3D053 Vol's 1,2, And 3

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By CommV1
C
CommV1
Community Contributor
Quizzes Created: 3 | Total Attempts: 4,095
| Attempts: 256
SettingsSettings
Please wait...
  • 1/202 Questions

    In which network does every device have exactly two neighbors?

    • Ring
    • Tree
    • Star
    • Bus
Please wait...
Cybersecurity Quizzes & Trivia
About This Quiz

This quiz, titled '3D053 Vol's 1,2, and 3', assesses knowledge in cybersecurity, network technologies, and safety protocols. It covers operational risk management, lethal currents, VPN usage, and network types, essential for professionals in information security and IT.


Quiz Preview

  • 2. 

    By providing users with the necessary level of access to perform their jobs, you are

    • Monitoring network traffic

    • Using the least privilege principle

    • Using a bidirectional firewall

    • Stopping peer-to-peer sharing

    Correct Answer
    A. Using the least privilege principle
    Explanation
    By providing users with the necessary level of access to perform their jobs, you are implementing the least privilege principle. This principle states that users should only be given the minimum level of access required to carry out their tasks, reducing the risk of unauthorized access and potential damage. This practice helps to enhance security and minimize the potential impact of any security breaches or insider threats.

    Rate this question:

  • 3. 

    The disadvantage of a network-based intrusion detection system  (NIDS) is that it

    • Cannot analyze encrypted packets because it has no method for decrypting the data

    • Monitors log files for inadvisable settings or passwords

    • Monitors traffic on the network on which it is installed

    • Consumes very few network resources

    Correct Answer
    A. Cannot analyze encrypted packets because it has no method for decrypting the data
    Explanation
    A network-based intrusion detection system (NIDS) is designed to monitor network traffic and detect any suspicious or malicious activity. One of the disadvantages of NIDS is that it cannot analyze encrypted packets because it lacks the capability to decrypt the data. Encryption is used to protect sensitive information during transmission, and without the ability to decrypt the packets, the NIDS cannot inspect the contents and identify any potential threats or attacks. This limitation makes it difficult for the NIDS to effectively detect and respond to encrypted network traffic, leaving a potential blind spot in the network security.

    Rate this question:

  • 4. 

    Which port range constitutes well-known ports?

    • 0-1023

    • 1024-23535

    • 23536-49151

    • 49152-65535

    Correct Answer
    A. 0-1023
    Explanation
    The well-known ports range from 0 to 1023. These ports are reserved for specific services and protocols that are commonly used and recognized by the majority of network applications. They are assigned by the Internet Assigned Numbers Authority (IANA) to ensure consistency and prevent conflicts between different applications.

    Rate this question:

  • 5. 

    What is the risk outcome that results in the physical loss of assets rendering them inoperable and usually requiring replacement?

    • Denial of service

    • Modification

    • Destruction

    • Disclosure

    Correct Answer
    A. Destruction
    Explanation
    Destruction is the risk outcome that results in the physical loss of assets rendering them inoperable and usually requiring replacement. This means that the assets are completely damaged or destroyed, making them unusable and necessitating the need for new assets to replace them. Denial of service refers to the interruption of access or availability of a service. Modification refers to unauthorized changes made to data or systems. Disclosure refers to the unauthorized release of sensitive information.

    Rate this question:

  • 6. 

    Air Force information systems must complete the information technology (IT)  Lean process to obtain an approval to operate unless these systems have been designated as a

    • SPACE and SAP/SAR

    • Major command

    • Department of the Air Force

    • Department of Defense

    Correct Answer
    A. SPACE and SAP/SAR
    Explanation
    Air Force information systems must complete the IT Lean process to obtain an approval to operate unless they have been designated as SPACE and SAP/SAR. This means that if the systems have been designated as SPACE and SAP/SAR, they do not need to go through the IT Lean process for approval to operate. The SPACE designation refers to systems related to space operations, while SAP/SAR refers to systems that handle sensitive compartmented information.

    Rate this question:

  • 7. 

    Integration of the capabilities of personnel, operations, and technology, and the evolution to network centric warfare best describes what concept?

    • Firewalls

    • Information condition (INFOCON)

    • Security tools

    • Defense in depth

    Correct Answer
    A. Defense in depth
    Explanation
    Defense in depth is a concept that involves the integration of personnel, operations, and technology in order to enhance security and protect against potential threats. This approach recognizes that no single security measure is enough to ensure complete protection, and therefore multiple layers of defense are implemented. By combining various strategies and tools, such as firewalls, information condition (INFOCON), and security tools, a comprehensive defense system can be established. The concept of defense in depth emphasizes the need for a holistic and multi-faceted approach to security, ensuring that vulnerabilities are minimized and potential attacks are mitigated effectively.

