1.
1. (001) Which of the following is a duty performed by a cyber surety journeyman?
Correct Answer
D. D. Detection activities, including real-time intrusion detection and firewall protection.
Explanation
A cyber surety journeyman is responsible for performing detection activities, including real-time intrusion detection and firewall protection. This means that they are tasked with monitoring computer systems and networks for any unauthorized access or malicious activities. They are also responsible for ensuring that firewall protection is in place to prevent unauthorized access and protect sensitive information. This duty is crucial in maintaining the security and integrity of computer systems and networks, and preventing cyber threats and attacks.
2.
2. (001) Which career field deploys, sustains, troubleshoots, and repairs standard voice, data, video
network, and cryptographic client devices in fixed and deployed environments?
Correct Answer
A. A. Client Systems (3D1X1).
Explanation
The correct answer is a. Client Systems (3D1X1). This career field is responsible for deploying, sustaining, troubleshooting, and repairing standard voice, data, video network, and cryptographic client devices in both fixed and deployed environments. This includes tasks such as setting up computer systems, installing software, and ensuring network connectivity.
3.
3. (002) How many steps are in the risk management (RM) process?
Correct Answer
B. B. 5.
Explanation
The correct answer is b. 5. The risk management (RM) process consists of five steps. These steps include identifying risks, assessing risks, developing risk mitigation strategies, implementing risk mitigation strategies, and monitoring and reviewing the effectiveness of the strategies. Each step is crucial in effectively managing and minimizing risks within an organization or project.
4.
4. (002) What is the third step in the risk management (RM) process?
Correct Answer
D. D. Develop controls and make decisions.
Explanation
The third step in the risk management process is to develop controls and make decisions. This step involves identifying potential risks and developing strategies to mitigate or eliminate them. It also includes making decisions on which controls to implement and how to allocate resources effectively. Supervising and evaluating the effectiveness of these controls comes later in the process.
5.
5. (002) Human error causes approximately what percentage of all accidents?
Correct Answer
D. D. 95.
Explanation
Human error is responsible for the majority of accidents, accounting for approximately 95% of all incidents. This means that the vast majority of accidents can be attributed to mistakes or failures on the part of individuals, rather than external factors or mechanical failures. This highlights the importance of human factors and the need for effective training, procedures, and systems to minimize the risk of errors and prevent accidents from occurring.
6.
6. (003) Which type of network typically provides wireless broadband data services?
Correct Answer
C. C. Wireless wide area network (WWAN).
Explanation
A wireless wide area network (WWAN) typically provides wireless broadband data services. This type of network covers a wide geographic area and allows users to access the internet or other network resources wirelessly. WWANs are commonly used by mobile network operators to provide internet connectivity to mobile devices such as smartphones, tablets, and laptops. They utilize cellular technology and infrastructure to provide high-speed data services to a large number of users over a wide area.
7.
7. (004) Which bound media has a core surrounded by cladding and a second layer surrounded by
glass or plastic?
Correct Answer
C. C. Fiber optic.
Explanation
Fiber optic is the correct answer because it is the only option that describes a bound media with a core surrounded by cladding and a second layer surrounded by glass or plastic. CAT-6, coaxial, and twisted pair do not have this specific structure.
8.
8. (004) Which of the following is not an example of unbound media?
Correct Answer
A. A. Fiber optic.
Explanation
Fiber optic is not an example of unbound media because it uses physical cables to transmit data signals. Unbound media refers to wireless communication methods that do not require physical cables, such as terrestrial, radio frequency, and satellite microwave.
9.
9. (005) In which topology does a device wanting to communicate with another device on the network
send a broadcast message onto the wire that all other devices see, but only the intended recipient
actually accepts and processes?
Correct Answer
A. A. Bus.
Explanation
In a bus topology, a device wanting to communicate with another device on the network sends a broadcast message onto the wire that all other devices see. However, only the intended recipient actually accepts and processes the message. This is because in a bus topology, all devices are connected to a single communication line, and the message travels along the line for all devices to see. However, each device has its own unique address, and only the device with the matching address accepts and processes the message.
10.
