The Cyber T hec The Cyber Surety journeyman monitors all of the following programs except

communications security (COMSEC)

What is the fourth step in the operational risk management (ORM) process?

Make decisions based on overall cost versus benefit.

Develop and apply implementation strategies.

Make decisions based on overall cost versus benefit.

Analyze control and implement strategies to reduce or eliminate risk.

Which type of network typically provides wireless broadband data services?

Wireless wide area network (WWAN)

Wireless metropolitan area network (WMAN)

Wireless wide area network (WWAN)

Wireless local area network (WLAN)

To use VPN products, obtain interim approval from?

Services and Integration Division (SAF/XC)

AFNIC Network Infrastructure Flight (ECN)

AFNIC Architecture and Analysis Flight (EAC)

Air Force Virtual Privet Network (AF VPN)

Services and Integration Division (SAF/XC)

Which protocol has the job of verifiying the correct delivery of data from client to server?

Transmission control protocol (TCP)

Dynamic host configuration protocol (DHCP)

Transmission control protocol (TCP)

Hypertext transfer protocol (HTTP)

Which protocol is an Internet Engineering Task Force (IETF) standard designed to reduce the administration burden and complexity of configuring hosts on a TCP/IP-base network?

Dynamic host configuration protocol (DHCP)

Hypertext transfer protocol (HTTP)

Transmission control protocol (TCP)

Dynamic host configuration protocol (DHCP)

Networked resources must be consistently monitored and controlled to ensure access to the network while

minimizing risks posed by various cyberspace threats.

keeping complete and accurate documentation for all configuration changes.

minimizing risks posed by various cyberspace threats.

creating continuity throughout the network.

installing all applicable security patches.

To make it possible for replacement administrators to accomplish the same tasks as their predecessor, administrators must be in the habit of

keeping complete and accurate documentation for all configuration changes.

minimizing risks posed by various cyberspace threats.

creating continuity throughout the network.

installing all applicable security patches.

When coupled with standardized network policy, the standard desktop configuration (SDC) substantially

reduces the number of network users with administrative privileges.

achieves near end-to-end command and control capability.

guards against the insider threat.

With the consolidation of the several Network Operations and Security Centers (NOSC), the Air Force

achieves near end-to-end command and control capability.

reduce the number of network users with administrative privileges.

achieves near end-to-end command and control capability.

guard against the insider threat.

Which wireless standard originally intended to create a wireless security platform that would perform as securely as a traditional wired network by providing data encryption?

Wired equivalency privacy (WEP)

Wireless local area network (WLAN)

Wireless wide area network (WWAN)

Wired equivalency privacy (WEP)

Who is responsible for verifying proper security clearances and background investigation checks prior to granting a network user access to the Air Force Provisioned Portion of the Global Information Grid (AF GIG)?

Information assurance officer (IAO) only

have met investigative requirements

have satisfied network access requirements.

Initial information assurance (IA) awareness training for all network users ensures all of the following except the users

have met investigative requirements.

are trained on network security.

have met investigative requirements.

have satisfied network access requirements.

3D053 Vol's 1,2, And 3

Approved & Edited by ProProfs Editorial Team

At ProProfs Quizzes, our dedicated in-house team of experts takes pride in their work. With a sharp eye for detail, they meticulously review each quiz. This ensures that every quiz, taken by over 100 million users, meets our standards of accuracy, clarity, and engagement.

Learn about Our Editorial Process

| Written by CommV1

CommV1

Community Contributor

Quizzes Created: 3 | Total Attempts: 4,095

Questions: 202 | Attempts: 256 | Updated: Mar 21, 2023

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

All three volumes. Enjoy!

Questions and Answers

1.

The Cyber T hec The Cyber Surety journeyman monitors all of the following programs except
- A.
  
  Emission security (EMSEC)
- B.
  
  Information security (INFOSEC)
- C.
  
  Computer security (COMPUSEC)
- D.
  
  Communications security (COMSEC)
Correct Answer
B. Information security (INFOSEC)

Explanation
The Cyber Surety journeyman is responsible for monitoring and ensuring the security of various programs. These programs include emission security (EMSEC), computer security (COMPUSEC), and communications security (COMSEC). However, the journeyman does not monitor information security (INFOSEC) as part of their role.

Rate this question:
2.

What is the fourth step in the operational risk management (ORM) process?
- A.
  
  Supervise and review
- B.
  
  Develop and apply implementation strategies.
- C.
  
  Make decisions based on overall cost versus benefit.
- D.
  
  Analyze control and implement strategies to reduce or eliminate risk.
Correct Answer
C. Make decisions based on overall cost versus benefit.

Explanation
The fourth step in the operational risk management (ORM) process is to make decisions based on overall cost versus benefit. This step involves evaluating the potential costs and benefits of different risk mitigation strategies and selecting the most appropriate one. By considering the overall cost versus benefit, organizations can make informed decisions that balance the need for risk reduction with the resources available. This step ensures that risk management efforts are cost-effective and aligned with the organization's goals and objectives.

Rate this question:
3.

What minimum milli-ampere current can be lethal?
- A.
  