    Rate this question:

  • 8. 

    The information assurance assessment and assistance program (IAAP) team consists of personnel experienced in all the following  Air Force specialties except

    • Security forces

    • Information systems

    • Information assurance

    • Base information infrastructures

    Correct Answer
    A. Security forces
    Explanation
    The IAAP team consists of personnel experienced in all Air Force specialties except security forces. This means that the team includes individuals who have expertise in information systems, information assurance, and base information infrastructures. However, security forces personnel are not part of the IAAP team. They may have a different role within the Air Force, such as ensuring the physical security of installations and personnel.

    Rate this question:

  • 9. 

    What items should never be stored in the same container with COMSEC material?

    • High theft items

    • Cryptographic maintenance manuals

    • Unkeyed classified COMSEC equipment

    • Cryptographic access program (CAP) documentation

    Correct Answer
    A. High theft items
    Explanation
    High theft items should never be stored in the same container with COMSEC material because they pose a risk of being stolen. COMSEC material refers to sensitive information and equipment used for secure communication, and it is crucial to protect it from unauthorized access or theft. Storing high theft items with COMSEC material increases the chances of theft and compromises the security and confidentiality of the communication.

    Rate this question:

  • 10. 

    Which type of security clearance is not valid for personnel on a communications security (COMSEC) access list?

    • A final security clearance

    • An interim security clearance

    • A clearance equal to the COMSEC being accessed

    • A clearance higher than the COMSEC being accessed

    Correct Answer
    A. An interim security clearance
    Explanation
    An interim security clearance is not valid for personnel on a communications security (COMSEC) access list. Interim security clearances are temporary clearances granted to individuals while their full background checks and investigations are still ongoing. These clearances are typically granted on a provisional basis and are subject to further evaluation and review. Therefore, individuals with only an interim security clearance would not be authorized to access COMSEC materials, as they have not yet completed the necessary vetting process.

    Rate this question:

  • 11. 

    Changes that must be made to material in communication security (COMSEC) publications are called

    • Modifications

    • Amendments

    • Corrections

    • Updates

    Correct Answer
    A. Amendments
    Explanation
    Amendments are changes that must be made to material in communication security (COMSEC) publications. They are used to update and modify the content of these publications to ensure accuracy and relevance. Corrections, on the other hand, refer to fixing errors or mistakes in the material. Updates can also be considered as changes, but amendments specifically imply modifications to the existing content. Therefore, amendments are the most appropriate term to describe the changes made to COMSEC publications.

    Rate this question:

  • 12. 

    When transproting bulky communication security (COMSEC) material through arilines, you may leave COMSEC material unattended

    • Under no circumstances

    • When it is in a baggage area

    • When it is loaded on a cargo dock

    • When it is passed on to authorized airport personnel

    Correct Answer
    A. Under no circumstances
    Explanation
    COMSEC material is highly sensitive and valuable, and leaving it unattended can pose a significant security risk. Regardless of the situation or location, it is crucial to never leave COMSEC material unattended under any circumstances. This ensures that the material remains secure and protected from unauthorized access or potential theft.

    Rate this question:

  • 13. 

    Which bound media has a core surrounded by cladding and a second layer surrounded by glass or plastic?

    • WiFi

    • Coaxial

    • Fiber Optic

    • Twisted pair

    Correct Answer
    A. Fiber Optic
    Explanation
    Fiber optic is the correct answer because it is a bound media that consists of a core surrounded by cladding and a second layer surrounded by glass or plastic. This design allows for the transmission of data through the core using light signals, providing high-speed and long-distance communication capabilities.

    Rate this question:

  • 14. 

    Which protocol has the job of verifiying the correct delivery of data from client to server?

    • Dynamic host configuration protocol (DHCP)

    • Transmission control protocol (TCP)

    • Hypertext transfer protocol (HTTP)

    • Internet protocol (IP)

    Correct Answer
    A. Transmission control protocol (TCP)
    Explanation
    TCP is responsible for ensuring the reliable delivery of data from the client to the server. It uses a series of acknowledgments and retransmissions to verify that the data has been successfully received. DHCP is used for assigning IP addresses to devices on a network. HTTP is a protocol for transmitting hypertext over the internet. IP is responsible for routing packets of data between networks.