10. (006) When viewed in binary form, each octet within an Internet Protocol (IP) address has how
many positions?
Correct Answer
C. C. 8.
Explanation
Each octet within an Internet Protocol (IP) address has 8 positions when viewed in binary form. In binary representation, each position can have a value of either 0 or 1, allowing for a total of 8 possible positions or bits in each octet.
11.
11. (006) How many bits are within an internet protocol version 4 (IPv4) address?
Correct Answer
A. A. 32.
Explanation
An internet protocol version 4 (IPv4) address is made up of 32 bits. This means that there are 32 binary digits that make up an IPv4 address. Each bit can be either a 0 or a 1, allowing for a total of 2^32 (or approximately 4.3 billion) unique addresses within the IPv4 address space.
12.
12. (006) Which class of internet protocol (IP) addresses is only used for experimental purposes?
Correct Answer
D. D. E.
Explanation
Class E IP addresses are reserved for experimental purposes and are not used for normal network operations. These addresses range from 240.0.0.0 to 255.255.255.255 and are not assigned to any specific organization or location. They are meant for research, development, and testing purposes, and should not be used in production networks.
13.
13. (006) Which internet protocol (IP) address is used for limited broadcasts?
Correct Answer
D. D. 255.255.255.255.
Explanation
The IP address 255.255.255.255 is used for limited broadcasts. Limited broadcasts are used to send a message to all devices on the local network. This type of broadcast is restricted to the local network and is not forwarded by routers. The IP address 255.255.255.255 is reserved for this purpose and is used to send a message to all devices on the network.
14.
14. (006) The sequence of leading bits in an internet protocol (IP) that are used to identify the
network portion of an IP address is called a
Correct Answer
D. D. routing prefix.
Explanation
The sequence of leading bits in an IP address that identifies the network portion is called a routing prefix. This prefix is used in routing tables to determine the appropriate network for forwarding packets. It helps in efficiently routing traffic to the correct destination by identifying the network segment of the IP address. The routing prefix is an essential component in the IP addressing scheme and plays a crucial role in the functioning of IP networks.
15.
15. (007) Which protocol does the Internet support as the “language” computers use to find and
connect with each other?
Correct Answer
D. D. Transmission control protocol/Internet Protocol (TCP/IP).
Explanation
The internet supports the Transmission Control Protocol/Internet Protocol (TCP/IP) as the "language" computers use to find and connect with each other. TCP/IP is a set of protocols that allows for reliable and secure communication between devices on the internet. It provides a standardized method for breaking data into packets, routing them across networks, and reassembling them at the destination. TCP/IP is the foundation of the internet and is used for various applications such as web browsing, email, file transfer, and more.
16.
16. (007) Which transmission control protocol (TCP) port is used by hypertext transfer protocol
(HTTP) by default?
Correct Answer
B. B. 80.
Explanation
The correct answer is b. 80. The hypertext transfer protocol (HTTP) uses TCP port 80 by default. TCP port 80 is the standard port for serving HTTP traffic on the internet. When a client sends an HTTP request to a server, it will typically connect to port 80 on the server's IP address. This allows the server to receive and process the HTTP request and send back the corresponding HTTP response.
17.
17. (007) Which protocol is an Internet Engineering Task Force (IETF) standard designed to reduce
the administration burden and complexity of configuring hosts on a transmission control
protocol/internet protocol (TCP/IP) based network?
Correct Answer
D. D. Dynamic host configuration protocol (DHCP).
Explanation
The Dynamic Host Configuration Protocol (DHCP) is an IETF standard designed to reduce the administration burden and complexity of configuring hosts on a TCP/IP based network. DHCP allows network administrators to centrally manage and automate the process of assigning IP addresses, subnet masks, default gateways, and other network configuration parameters to hosts on a network. This eliminates the need for manual configuration of each individual host and simplifies the network administration process.
18.
18. (008) A logical connection point for the transmission of information packets is known as
Correct Answer
A. A. a port.
Explanation
A logical connection point for the transmission of information packets is known as a port. A port is a specific endpoint of communication in an operating system or network. It allows different applications or devices to send and receive data. Ports are identified by numbers and are used to establish connections between devices or services.