  100
- B.
  
  75
- C.
  
  50
- D.
  
  25
Correct Answer
C. 50

Explanation
A minimum milli-ampere current of 50 can be lethal because it is sufficient to disrupt the normal functioning of the human body. At this level of current, it can interfere with the electrical signals in the heart, causing arrhythmias and potentially leading to cardiac arrest. Additionally, it can also cause severe burns and damage to internal organs. Therefore, any current above 50 milli-amperes can be extremely dangerous and potentially fatal.

Rate this question:
4.

Which type of network typically provides wireless broadband data services?
- A.
  
  Wireless metropolitan area network (WMAN)
- B.
  
  Wireless wide area network (WWAN)
- C.
  
  Wireless local area network (WLAN)
- D.
  
  Global network
Correct Answer
B. Wireless wide area network (WWAN)

Explanation
A wireless wide area network (WWAN) is a type of network that typically provides wireless broadband data services. WWANs are designed to cover large areas, such as cities or even entire countries, and provide internet connectivity to devices over a wide geographic area. This makes WWANs suitable for providing wireless broadband data services to users who are on the move or located in remote areas where other types of networks may not be available or practical.

Rate this question:
5.

To use VPN products, obtain interim approval from?
- A.
  
  AFNIC Network Infrastructure Flight (ECN)
- B.
  
  AFNIC Architecture and Analysis Flight (EAC)
- C.
  
  Air Force Virtual Privet Network (AF VPN)
- D.
  
  Services and Integration Division (SAF/XC)
Correct Answer
D. Services and Integration Division (SAF/XC)

Explanation
To use VPN products, interim approval needs to be obtained from the Services and Integration Division (SAF/XC). This division is responsible for overseeing the integration of services within the Air Force and ensuring compliance with regulations and policies. They have the authority to grant approval for the use of VPN products, ensuring that they meet the necessary security requirements and align with the overall network infrastructure of the Air Force.

Rate this question:
6.

Which bound media has a core surrounded by cladding and a second layer surrounded by glass or plastic?
- A.
  
  WiFi
- B.
  
  Coaxial
- C.
  
  Fiber Optic
- D.
  
  Twisted pair
Correct Answer
C. Fiber Optic

Explanation
Fiber optic is the correct answer because it is a bound media that consists of a core surrounded by cladding and a second layer surrounded by glass or plastic. This design allows for the transmission of data through the core using light signals, providing high-speed and long-distance communication capabilities.

Rate this question:
7.

In which network does every device have exactly two neighbors?
- A.
  
  Ring
- B.
  
  Tree
- C.
  
  Star
- D.
  
  Bus
Correct Answer
A. Ring

Explanation
In a ring network, every device is connected to exactly two neighbors, one on each side. This creates a circular connection where data can flow in both directions. This arrangement ensures that each device in the network has exactly two neighbors, making the ring network the correct answer to the question.

Rate this question:
8.

Which network integrates multiple topologies?
- A.
  
  Bus
- B.
  
  Star
- C.
  
  Tree
- D.
  
  Ring
Correct Answer
C. Tree

Explanation
A tree network integrates multiple topologies by connecting multiple star networks together in a hierarchical structure. In a tree network, a main backbone or root node connects to multiple secondary nodes, which in turn connect to more nodes. This hierarchical arrangement allows for the integration of multiple star networks, creating a larger and more complex network. The tree network topology is commonly used in wide area networks (WANs) and is known for its scalability and ability to handle large amounts of traffic.

Rate this question:
9.

Which class of internet protocols addresses in used for very large networks?
- A.
  
  A
- B.
  
  B
- C.
  
  C
- D.
  
  D
Correct Answer
A. A

Explanation
Class A addresses are used for very large networks because they have a very large range of IP addresses available. Class A addresses have a first octet that ranges from 1 to 126, allowing for up to 16,777,214 hosts on a single network. This makes them suitable for organizations or networks that require a large number of devices to be connected. Class A addresses are typically assigned to major corporations or internet service providers who need a large number of IP addresses for their network infrastructure.

Rate this question:
10.

Which protocol has the job of verifiying the correct delivery of data from client to server?
- A.
  
  Dynamic host configuration protocol (DHCP)
- B.
  
  Transmission control protocol (TCP)
- C.
  
  Hypertext transfer protocol (HTTP)
- D.
  
  Internet protocol (IP)
Correct Answer
B. Transmission control protocol (TCP)

Explanation
TCP is responsible for ensuring the reliable delivery of data from the client to the server. It uses a series of acknowledgments and retransmissions to verify that the data has been successfully received. DHCP is used for assigning IP addresses to devices on a network. HTTP is a protocol for transmitting hypertext over the internet. IP is responsible for routing packets of data between networks.

Rate this question:
11.

Which protocol is an Internet Engineering Task Force (IETF) standard designed to reduce the administration burden and complexity of configuring hosts on a TCP/IP-base network?
- A.
  
  Internet Protocol (IP)
- B.
  
  Hypertext transfer protocol (HTTP)
- C.
  
  Transmission control protocol (TCP)
- D.
  