    Rate this question:

  • 15. 

    Which protocol is an Internet Engineering Task Force (IETF) standard designed to reduce the administration burden and complexity of configuring hosts on a TCP/IP-base network?

    • Internet Protocol (IP)

    • Hypertext transfer protocol (HTTP)

    • Transmission control protocol (TCP)

    • Dynamic host configuration protocol (DHCP)

    Correct Answer
    A. Dynamic host configuration protocol (DHCP)
    Explanation
    The Dynamic Host Configuration Protocol (DHCP) is an IETF standard that simplifies the process of configuring hosts on a TCP/IP-based network. It reduces the administration burden and complexity by automatically assigning IP addresses, subnet masks, default gateways, and other network configuration parameters to hosts. This eliminates the need for manual configuration and makes it easier to manage and maintain a network.

    Rate this question:

  • 16. 

    With what agency must the contract manager validate a contractor employee's need to obtain a government PKI certificate?

    • Wing

    • Air Force

    • Department of Defense

    • Local Registration Authority/Trusted Agent (LRA/TA)

    Correct Answer
    A. Local Registration Authority/Trusted Agent (LRA/TA)
    Explanation
    The contract manager must validate a contractor employee's need to obtain a government PKI certificate with the Local Registration Authority/Trusted Agent (LRA/TA). This agency is responsible for managing the registration and issuance of PKI certificates, ensuring that only authorized individuals receive them. The LRA/TA acts as a trusted intermediary between the contractor employee and the government, verifying the employee's need for the certificate and ensuring that they meet the necessary requirements to obtain one. This validation process helps maintain the security and integrity of the PKI system.

    Rate this question:

  • 17. 

    The disadvantage of a host-based intrusion detection system (HIDS) is that it

    • Can analyze any encrypted data if it is decrypted before reaching the target host

    • Consumes resources on the host resides on and slows the device down

    • Monitors log files for inadvisable settings or passwords

    • Monitors traffic on the host which it is installed

    Correct Answer
    A. Consumes resources on the host resides on and slows the device down
    Explanation
    A host-based intrusion detection system (HIDS) consumes resources on the host it resides on and slows the device down. This is a disadvantage because it can impact the performance and efficiency of the host system. The resources used by the HIDS, such as CPU and memory, are diverted from other critical tasks, potentially causing delays or disruptions in the normal functioning of the host. As a result, the overall speed and responsiveness of the device may be compromised.

    Rate this question:

  • 18. 

    What was the previous name for what is now called the McAfee Firewall Enterprise?

    • Sidewinder

    • Death Star

    • Blue Coat

    • Viper

    Correct Answer
    A. Sidewinder
    Explanation
    The previous name for what is now called the McAfee Firewall Enterprise was Sidewinder.

    Rate this question:

  • 19. 

    Which firewall management interface menu option views the association between MAC addresses on the firewall and its corresponding internet protocol (IP) address?

    • Address Resolution Protocol (ARP)

    • Getroute

    • Ping host

    • Traceroute

    Correct Answer
    A. Address Resolution Protocol (ARP)
    Explanation
    The correct answer is Address Resolution Protocol (ARP). ARP is a protocol used to map an IP address to a physical MAC address on a local network. In the context of firewall management, the ARP table can be accessed through the firewall management interface menu option to view the association between MAC addresses and their corresponding IP addresses. This information is important for network troubleshooting and security purposes.

    Rate this question:

  • 20. 

    Which WiFi standard is the slowest yet least expensive?

    • 802.11a

    • 802.11b

    • 802.11g

    • 802.11n

    Correct Answer
    A. 802.11b
    Explanation
    802.11b is the slowest yet least expensive WiFi standard. It operates at a maximum speed of 11 Mbps, which is slower compared to the other options. However, it is also the least expensive option as it is an older standard and has been surpassed by newer and faster options.

    Rate this question:

  • 21. 

    What is the term for any equipment or area in which classified information is processed?

    • TEMPEST

    • Black

    • EMSEC

    • RED

    Correct Answer
    A. RED
    Explanation
    The term "RED" is used to refer to any equipment or area where classified information is processed. This term is commonly used in the field of information security and is associated with the highest level of security clearance. The other options mentioned, such as TEMPEST, Black, and EMSEC, are not directly related to the processing of classified information.

