cards (NIC) best describes which type of firewall?
- A.
  
  Network-level
- B.
  
  Application-level
- C.
  
  Corporate/enterprise
- D.
  
  Personal/small office home office (SOHO)
29.

Which type of firewall is typically used when speed is essential?
- A.
  
  Network-level
- B.
  
  Application-level
- C.
  
  Corporate/enterprise
- D.
  
  Personal/small office home office (SOHO)
30.

Which type of firewall views information as a data stream and not as a series of packets?
- A.
  
  Network-level
- B.
  
  Application-level
- C.
  
  Corporate/enterprise
- D.
  
  Personal/small office home office (SOHO)
31.

What was the previous name for what is now called the McAfee Firewall Enterprise?
- A.
  
  Sidewinder
- B.
  
  Death Star
- C.
  
  Blue Coat
- D.
  
  Viper
32.

Most of the firewall implementations you will encounter will be found at the
- A.
  
  Integrated network operation security center (INOSC)
- B.
  
  Air Force network operating center (AFNOC)
- C.
  
  Based-level
- D.
  
  Major command (MAJCOM)
33.

Which McAfee Firewall Enterprise management interface is the graphical software that runs a windows computer within your network?
- A.
  
  Control center
- B.
  
  Admin console
- C.
  
  Command center
- D.
  
  Command-line interface (CLI)
34.

Which firewall management interface menu option views the association between MAC addresses on the firewall and its corresponding internet protocol (IP) address?
- A.
  
  Address Resolution Protocol (ARP)
- B.
  
  Getroute
- C.
  
  Ping host
- D.
  
  Traceroute
35.

What is the default firewall shutdown option?
- A.
  
  Halt system
- B.
  
  Power down system
- C.
  
  Reboot to operational kernel
- D.
  
  Shutdown to emergency maintenance mode
36.

Which firewall shutdown option is useful if you need to connect directly to the firewall to access the basic input/output systems (BIOS)?
- A.
  
  Halt system
- B.
  
  Power down system
- C.
  
  Reboot to operational kernel
- D.
  
  Shutdown to emergency maintenance mode
37.

A firewall burb can best be defined as
- A.
  
  A network stack
- B.
  
  A security policy
- C.
  
  A set of one or more interfaces
- D.
  
  A particular installation of a firewall
38.

Use the high availability shared cluster addresses dialog box to do all the following except
- A.
  
  Configure the shared cluster address
- B.
  
  Specify or sending and receiving heartbeats
- C.
  
  Handle the fastest network traffic on your appliance
- D.
  
  Isolate the cluster address from the domain name server (DNS) and default routers
39.

What does a firewall support that improves systems performance by lessening the load place on the system kernel?
- A.
  
  Domain name server (DNS)
- B.
  
  Burbs
- C.
  
  Proxies
- D.
  
  Fast path sessions
40.

Which Berkeley Internet Name Domain (BIND) server is responsible for zone transfers?
- A.
  
  Named
- B.
  
  Cache-Only
- C.
  
  Master/Primary
- D.
  
  Slave/Secondary
41.

For what Berkeley Internet Name Domain (BIND) server type can there be as many servers as needed in a domain?
- A.
  
  Named
- B.
  
  Cache-Only
- C.
  
  Master/Primary
- D.
  
  Slave/Secondary
42.

In regards to Berkeley Internet Name Domain (BIND) system files, items stored in the domain name server (DNS) database best describes
- A.
  
  Resource records
- B.
  
  Point (PTR) records
- C.
  
  Zone records
- D.
  
  Root cache
43.

Which Berkeley Internet Name Domain (BIND) system file provide reverse mapping?
- A.
  
  Resource records
- B.
  
  Pointer (PTR) records
- C.
  
  Zone records
- D.
  
  Root cache
44.

Which flexible command line can be used to gather information form domain name servers (DNS)?
- A.
  
  NSlookup
- B.
  
  Server
- C.
  
  Yype
- D.
  
  Dig
45.

Which name server is the only one that should have changes to domain name server (DNS) data?
- A.
  
  Named
- B.
  
  Cache-Only
- C.
  
  Master/Primary
- D.
  
  Slave/Secondary
46.

What term is used for a domain name server (DNS) architecture when one or more name servers reside behind a firewall, and contain an "inside" hostname and IP address?
- A.
  
  Split
- B.
  
  Dual
- C.
  
  Secure
- D.
  
  Generic
47.

Which access control list (ACL) restricts packets into or out of a given layer 3 interface?
- A.
  
  Port Access Control (PACL)
- B.
  
  Router Access Control List (RACL)
- C.
  
  Virtual Local Area Network Access Control List (VACL)
- D.
  
  Firewall Access Control List (FACL)
48.

Who approves or disapproves IS (including software and services) connections to the Air Force Global Information Grid (AF GIG) and accepts any risk created by the approved connections?
- A.
  
  Air Force Network Operations Command (AFNetOps/CC)
- B.
  
  Air Force Information Warfare Center/Information Operations Directorate (AFIWC/IO)
- C.
  
  Air Force Network Operations Center (AFNOC)
- D.
  
  23 Information Operations Squadron (IOS)
49.

Who reports all backdoors and unauthorized connections to Air Force networks discovered during the course of operations?
- A.
  
  Air Force Network Operations Command (AFNetOps/CC)
- B.
  