  Dynamic host configuration protocol (DHCP)
Correct Answer
D. Dynamic host configuration protocol (DHCP)

Explanation
The Dynamic Host Configuration Protocol (DHCP) is an IETF standard that simplifies the process of configuring hosts on a TCP/IP-based network. It reduces the administration burden and complexity by automatically assigning IP addresses, subnet masks, default gateways, and other network configuration parameters to hosts. This eliminates the need for manual configuration and makes it easier to manage and maintain a network.

Rate this question:
12.

As the migration to internet protocol (IP) V6 continues, many organizations rely upon what to compensate for the lack of usable IP addresses?
- A.
  
  Prefixing
- B.
  
  Subnetting
- C.
  
  Transition Technology
- D.
  
  Classless Inter-Domain Routing
Correct Answer
B. Subnetting

Explanation
As the migration to internet protocol (IP) V6 continues, many organizations rely upon subnetting to compensate for the lack of usable IP addresses. Subnetting allows for the division of a network into smaller subnetworks, enabling more efficient use of IP addresses. By dividing the network into smaller subnets, organizations can allocate IP addresses more effectively and reduce wastage. Subnetting also helps with network management and allows for better organization and control of network resources.

Rate this question:
13.

The sequences of leading bits in an internet protocol used to identify the network portion of an an IP address is called?
- A.
  
  Routing prefix
- B.
  
  Hierarchy
- C.
  
  Subnet
- D.
  
  Mask
Correct Answer
A. Routing prefix

Explanation
The sequences of leading bits in an internet protocol used to identify the network portion of an IP address is called a routing prefix. This prefix helps in determining the network address and allows routers to forward the IP packets to the correct destination. It is an essential component of IP addressing and plays a crucial role in routing and subnetting.

Rate this question:
14.

Breaking down the packets' addresses to act as a gateway to allow traffic to pass between networks involves which transition technology?
- A.
  
  Dual stack
- B.
  
  Dual layer
- C.
  
  Tunneling
- D.
  
  Peer-to-peer
Correct Answer
B. Dual layer

Explanation
Dual layer is the correct answer because it refers to the process of breaking down the packets' addresses to act as a gateway between networks. This technology allows for the seamless transfer of traffic between different networks by utilizing both IPv4 and IPv6 protocols simultaneously. Dual stack, on the other hand, refers to the capability of a network device or software to support both IPv4 and IPv6 protocols. Tunneling is a technique used to encapsulate packets from one network protocol within packets of another protocol. Peer-to-peer is a decentralized network architecture where participants share resources directly with each other without the need for a central server.

Rate this question:
15.

Setting up a secure point-to-point communication is called
- A.
  
  Dual stack
- B.
  
  Dual layer
- C.
  
  Tunneling
- D.
  
  Peer-to-peer
Correct Answer
C. Tunneling

Explanation
Tunneling is the process of encapsulating one network protocol within another network protocol to create a secure point-to-point communication. This allows data to be transmitted securely over an untrusted network, such as the internet. Tunneling establishes a virtual tunnel between two endpoints, encrypting the data and protecting it from unauthorized access. It is commonly used in VPNs (Virtual Private Networks) to provide secure remote access to a private network.

Rate this question:
16.

Networked resources must be consistently monitored and controlled to ensure access to the network while
- A.
  
  Keeping complete and accurate documentation for all configuration changes.
- B.
  
  Minimizing risks posed by various cyberspace threats.
- C.
  
  Creating continuity throughout the network.
- D.
  
  Installing all applicable security patches.
Correct Answer
B. Minimizing risks posed by various cyberspace threats.

Explanation
Consistently monitoring and controlling networked resources helps in minimizing risks posed by various cyberspace threats. By actively monitoring the network, potential threats can be identified and mitigated before they cause any harm. Additionally, controlling access to the network ensures that only authorized users can access sensitive information, reducing the risk of unauthorized access or data breaches. Keeping complete and accurate documentation for all configuration changes is important for maintaining the network's integrity and troubleshooting any issues that may arise. However, the primary focus of monitoring and controlling network resources is to minimize the risks posed by cyber threats.

Rate this question:
17.

To make it possible for replacement administrators to accomplish the same tasks as their predecessor, administrators must be in the habit of
- A.
  
  Keeping complete and accurate documentation for all configuration changes.
- B.
  
  Minimizing risks posed by various cyberspace threats.
- C.
  
  Creating continuity throughout the network.
- D.
  
  Installing all applicable security patches.
Correct Answer
A. Keeping complete and accurate documentation for all configuration changes.

Explanation
To ensure that replacement administrators can perform the same tasks as their predecessor, it is important for administrators to maintain complete and accurate documentation for all configuration changes. This documentation serves as a reference guide for the new administrators, allowing them to understand the network setup and make necessary changes. It also helps in troubleshooting and resolving any issues that may arise. By keeping thorough documentation, administrators can ensure continuity and smooth transition between different administrators, minimizing the chances of errors or disruptions in network operations.

Rate this question:
18.

When coupled with standardized network policy, the standard desktop configuration (SDC) substantially
- A.
  