    Rate this question:

  • 22. 

    A protective distribution system (PDS) is usually installed between two

    • Controlled access areas(CAA)

    • Limited-control area (LCA)

    • Uncontrolled access areas (UAA)

    • Wing information assurance offices (WIAO)

    Correct Answer
    A. Controlled access areas(CAA)
    Explanation
    A protective distribution system (PDS) is usually installed between two controlled access areas (CAA) because a PDS is designed to provide secure communication and data transmission between two or more controlled access areas. It ensures that sensitive information is protected and only accessible to authorized individuals within the CAA. By installing a PDS between two CAA, the security and integrity of the information being transmitted can be maintained, preventing unauthorized access or interception.

    Rate this question:

  • 23. 

    What is the risk outcome the results in the loss of services provided by the operation of an information system (IS) for a period of time?

    • Denial of service

    • Modification

    • Destruction

    • Disclosure

    Correct Answer
    A. Denial of service
    Explanation
    The risk outcome that results in the loss of services provided by the operation of an information system for a period of time is denial of service. This refers to an intentional or unintentional interruption or degradation of services, making the system inaccessible to its intended users. This can be caused by various factors such as network congestion, hardware or software failures, or malicious attacks.

    Rate this question:

  • 24. 

    What is the default read community string of a simple network management protocol (SNMP) agent?

    • Private

    • Public

    • Secure

    • Unsecure

    Correct Answer
    A. Public
    Explanation
    The default read community string of a Simple Network Management Protocol (SNMP) agent is "Public". The read community string is used to authenticate and allow read-only access to SNMP devices. It is a commonly used default value that allows users to access basic information from SNMP agents without authentication. However, it is recommended to change the default community string to a more secure and unique value to prevent unauthorized access to SNMP devices.

    Rate this question:

  • 25. 

    Restricting what traffic travels in and out of the network best describes what concept?

    • Firewalls

    • Internet Security Scanner

    • Security tools

    • Defense in depth

    Correct Answer
    A. Firewalls
    Explanation
    Firewalls are security devices that monitor and control the traffic traveling in and out of a network. They act as a barrier between the internal network and the external network, allowing only authorized traffic to pass through while blocking unauthorized access. By restricting what traffic is allowed to enter or leave the network, firewalls enhance the network's security and protect against potential threats and attacks. Therefore, the concept that best describes this restriction of traffic is firewalls.

    Rate this question:

  • 26. 

    As part of a two-person control (TCP) team, you must be designated to handle communication security (COMSEC) material under the

    • Personnel reliability program (PRP)

    • Sealed authenticator systems (SAS)

    • Permissive action link (PAL)

    • Coded switch system (CSS)

    Correct Answer
    A. Personnel reliability program (PRP)
    Explanation
    The correct answer is personnel reliability program (PRP). The personnel reliability program (PRP) is a program that ensures individuals who have access to communication security (COMSEC) material are reliable and trustworthy. This program includes background checks, regular evaluations, and ongoing monitoring to ensure the security of sensitive information. Being designated to handle COMSEC material under the PRP means that the individual has met the necessary requirements and has been deemed trustworthy to handle such material.

    Rate this question:

  • 27. 

    What minimum milli-ampere current can be lethal?

    • 100

    • 75

    • 50

    • 25

    Correct Answer
    A. 50
    Explanation
    A minimum milli-ampere current of 50 can be lethal because it is sufficient to disrupt the normal functioning of the human body. At this level of current, it can interfere with the electrical signals in the heart, causing arrhythmias and potentially leading to cardiac arrest. Additionally, it can also cause severe burns and damage to internal organs. Therefore, any current above 50 milli-amperes can be extremely dangerous and potentially fatal.

    Rate this question:

  • 28. 

    As the migration to internet protocol (IP)  V6 continues, many organizations rely upon what to compensate for the lack of usable IP addresses?

    • Prefixing

    • Subnetting

    • Transition Technology

    • Classless Inter-Domain Routing

    Correct Answer
    A. Subnetting
    Explanation
    As the migration to internet protocol (IP) V6 continues, many organizations rely upon subnetting to compensate for the lack of usable IP addresses. Subnetting allows for the division of a network into smaller subnetworks, enabling more efficient use of IP addresses. By dividing the network into smaller subnets, organizations can allocate IP addresses more effectively and reduce wastage. Subnetting also helps with network management and allows for better organization and control of network resources.