19.
19. (008) Which port range constitutes well-known ports?
Correct Answer
A. A. 0 to 1023.
Explanation
The well-known ports are the port numbers ranging from 0 to 1023. These ports are assigned by the Internet Assigned Numbers Authority (IANA) and are commonly used for specific protocols and services such as HTTP (port 80), FTP (port 21), and SSH (port 22). These ports are considered "well-known" because they are widely recognized and used by many applications and operating systems.
20.
20. (008) Which port is used for telnet?
Correct Answer
C. C. 23.
Explanation
Telnet is a protocol used for remote login and command execution on a remote computer. It operates on port 23 by default. Therefore, the correct answer is c. 23.
21.
21. (008) Which port is used for hypertext transfer protocol (HTTP)?
Correct Answer
D. D. 80.
Explanation
Port 80 is used for hypertext transfer protocol (HTTP). HTTP is the protocol used for transmitting and receiving information on the World Wide Web. When a user enters a website address in their browser, the browser sends an HTTP request to the server hosting the website on port 80. The server then responds with the requested web page, which is displayed in the user's browser. Port 80 is the default port for HTTP, although it can be changed if necessary.
22.
22. (008) In which type of port scan does the scanner connect to the same port on more than one
machine?
Correct Answer
B. B. Sweep scan.
Explanation
A sweep scan is a type of port scan where the scanner connects to the same port on multiple machines. This allows the scanner to quickly scan a range of IP addresses and identify any open ports. This type of scan is commonly used by attackers to identify potential vulnerable systems for further exploitation.
23.
23. (008) Which type of scan is also known as a half open scan?
Correct Answer
B. B. Synchronous (SYN) scan.
Explanation
A half open scan, also known as a SYN scan, is a type of scan that sends a SYN packet to a target port. This scan is considered "half open" because it does not complete the full TCP handshake. Instead, it waits for a response from the target. If the target responds with a SYN-ACK packet, it means the port is open. If the target responds with a RST packet, it means the port is closed. This type of scan is commonly used for reconnaissance and vulnerability assessment purposes.
24.
24. (008) Which organization is responsible for developing Air Force ports, protocols and services
(PPS) policies and procedures?
Correct Answer
B. B. Air Force Network Integration Center (AFNIC).
Explanation
The Air Force Network Integration Center (AFNIC) is responsible for developing Air Force ports, protocols, and services (PPS) policies and procedures. This organization is specifically dedicated to integrating and managing the Air Force's network infrastructure, ensuring that it operates efficiently and securely. AFNIC plays a crucial role in establishing and enforcing the standards and guidelines for the use of ports, protocols, and services within the Air Force network, ensuring interoperability and compliance with security protocols.
25.
25. (009) How is an Internet protocol version 6 (IPv6) address written?
Correct Answer
A. A. Eight groups of four hexadecimal numbers, separated by colons.
Explanation
An Internet protocol version 6 (IPv6) address is written with eight groups of four hexadecimal numbers, separated by colons. This format is used to represent the 128-bit address space of IPv6, allowing for a larger number of unique addresses compared to IPv4. The use of hexadecimal numbers and colons makes the address easier to read and understand. The correct answer is a.
26.
26. (009) Which type of transition technology is used to set up secure point-to-point communication?
Correct Answer
A. A. Tunneling.
Explanation
Tunneling is the type of transition technology used to set up secure point-to-point communication. Tunneling encapsulates one network protocol within another, allowing data to be transmitted securely over an insecure network. It creates a "tunnel" through which data can pass, protecting it from unauthorized access or tampering. This method is commonly used in virtual private networks (VPNs) to establish secure connections between remote networks or devices. Dual layer, dual stack, and peer-to-peer are not specifically related to secure point-to-point communication.
27.
27. (010) Networked resources must be consistently monitored and controlled to ensure access to the
network while
Correct Answer
C. C. minimizing risks posed by various cyberspace threats.
Explanation
Networked resources must be consistently monitored and controlled to ensure access to the network while minimizing risks posed by various cyberspace threats. This means that by monitoring and controlling the network, organizations can identify and mitigate potential threats and vulnerabilities, reducing the risk of cyber attacks and unauthorized access to the network. This is crucial in maintaining the security and integrity of the network and protecting sensitive information from being compromised.