  Reduces the number of network users with administrative privileges.
- B.
  
  Achieves near end-to-end command and control capability.
- C.
  
  Guards against the insider threat.
- D.
  
  Improves network security.
Correct Answer
D. Improves network security.

Explanation
The standard desktop configuration (SDC) when combined with standardized network policy helps in improving network security. By implementing SDC, the number of network users with administrative privileges is reduced, which helps in limiting the potential vulnerabilities and unauthorized access to the network. This ensures that only authorized personnel have the necessary access rights, reducing the risk of security breaches. Therefore, the SDC plays a crucial role in enhancing network security.

Rate this question:
19.

With the consolidation of the several Network Operations and Security Centers (NOSC), the Air Force
- A.
  
  Reduce the number of network users with administrative privileges.
- B.
  
  Achieves near end-to-end command and control capability.
- C.
  
  Guard against the insider threat.
- D.
  
  Improves network security.
Correct Answer
B. Achieves near end-to-end command and control capability.

Explanation
The consolidation of the several Network Operations and Security Centers (NOSC) allows the Air Force to achieve near end-to-end command and control capability. This means that they have better control and oversight of their network operations, allowing them to effectively manage and coordinate their activities. By consolidating these centers, the Air Force can streamline their operations and ensure a more efficient and effective network management system. This not only improves their overall network security but also enhances their ability to respond to threats and potential insider attacks.

Rate this question:
20.

Which WiFi standard is the slowest yet least expensive?
- A.
  
  802.11a
- B.
  
  802.11b
- C.
  
  802.11g
- D.
  
  802.11n
Correct Answer
B. 802.11b

Explanation
802.11b is the slowest yet least expensive WiFi standard. It operates at a maximum speed of 11 Mbps, which is slower compared to the other options. However, it is also the least expensive option as it is an older standard and has been surpassed by newer and faster options.

Rate this question:
21.

Which wireless standard originally intended to create a wireless security platform that would perform as securely as a traditional wired network by providing data encryption?
- A.
  
  WiFi protected access (WPA)
- B.
  
  Wireless local area network (WLAN)
- C.
  
  Wireless wide area network (WWAN)
- D.
  
  Wired equivalency privacy (WEP)
Correct Answer
D. Wired equivalency privacy (WEP)

Explanation
Wired equivalency privacy (WEP) was a wireless standard that aimed to create a secure wireless network by providing data encryption. It was intended to offer the same level of security as a traditional wired network. However, WEP has been found to have significant security vulnerabilities, and it is no longer considered a reliable security measure.

Rate this question:
22.

What shall be assigned to all Department of Defense information systems that is directly associated with the importance of the information contained relative to achieving DOD goals and objectives?
- A.
  
  Mission assurance category.
- B.
  
  Defense-in-depth code.
- C.
  
  System classification.
- D.
  
  Secure location.
Correct Answer
A. Mission assurance category.

Explanation
All Department of Defense information systems need to be assigned a mission assurance category based on the importance of the information contained and its relevance to achieving DOD goals and objectives. This categorization helps in ensuring the protection and security of the systems and their associated information. It allows for the implementation of appropriate security measures and controls to mitigate risks and ensure the availability, integrity, and confidentiality of the information.

Rate this question:
23.

Requirements for availability and integrity are associated with
- A.
  
  Information classification
- B.
  
  Mission assurance
- C.
  
  Need-to-know
- D.
  
  Sensitivity
Correct Answer
B. Mission assurance

Explanation
Mission assurance refers to the processes and activities that ensure the availability, integrity, and reliability of critical systems and information necessary to accomplish an organization's mission. It involves implementing measures to protect against threats, vulnerabilities, and disruptions that could impact the organization's ability to carry out its mission. Therefore, requirements for availability and integrity are associated with mission assurance, as they are key components of ensuring the organization's mission is successfully achieved.

Rate this question:
24.

Who is responsible for verifying proper security clearances and background investigation checks prior to granting a network user access to the Air Force Provisioned Portion of the Global Information Grid (AF GIG)?
- A.
  
  Information assurance officer (IAO) only
- B.
  
  IAO and security manager.
- C.
  
  Have met investigative requirements
- D.
  
  Have satisfied network access requirements.
Correct Answer
B. IAO and security manager.

Explanation
The correct answer is IAO and security manager. The responsibility of verifying proper security clearances and background investigation checks lies with both the Information Assurance Officer (IAO) and the security manager. They work together to ensure that network users have met investigative requirements and have satisfied network access requirements before granting them access to the Air Force Provisioned Portion of the Global Information Grid (AF GIG).

Rate this question:
25.

Initial information assurance (IA) awareness training for all network users ensures all of the following except the users
- A.
  
  Are aware of their role in IA.
- B.
  
  Are trained on network security.
- C.
  
  Have met investigative requirements.
- D.
  
  Have satisfied network access requirements.
Correct Answer
C. Have met investigative requirements.

Explanation
The initial information assurance (IA) awareness training for all network users aims to ensure that they are aware of their role in IA, trained on network security, and have satisfied network access requirements. However, it does not guarantee that they have met investigative requirements. This means that the training does not ensure that the users have undergone any specific investigations or background checks that may be required for certain positions or access levels.