    Rate this question:

  • 29. 

    Setting up a secure point-to-point communication is called

    • Dual stack

    • Dual layer

    • Tunneling

    • Peer-to-peer

    Correct Answer
    A. Tunneling
    Explanation
    Tunneling is the process of encapsulating one network protocol within another network protocol to create a secure point-to-point communication. This allows data to be transmitted securely over an untrusted network, such as the internet. Tunneling establishes a virtual tunnel between two endpoints, encrypting the data and protecting it from unauthorized access. It is commonly used in VPNs (Virtual Private Networks) to provide secure remote access to a private network.

    Rate this question:

  • 30. 

    When network password composition rules are not automatically enforce, what process should network administrators use to enforce good password stringency?

    • Cracking

    • Evaluation

    • Identification

    • Authentication

    Correct Answer
    A. Cracking
    Explanation
    When network password composition rules are not automatically enforced, network administrators should use the process of "cracking" to enforce good password stringency. Cracking refers to the act of attempting to break or guess passwords by using various techniques such as brute-force attacks, dictionary attacks, or rainbow table attacks. By actively trying to crack passwords, network administrators can identify weak passwords and enforce stronger password policies to enhance the security of the network.

    Rate this question:

  • 31. 

    Which Air Force Instruction (AFI) guides security policy and guidance for government contractors?

    • AFI 33-332, Privacy Act Program

    • AFI 31-401, Information Security Program Management

    • AFI 31-501, Personnel Security Program Management

    • AFI 31-601, Industial Security Program Management

    Correct Answer
    A. AFI 31-601, Industial Security Program Management
    Explanation
    AFI 31-601, Industrial Security Program Management, is the correct answer because it specifically focuses on security policy and guidance for government contractors. This instruction provides guidance on the management and implementation of industrial security programs, which includes safeguarding classified information and ensuring compliance with security regulations. It outlines the responsibilities of government contractors and provides procedures for conducting security assessments and investigations. Therefore, AFI 31-601 is the appropriate instruction to consult for security policy and guidance for government contractors.

    Rate this question:

  • 32. 

    What of access is given to users who perform troubleshooting, configuration changes, or system reviews?

    • Limited (general)

    • Administrative

    • Remote user

    • End-user

    Correct Answer
    A. Administrative
    Explanation
    Users who perform troubleshooting, configuration changes, or system reviews are given administrative access. This level of access allows them to have full control and authority over the system, enabling them to make necessary changes and modifications to troubleshoot issues, configure settings, and review the system thoroughly. Administrative access is typically granted to IT professionals or system administrators who are responsible for managing and maintaining the system.

    Rate this question:

  • 33. 

    A companion file virus is one that

    • Writes itself before the original file.

    • Writes itself to the end of the original file.

    • Writes itself between file sections of 32-bit file.

    • Renames the orginal file and writes itself with the orginal file's name.

    Correct Answer
    A. Renames the orginal file and writes itself with the orginal file's name.
    Explanation
    A companion file virus is a type of virus that renames the original file and then writes itself with the original file's name. This means that the virus disguises itself as the original file, making it harder to detect and remove. By renaming the file and taking on its identity, the virus can easily spread and infect other systems without raising suspicion.

    Rate this question:

  • 34. 

    To virus-protect your system, make sure you perform all the following steps except

    • Log off your computer daily

    • Install the latest service packs

    • Update your anti-virus software

    • Watch for files with .exe, .com, .bat, and .scr attachments

    Correct Answer
    A. Log off your computer daily
    Explanation
    Logging off your computer daily does not directly contribute to virus protection. While it is generally a good practice to log off or shut down your computer when not in use, it does not specifically protect your system from viruses. The other three options - installing the latest service packs, updating anti-virus software, and being cautious of certain file attachments - are all proactive measures that can help protect your system from viruses.

    Rate this question:

  • 35. 

    What should be implemented on desktop systems connected to critical networks to prevent unauthorized people from gaining control of the system when the system is powered up?

    • War-dialing

    • BIOS password

    • Time-out feature

    • Secure network location

    Correct Answer
    A. BIOS password
    Explanation
    A BIOS password should be implemented on desktop systems connected to critical networks to prevent unauthorized people from gaining control of the system when it is powered up. This is because a BIOS password is a security measure that requires users to enter a password before they can access the system's BIOS settings or boot from external devices. By setting a BIOS password, it adds an extra layer of protection and prevents unauthorized individuals from tampering with the system's configuration or gaining control over it.