  Air Force Information Warfare Center/Information Operations Directorate (AFIWC/IO)
- C.
  
  Air Force Network Operations Center (AFNOC)
- D.
  
  23 Information Operations Squadron (IOS)
50.

Which is not a category of software package available today used that is used to detect and monitor network activity?
- A.
  
  Intrusion detection
- B.
  
  Packet-capture
- C.
  
  Filters/triggers
- D.
  
  Firewalls
51.

While monitoring your network, a guideline you should remember is to
- A.
  
  Observer regular network traffic and look for anomalies
- B.
  
  Review logs and network statistics at least annually
- C.
  
  Set triggers for unique intrusions
- D.
  
  Use a single master intrusion detection system (IDS) product
52.

Which mail system components sends or retrieves mail between the other agents using specific protocols?
- A.
  
  Transport agent
- B.
  
  Delivery agent
- C.
  
  Security agent
- D.
  
  User agent
53.

Which email server relays all email entering or exiting the local network?
- A.
  
  Exchange server
- B.
  
  Sendmail server
- C.
  
  Simple message transfer protocol (SMTP) server
- D.
  
  Proxy server
54.

Which email server delivers all outgoing email to the mail relay server?
- A.
  
  Exchange server
- B.
  
  Sendmail server
- C.
  
  Simple mail transfer protocol (SMTP) server
- D.
  
  Proxy server
55.

When using transparent mail services, the following mail filtering features are available except
- A.
  
  Message attachment filtering
- B.
  
  Destination address filtering
- C.
  
  Command filtering
- D.
  
  Header filtering
56.

When using secure split mail services, all external simple message transfer protocol (SMTP) hosts will connect to the firewall's
- A.
  
  Local servers
- B.
  
  Non-internet server
- C.
  
  Internal sendmail server
- D.
  
  External sendmail server
57.

Message that are sent to the person administering a mail system are generally addressed to
- A.
  
  Domain.admin
- B.
  
  Administrator
- C.
  
  Postmaster
- D.
  
  Mail-host
58.

Proxies do not
- A.
  
  Block unwanted or malicious downloads
- B.
  
  Protect copyrighted media and intellectual property
- C.
  
  Prevent organizations from obtaining visibility of users
- D.
  
  Block webmail and instant messaging (IM) virus propagation
59.

When the cached information is verified to be up-to-date, the proxy has ensured information?
- A.
  
  Currency
- B.
  
  Freshness
- C.
  
  Timeliness
- D.
  
  Authenticity
60.

Which proxy is located near the web server and acts as an intermediary between a web server and the internet?
- A.
  
  Reverse proxy
- B.
  
  Forward proxy
- C.
  
  Application proxy
- D.
  
  Software-based proxy
61.

What type of proxy must be run because of an attacker's potential to exploit an operating system?
- A.
  
  Reverse proxy
- B.
  
  Forward proxy
- C.
  
  Application proxy
- D.
  
  Software-based proxy
62.

The vulnerabilities of voice and data converged networks were highlighted in a report released by the
- A.
  
  President's National Security Telecommunications Advisory Committee
- B.
  
  Air Force Information Warfare Battlelab
- C.
  
  Air Force Network Integration Center
- D.
  
  Cryptographic Systems Group
63.

Who owns the Enterprise Telephony Management system?
- A.
  
  Unix
- B.
  
  McAfee
- C.
  
  Microsoft
- D.
  
  SecureLogix
64.

During the initial research for voice system security, who recognized that the most common security threats could be addressed by voice protection systems (VPS)?
- A.
  
  President's National Security Telecommunications Advisory Committee
- B.
  
  The Air Force Information Warfare Battlelab
- C.
  
  The Air Force Network Integration Center
- D.
  
  The Cryptographic Systems Group
65.

All of the following are characteristics and capabilities of a Voice Protection System (VPS) except
- A.
  
  Securing communications
- B.
  
  Enabling of real-time event notifications
- C.
  
  Centralizing yet distributing management
- D.
  
  Detecting and blocking all inbound and outbound modem connections
66.

Which Voice Protection System (VPS) application provides allows you to view real-time monitoring and policy processing, view system diagnostics, and the VPS rules-based policy applications?
- A.
  
  Performance Manager
- B.
  
  Directory Manager
- C.
  
  System Console
- D.
  
  Usage Manager
67.

Which Voice Protection System (VPS) application generates reports of VPS system activity, policy processing, telecom cost accounting, and resource utilization?
- A.
  
  Performance Manager
- B.
  
  Directory Manager
- C.
  
  System Console
- D.
  
  Usage Manager
68.

All of the following are Voice Protection System (VPS) policy types except
- A.
  
  Intrusion Protection System (IPS)
- B.
  
  Voice
- C.
  
  Firewall
- D.
  
  Recording
69.

Voice Protection System (VPS) reports provides full-service reporting package that enables you to do all the following except
- A.
  
  View telecom resource use
- B.
  
  Track phone network usage
- C.
  
  Provide conversation transcripts
- D.
  
  Report on service performance and call quality
70.

Which Voice Protection System (VPS) tree pane contains predefined Report Templates, Elements, and Date Ranges provided with your system?
- A.
  
  User
- B.
  
  PUBLIC
- C.
  
  SecureLogix
- D.
  
  Administrators

Back to top