Rate this question:
26.

Which common access card (CAC) certificate would be used to sign an enlisted performance report (EPR)?
- A.
  
  Digital
- B.
  
  Biometric
- C.
  
  Encryption
- D.
  
  Identification
Correct Answer
D. Identification

Explanation
The identification certificate would be used to sign an enlisted performance report (EPR) using a common access card (CAC). This certificate is used to verify and authenticate the identity of the individual signing the document. It ensures that the person signing the EPR is indeed the authorized individual and provides a level of security and accountability to the process.

Rate this question:
27.

With what agency must the contract manager validate a contractor employee's need to obtain a government PKI certificate?
- A.
  
  Wing
- B.
  
  Air Force
- C.
  
  Department of Defense
- D.
  
  Local Registration Authority/Trusted Agent (LRA/TA)
Correct Answer
D. Local Registration Authority/Trusted Agent (LRA/TA)

Explanation
The contract manager must validate a contractor employee's need to obtain a government PKI certificate with the Local Registration Authority/Trusted Agent (LRA/TA). This agency is responsible for managing the registration and issuance of PKI certificates, ensuring that only authorized individuals receive them. The LRA/TA acts as a trusted intermediary between the contractor employee and the government, verifying the employee's need for the certificate and ensuring that they meet the necessary requirements to obtain one. This validation process helps maintain the security and integrity of the PKI system.

Rate this question:
28.

When network password composition rules are not automatically enforce, what process should network administrators use to enforce good password stringency?
- A.
  
  Cracking
- B.
  
  Evaluation
- C.
  
  Identification
- D.
  
  Authentication
Correct Answer
A. Cracking

Explanation
When network password composition rules are not automatically enforced, network administrators should use the process of "cracking" to enforce good password stringency. Cracking refers to the act of attempting to break or guess passwords by using various techniques such as brute-force attacks, dictionary attacks, or rainbow table attacks. By actively trying to crack passwords, network administrators can identify weak passwords and enforce stronger password policies to enhance the security of the network.

Rate this question:
29.

Report loss or suspected loss of removable media containing controlled unclassified information (CUI) or personally identifiable information (PII) according to reporting procedures in which Air Force Instruction (AIF)?
- A.
  
  AFI 33-138, Enterprise Network Operations Notification and Tracking.
- B.
  
  AFI 31-401, Information Security Program Management
- C.
  
  AFI 31-501, Personnel Security Program Management
- D.
  
  AFI 31-301, Industrial Security Program Management
Correct Answer
A. AFI 33-138, Enterprise Network Operations Notification and Tracking.
30.

Which Air Force Instruction (AFI) guides security policy and guidance for government contractors?
- A.
  
  AFI 33-332, Privacy Act Program
- B.
  
  AFI 31-401, Information Security Program Management
- C.
  
  AFI 31-501, Personnel Security Program Management
- D.
  
  AFI 31-601, Industial Security Program Management
Correct Answer
D. AFI 31-601, Industial Security Program Management

Explanation
AFI 31-601, Industrial Security Program Management, is the correct answer because it specifically focuses on security policy and guidance for government contractors. This instruction provides guidance on the management and implementation of industrial security programs, which includes safeguarding classified information and ensuring compliance with security regulations. It outlines the responsibilities of government contractors and provides procedures for conducting security assessments and investigations. Therefore, AFI 31-601 is the appropriate instruction to consult for security policy and guidance for government contractors.

Rate this question:
31.

What type of access isgiven to remote users who access, download, or upload data?
- A.
  
  Limited (general) access
- B.
  
  Administrative access
- C.
  
  Remote user access
- D.
  
  End-User access
Correct Answer
D. End-User access

Explanation
End-User access is the type of access given to remote users who access, download, or upload data. This type of access is typically limited to only the necessary functions and privileges required for end users to perform their tasks. It does not include administrative access, which is reserved for system administrators who have full control over the system. End-User access allows remote users to interact with the system and perform their designated tasks without having excessive privileges or control over the system.

Rate this question:
32.

What of access is given to users who perform troubleshooting, configuration changes, or system reviews?
- A.
  
  Limited (general)
- B.
  
  Administrative
- C.
  
  Remote user
- D.
  
  End-user
Correct Answer
B. Administrative

Explanation
Users who perform troubleshooting, configuration changes, or system reviews are given administrative access. This level of access allows them to have full control and authority over the system, enabling them to make necessary changes and modifications to troubleshoot issues, configure settings, and review the system thoroughly. Administrative access is typically granted to IT professionals or system administrators who are responsible for managing and maintaining the system.

Rate this question:
33.

Whenever possible, in which environment would you run the UNIX Apache server?
- A.
  
  Chmod
- B.
  
  Chown
- C.
  
  Chroot
- D.
  
  Chgrp
Correct Answer
C. Chroot

Explanation
The correct answer is "chroot". Chroot stands for "change root" and is a Unix command that allows you to change the root directory for a process or a group of processes. By running the UNIX Apache server in a chroot environment, you can isolate it from the rest of the system, increasing security and preventing unauthorized access to sensitive files and directories.