    Rate this question:

  • 36. 

    Within how many minutes should an individual respond if a protective distribution system (PDS) alarm is activated?

    • 15

    • 30

    • 45

    • 60

    Correct Answer
    A. 15
    Explanation
    An individual should respond within 15 minutes if a protective distribution system (PDS) alarm is activated. This is important to ensure prompt action is taken to address any potential issues or threats to the system's integrity. A quick response time can help prevent further damage or disruptions to the distribution system and minimize any potential risks or hazards.

    Rate this question:

  • 37. 

    To limit the risks associated with using simple network management protocols (SNMP),

    • Use access control lists on SNMP agents to accept SNMP messages from all SNMP managers

    • Keep devices requiring SNMP together with those that do not through VLANs

    • Disable all SNMP devices/services if not required

    • Enable the set community strings if possible

    Correct Answer
    A. Disable all SNMP devices/services if not required
    Explanation
    Disabling all SNMP devices/services if not required is the best way to limit the risks associated with using SNMP. By disabling SNMP, potential vulnerabilities and attack vectors are eliminated, reducing the chances of unauthorized access or exploitation. This ensures that only necessary SNMP devices/services are enabled, minimizing the potential for security breaches and protecting the network from potential threats.

    Rate this question:

  • 38. 

    Which of the following are considered long term communications security (COMSEC) key storage devices?

    • KYK-13

    • KYX-15

    • Simple key loader (SKL)

    • Communications security physical inventory (CPI)

    Correct Answer
    A. Simple key loader (SKL)
    Explanation
    The Simple Key Loader (SKL) is considered a long term communications security (COMSEC) key storage device. It is used to securely load cryptographic keys into communication devices such as radios and encryption devices. The SKL ensures the confidentiality and integrity of the keys during storage and transfer, making it an essential tool for maintaining secure communications over an extended period of time. The other options listed, KYK-13, KYX-15, and Communications Security Physical Inventory (CPI), do not specifically function as long term key storage devices.

    Rate this question:

  • 39. 

    How long should a communication security (COMSEC) inventory form be retained?

    • Current month only

    • Past six months only

    • Past six months plus the current month

    • Based upon local guidance at each installation

    Correct Answer
    A. Past six months plus the current month
    Explanation
    The correct answer is "Past six months plus the current month". This means that a communication security (COMSEC) inventory form should be retained for a period of six months, along with the current month. This ensures that there is a record of the inventory for the most recent six months, allowing for easy reference and tracking of communication security materials. It is important to retain these forms for a specific period of time to maintain accountability and security.

    Rate this question:

  • 40. 

    Which network integrates multiple topologies?

    • Bus

    • Star

    • Tree

    • Ring

    Correct Answer
    A. Tree
    Explanation
    A tree network integrates multiple topologies by connecting multiple star networks together in a hierarchical structure. In a tree network, a main backbone or root node connects to multiple secondary nodes, which in turn connect to more nodes. This hierarchical arrangement allows for the integration of multiple star networks, creating a larger and more complex network. The tree network topology is commonly used in wide area networks (WANs) and is known for its scalability and ability to handle large amounts of traffic.

    Rate this question:

  • 41. 

    Who is responsible for verifying proper security clearances and background investigation  checks prior  to granting a network user access to the Air Force Provisioned Portion of the Global Information Grid (AF GIG)?

    • Information assurance officer (IAO) only

    • IAO and security manager.

    • Have met investigative requirements

    • Have satisfied network access requirements.

    Correct Answer
    A. IAO and security manager.
    Explanation
    The correct answer is IAO and security manager. The responsibility of verifying proper security clearances and background investigation checks lies with both the Information Assurance Officer (IAO) and the security manager. They work together to ensure that network users have met investigative requirements and have satisfied network access requirements before granting them access to the Air Force Provisioned Portion of the Global Information Grid (AF GIG).

    Rate this question:

  • 42. 

    When vulnerabilities are discovered within the Window operating system and its other products, Microsoft releases

    • Notices

    • Postings

    • Bulletins

    • Announcements

    Correct Answer
    A. Bulletins
    Explanation
    Microsoft releases bulletins when vulnerabilities are discovered within the Windows operating system and its other products. Bulletins are a common method used by Microsoft to inform users about security vulnerabilities and provide guidance on how to mitigate them. These bulletins typically include information about the vulnerability, its severity, and steps to take to protect against potential attacks. They serve as important resources for users to stay informed and take necessary actions to secure their systems.