Rate this question:
34.

To improve system security, several services that are preloaded on many UNIX systems can be disabled except
- A.
  
  Rsh
- B.
  
  Rlogin
- C.
  
  Telnet
- D.
  
  Rfinger
Correct Answer
D. Rfinger

Explanation
To improve system security, it is recommended to disable several preloaded services on UNIX systems. These services, such as rsh, rlogin, and telnet, are known to have security vulnerabilities and are commonly disabled. However, the service that should not be disabled is rfinger. Rfinger is a service that provides information about users on the system, and while it may have some privacy concerns, it does not pose the same level of security risk as the other mentioned services. Therefore, rfinger should be left enabled for system functionality.

Rate this question:
35.

When vulnerabilities are discovered within the Window operating system and its other products, Microsoft releases
- A.
  
  Notices
- B.
  
  Postings
- C.
  
  Bulletins
- D.
  
  Announcements
Correct Answer
C. Bulletins

Explanation
Microsoft releases bulletins when vulnerabilities are discovered within the Windows operating system and its other products. Bulletins are a common method used by Microsoft to inform users about security vulnerabilities and provide guidance on how to mitigate them. These bulletins typically include information about the vulnerability, its severity, and steps to take to protect against potential attacks. They serve as important resources for users to stay informed and take necessary actions to secure their systems.

Rate this question:
36.

A companion file virus is one that
- A.
  
  Writes itself before the original file.
- B.
  
  Writes itself to the end of the original file.
- C.
  
  Writes itself between file sections of 32-bit file.
- D.
  
  Renames the orginal file and writes itself with the orginal file's name.
Correct Answer
D. Renames the orginal file and writes itself with the orginal file's name.

Explanation
A companion file virus is a type of virus that renames the original file and then writes itself with the original file's name. This means that the virus disguises itself as the original file, making it harder to detect and remove. By renaming the file and taking on its identity, the virus can easily spread and infect other systems without raising suspicion.

Rate this question:
37.

A program that contains or installs a malicious program is called a
- A.
  
  Boot sector virus
- B.
  
  Worm program
- C.
  
  Trojan horse
- D.
  
  Macro virus
Correct Answer
C. Trojan horse

Explanation
A trojan horse is a program that appears to be legitimate but actually contains or installs a malicious program. It tricks users into thinking it is harmless and gains their trust, allowing it to infiltrate their system and carry out harmful actions without their knowledge. Unlike viruses or worms, trojan horses do not self-replicate, but they can still cause significant damage by stealing sensitive information, giving unauthorized access to the system, or causing other malicious activities.

Rate this question:
38.

To virus-protect your system, make sure you perform all the following steps except
- A.
  
  Log off your computer daily
- B.
  
  Install the latest service packs
- C.
  
  Update your anti-virus software
- D.
  
  Watch for files with .exe, .com, .bat, and .scr attachments
Correct Answer
A. Log off your computer daily

Explanation
Logging off your computer daily does not directly contribute to virus protection. While it is generally a good practice to log off or shut down your computer when not in use, it does not specifically protect your system from viruses. The other three options - installing the latest service packs, updating anti-virus software, and being cautious of certain file attachments - are all proactive measures that can help protect your system from viruses.

Rate this question:
39.

By providing users with the necessary level of access to perform their jobs, you are
- A.
  
  Monitoring network traffic
- B.
  
  Using the least privilege principle
- C.
  
  Using a bidirectional firewall
- D.
  
  Stopping peer-to-peer sharing
Correct Answer
B. Using the least privilege principle

Explanation
By providing users with the necessary level of access to perform their jobs, you are implementing the least privilege principle. This principle states that users should only be given the minimum level of access required to carry out their tasks, reducing the risk of unauthorized access and potential damage. This practice helps to enhance security and minimize the potential impact of any security breaches or insider threats.

Rate this question:
40.

What category is an incident in which an unauthorized person gained user-level privileges on an Air Force computer/information system/network device?
- A.
  
  I
- B.
  
  II
- C.
  
  IV
- D.
  
  VII
Correct Answer
B. II

Explanation
Category II is the correct answer because it refers to an incident where an unauthorized person gained user-level privileges on an Air Force computer/information system/network device. This means that the unauthorized person was able to access and perform actions that are normally restricted to authorized users, posing a potential security threat.

Rate this question:
41.

What category is an incident in which an Air Force computer/information system/network was denied use do to an overwhelming volume of unauthorized network traffic?
- A.
  
  I
- B.
  
  II
- C.
  
  IV
- D.
  
  VII
Correct Answer
C. IV

Explanation
An incident in which an Air Force computer/information system/network is denied use due to an overwhelming volume of unauthorized network traffic falls under category IV. This category typically refers to incidents related to denial of service attacks, where the system is intentionally flooded with excessive traffic, causing it to become unavailable to legitimate users.

Rate this question:
42.

What is the lowest level of information condition (INFOCON)?
- A.
  
  1
- B.
  
  2
- C.
  
  5
- D.
  