    Rate this question:

  • 43. 

    A program that contains or installs a malicious program is called a

    • Boot sector virus

    • Worm program

    • Trojan horse

    • Macro virus

    Correct Answer
    A. Trojan horse
    Explanation
    A trojan horse is a program that appears to be legitimate but actually contains or installs a malicious program. It tricks users into thinking it is harmless and gains their trust, allowing it to infiltrate their system and carry out harmful actions without their knowledge. Unlike viruses or worms, trojan horses do not self-replicate, but they can still cause significant damage by stealing sensitive information, giving unauthorized access to the system, or causing other malicious activities.

    Rate this question:

  • 44. 

    What is the lowest level of information condition (INFOCON)?

    • 1

    • 2

    • 5

    • A

    Correct Answer
    A. 5
    Explanation
    The lowest level of information condition (INFOCON) is 5. This level indicates that there is no current threat to information systems and no special security measures are required. It signifies a normal operating condition where information systems are functioning normally and are not under any known or imminent attack.

    Rate this question:

  • 45. 

    Who has the authority to impose restrictions upon, and prohibit the use of, government owned removable information systems storage media for classified systems or networks?

    • Major command

    • Wing commander

    • Designated approving authority

    • Officer in charge

    Correct Answer
    A. Designated approving authority
    Explanation
    The designated approving authority has the authority to impose restrictions upon and prohibit the use of government-owned removable information systems storage media for classified systems or networks. This individual is responsible for approving and authorizing the use of such media, ensuring that proper security measures are in place, and making decisions regarding restrictions and prohibitions to safeguard classified information.

    Rate this question:

  • 46. 

    You can implement all of the following security features to help define our internet protocol (IP) telephony systems from attackers except

    • Consolidating your voice with your data using virtual local area network (VLAN)

    • Enabling access control lists (ACL) on firewalls, routers, an switches.

    • Deploying protection from dynamic host configuration protocol (DHCP) spoofing

    • Enabling port security access to only allow the required devices needed by the client.

    Correct Answer
    A. Consolidating your voice with your data using virtual local area network (VLAN)
    Explanation
    Consolidating voice with data using a virtual local area network (VLAN) is not a security feature that helps defend IP telephony systems from attackers. VLANs are used to segregate network traffic and improve network performance, but they do not provide any specific security measures. The other options mentioned, such as enabling access control lists (ACLs), deploying protection from DHCP spoofing, and enabling port security access, are all security features that can protect IP telephony systems from attackers.

    Rate this question:

  • 47. 

    Voice Protection System (VPS) reports provides full-service reporting package that enables you to do all the following except

    • View telecom resource use

    • Track phone network usage

    • Provide conversation transcripts

    • Report on service performance and call quality

    Correct Answer
    A. Provide conversation transcripts
    Explanation
    The Voice Protection System (VPS) reports offer a comprehensive reporting package that allows users to view telecom resource use, track phone network usage, and report on service performance and call quality. However, it does not provide conversation transcripts.

    Rate this question:

  • 48. 

    Who requires that the communications security account manager (CAM) be formally trained to certify the training of local management device/key processor (LMD/KP) platform users?

    • Federal Aviation Administration (FAA)

    • Cryptologic Systems Group (CPSG)

    • Nation Security Agency (NSA)

    • Major Command (MAJCOM)

    Correct Answer
    A. Nation Security Agency (NSA)
    Explanation
    The Nation Security Agency (NSA) requires that the communications security account manager (CAM) be formally trained to certify the training of local management device/key processor (LMD/KP) platform users. This means that the NSA has specific standards and requirements for the CAM to ensure that they are qualified and capable of certifying the training of LMD/KP platform users.

    Rate this question:

  • 49. 

    The communication security physical inventory (CPI) will include all of the following â€‹except

    • Accounting legend code (ALC)

    • Edition

    • Quantity

    • Short title

    Correct Answer
    A. Accounting legend code (ALC)
    Explanation
    The communication security physical inventory (CPI) is a process that involves taking stock of all communication security materials and equipment. This inventory includes items such as editions, quantities, and short titles of the materials. However, the accounting legend code (ALC) is not included in the CPI. The ALC is a code used for accounting purposes and is not directly related to the physical inventory of communication security materials.

    Rate this question:

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Jul 27, 2012
    Quiz Created by
    CommV1
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.