  A
Correct Answer
C. 5

Explanation
The lowest level of information condition (INFOCON) is 5. This level indicates that there is no current threat to information systems and no special security measures are required. It signifies a normal operating condition where information systems are functioning normally and are not under any known or imminent attack.

Rate this question:
43.

All agencies/organizations implement information condition (INFOCON) measures except
- A.
  
  Major commands
- B.
  
  Direct reporting units
- C.
  
  Field operating agencies
- D.
  
  Air Force network operating center network control division.
Correct Answer
D. Air Force network operating center network control division.

Explanation
The Air Force network operating center network control division is the exception because it is an agency/organization that does not implement information condition (INFOCON) measures. The other options listed, major commands, direct reporting units, and field operating agencies, are all agencies/organizations that do implement INFOCON measures.

Rate this question:
44.

Information security-related access controls that include segregation of duties and security screening of users can be classified as which category of access preservation?
- A.
  
  Technical
- B.
  
  Administrative
- C.
  
  Authentication
- D.
  
  Confidentiality
Correct Answer
B. Administrative

Explanation
Access controls that include segregation of duties and security screening of users are classified as administrative access preservation. Administrative access controls focus on policies, procedures, and guidelines that are put in place to manage and regulate access to information and resources within an organization. These controls involve the implementation of administrative measures such as user management, user training, background checks, and separation of duties to ensure the security and integrity of the organization's systems and data.

Rate this question:
45.

What type of certificate authenticates the identity of the user?
- A.
  
  Digital
- B.
  
  Biometric
- C.
  
  Encryption
- D.
  
  E-mail signing
Correct Answer
A. Digital

Explanation
A digital certificate is a type of certificate that authenticates the identity of the user. It is a digital file that contains information about the user and is issued by a trusted third party called a Certificate Authority (CA). The digital certificate is used to verify the authenticity of the user's identity during online transactions or communications. It ensures that the user is who they claim to be and provides a secure way to establish trust and protect sensitive information.

Rate this question:
46.

What should be implemented on desktop systems connected to critical networks to prevent unauthorized people from gaining control of the system when the system is powered up?
- A.
  
  War-dialing
- B.
  
  BIOS password
- C.
  
  Time-out feature
- D.
  
  Secure network location
Correct Answer
B. BIOS password

Explanation
A BIOS password should be implemented on desktop systems connected to critical networks to prevent unauthorized people from gaining control of the system when it is powered up. This is because a BIOS password is a security measure that requires users to enter a password before they can access the system's BIOS settings or boot from external devices. By setting a BIOS password, it adds an extra layer of protection and prevents unauthorized individuals from tampering with the system's configuration or gaining control over it.

Rate this question:
47.

Who reviews information assurance assurance program (IAAP) reports and has the final authority to downgrade IAAP report ratings when it is clear that incidents or deviations are involved?
- A.
  
  Headquarters Air Force Network Integration Center (HQ AFNIC)
- B.
  
  Major command commander
- C.
  
  Squadron commanders
- D.
  
  Wing Commanders
Correct Answer
A. Headquarters Air Force Network Integration Center (HQ AFNIC)

Explanation
Headquarters Air Force Network Integration Center (HQ AFNIC) reviews information assurance assurance program (IAAP) reports and has the final authority to downgrade IAAP report ratings when it is clear that incidents or deviations are involved.

Rate this question:
48.

Which agency conducts assessments of wing information assurance (IA) programs using AF Form 4160 every 2 years or sooner?
- A.
  
  Wing
- B.
  
  Squadrons
- C.
  
  Major commands
- D.
  
  Headquarters Air Force Network Integration Center (HQ AFNIC)
Correct Answer
C. Major commands

Explanation
Major commands conduct assessments of wing information assurance (IA) programs using AF Form 4160 every 2 years or sooner. This suggests that the responsibility for assessing IA programs lies with the major commands, which oversee and manage multiple wings. The other options, such as wing, squadrons, and HQ AFNIC, do not have the authority or scope to conduct assessments of multiple IA programs within the Air Force.

Rate this question:
49.

Flaws that include threats in building construction, improper implementation of utilities, inadequate wiring, and poor housekeeping practices can be best classified as what type of threat?
- A.
  
  Human
- B.
  
  Technological
- C.
  
  Unintentional
- D.
  
  Environmental
Correct Answer
D. Environmental

Explanation
The given answer is "Environmental" because the flaws mentioned in the question are related to the environment and its impact on building construction. Threats such as inadequate wiring, improper implementation of utilities, and poor housekeeping practices can all be attributed to environmental factors such as weather conditions, natural disasters, or pollution. These flaws are not caused by humans intentionally or due to technological issues, but rather they are unintentional consequences of the environment.

Rate this question:
50.

Degaussing with an NSA-approved degausser is the only clear which media type?
- A.
  
  Dynamic random access memory and Random-access memory.
- B.
  
  Programmable read-only memory and Optical Media.
- C.
  
  Static random access memory
- D.
  
  Magnetic tapes
Correct Answer
D. Magnetic tapes

Explanation
The correct answer is Magnetic tapes. Degaussing with an NSA-approved degausser is the only way to clear magnetic tapes. Magnetic tapes store data using magnetic fields, and degaussing is the process of erasing those magnetic fields, effectively clearing the data stored on the tapes. This process is crucial for data security and preventing unauthorized access to sensitive information.

Rate this question:

Featured Quizzes

POTS Syndrome Quiz - Do You Have POTS? POTS Syndrome Quiz - Do You Have POTS?

Harry Potter House Quiz: Which Hogwarts House Do You Belong To? Harry Potter House Quiz: Which Hogwarts House Do You Belong To?

Maladaptive Daydreaming Test: Am I A Maladaptive Daydreamer? Maladaptive Daydreaming Test: Am I A Maladaptive Daydreamer?

Quiz: Can You Guess These Asian's Nationality? Quiz: Can You Guess These Asian's Nationality?

Direct And Indirect Speech Quiz: Test Your Skills Direct And Indirect Speech Quiz: Test Your Skills

Maths Quiz For Grade 6 With Answers Maths Quiz For Grade 6 With Answers

Back to top

3D053 Vol's 1,2, And 3

The Cyber T hec The Cyber Surety journeyman monitors all of the following programs except

What is the fourth step in the operational risk management (ORM) process?

What minimum milli-ampere current can be lethal?

Which type of network typically provides wireless broadband data services?

To use VPN products, obtain interim approval from?

Which bound media has a core surrounded by cladding and a second layer surrounded by glass or plastic?

In which network does every device have exactly two neighbors?

Which network integrates multiple topologies?

Which class of internet protocols addresses in used for very large networks?

Which protocol has the job of verifiying the correct delivery of data from client to server?

Which protocol is an Internet Engineering Task Force (IETF) standard designed to reduce the administration burden and complexity of configuring hosts on a TCP/IP-base network?

As the migration to internet protocol (IP) V6 continues, many organizations rely upon what to compensate for the lack of usable IP addresses?

The sequences of leading bits in an internet protocol used to identify the network portion of an an IP address is called?

Breaking down the packets' addresses to act as a gateway to allow traffic to pass between networks involves which transition technology?

Setting up a secure point-to-point communication is called

Networked resources must be consistently monitored and controlled to ensure access to the network while

To make it possible for replacement administrators to accomplish the same tasks as their predecessor, administrators must be in the habit of

When coupled with standardized network policy, the standard desktop configuration (SDC) substantially

With the consolidation of the several Network Operations and Security Centers (NOSC), the Air Force

Which WiFi standard is the slowest yet least expensive?

Which wireless standard originally intended to create a wireless security platform that would perform as securely as a traditional wired network by providing data encryption?

What shall be assigned to all Department of Defense information systems that is directly associated with the importance of the information contained relative to achieving DOD goals and objectives?

Requirements for availability and integrity are associated with

Who is responsible for verifying proper security clearances and background investigation checks prior to granting a network user access to the Air Force Provisioned Portion of the Global Information Grid (AF GIG)?

Initial information assurance (IA) awareness training for all network users ensures all of the following except the users

Which common access card (CAC) certificate would be used to sign an enlisted performance report (EPR)?

With what agency must the contract manager validate a contractor employee's need to obtain a government PKI certificate?

When network password composition rules are not automatically enforce, what process should network administrators use to enforce good password stringency?

Report loss or suspected loss of removable media containing controlled unclassified information (CUI) or personally identifiable information (PII) according to reporting procedures in which Air Force Instruction (AIF)?

Which Air Force Instruction (AFI) guides security policy and guidance for government contractors?

What type of access isgiven to remote users who access, download, or upload data?

What of access is given to users who perform troubleshooting, configuration changes, or system reviews?

Whenever possible, in which environment would you run the UNIX Apache server?

To improve system security, several services that are preloaded on many UNIX systems can be disabled except

When vulnerabilities are discovered within the Window operating system and its other products, Microsoft releases

A companion file virus is one that

A program that contains or installs a malicious program is called a

To virus-protect your system, make sure you perform all the following steps except

By providing users with the necessary level of access to perform their jobs, you are

What category is an incident in which an unauthorized person gained user-level privileges on an Air Force computer/information system/network device?

What category is an incident in which an Air Force computer/information system/network was denied use do to an overwhelming volume of unauthorized network traffic?

What is the lowest level of information condition (INFOCON)?

All agencies/organizations implement information condition (INFOCON) measures except

Information security-related access controls that include segregation of duties and security screening of users can be classified as which category of access preservation?

What type of certificate authenticates the identity of the user?

What should be implemented on desktop systems connected to critical networks to prevent unauthorized people from gaining control of the system when the system is powered up?

Who reviews information assurance assurance program (IAAP) reports and has the final authority to downgrade IAAP report ratings when it is clear that incidents or deviations are involved?

Which agency conducts assessments of wing information assurance (IA) programs using AF Form 4160 every 2 years or sooner?

Flaws that include threats in building construction, improper implementation of utilities, inadequate wiring, and poor housekeeping practices can be best classified as what type of threat?

Degaussing with an NSA-approved degausser is the only clear which media type?