28.
28. (010) Administrators must be in the habit of doing what to make it possible for replacement
administrators to accomplish the same tasks as their predecessors?
Correct Answer
D. D. Keeping complete and accurate documentation for all configuration changes.
Explanation
To ensure that replacement administrators can accomplish the same tasks as their predecessors, it is important for administrators to keep complete and accurate documentation for all configuration changes. This documentation serves as a reference for the new administrators, providing them with the necessary information about the network's configurations and settings. By having access to this documentation, the replacement administrators can easily understand and replicate the previous configurations, minimizing disruptions and ensuring continuity throughout the network.
29.
29. (011) Which is the slowest yet least expensive WiFi standard?
Correct Answer
B. B. 802.11b.
Explanation
The slowest yet least expensive WiFi standard is 802.11b. This standard operates on the 2.4 GHz frequency band and has a maximum data transfer rate of 11 Mbps. While it is slower compared to other WiFi standards, it is still widely used in older devices due to its affordability.
30.
30. (011) What is the newest WiFi networking standard that is widely available?
Correct Answer
D. D. 802.11n.
Explanation
The newest WiFi networking standard that is widely available is 802.11n. This standard offers faster speeds and better range compared to previous standards such as 802.11a, 802.11b, and 802.11g. It also supports multiple-input multiple-output (MIMO) technology, which allows for improved performance in crowded environments with multiple devices connected to the network. 802.11n is backward compatible with older WiFi standards, making it compatible with a wide range of devices.
31.
31. (011) Which wireless standard was originally intended to create a wireless security platform that
would perform as securely as a traditional wired network by providing data encryption?
Correct Answer
B. B. Wired equivalency privacy (WEP).
Explanation
Wired equivalency privacy (WEP) was originally intended to create a wireless security platform that would perform as securely as a traditional wired network by providing data encryption. WEP was the first wireless security protocol used to secure wireless networks, but it is now considered to be weak and easily compromised.
32.
32. (012) Defense-in-depth is the Department of Defense (DOD) approach for establishing
Correct Answer
A. A. an adequate information assurance (IA) posture in a shared-risk environment.
Explanation
Defense-in-depth is a strategy used by the Department of Defense (DOD) to establish an adequate information assurance (IA) posture in a shared-risk environment. This approach involves implementing multiple layers of security controls to protect critical information and systems. By using a layered approach, the DOD can ensure that even if one layer of defense is breached, there are additional layers in place to prevent further unauthorized access or damage. This helps to mitigate the risks associated with a shared-risk environment, where multiple users or entities have access to the same resources.
33.
33. (012) What is assigned to all Department of Defense (DOD) information systems that is directly
associated with the importance of the information contained relative to achieving DOD goals and
objectives?
Correct Answer
D. D. Mission assurance category.
Explanation
The correct answer is d. Mission assurance category. The mission assurance category is assigned to all Department of Defense (DOD) information systems based on the importance of the information contained in them relative to achieving DOD goals and objectives. This category helps in determining the level of protection and security measures that need to be implemented for the information system. It ensures that the appropriate level of security controls are in place to protect the information and support the mission of the DOD.
34.
34. (013) Which of the following is not a result of initial information assurance (IA) awareness
training for all network users?
Correct Answer
C. C. Users have met investigative requirements.
Explanation
The correct answer is c. Users have met investigative requirements. This is not a result of initial information assurance (IA) awareness training for all network users. IA awareness training focuses on educating users about their role in IA and training them on network security. It does not involve meeting investigative requirements, which are typically related to conducting investigations or gathering evidence.
35.
35. (013) Who is the approval authority for foreign nationals to access unclassified systems?
Correct Answer
C. C. AF Network Operations (AFNETOPS) commander.
Explanation
The approval authority for foreign nationals to access unclassified systems is the AF Network Operations (AFNETOPS) commander. This individual is responsible for overseeing and managing the operations of the Air Force Network, including granting access to foreign nationals. The Wing commander and Wing information assurance officer (WIAO) may have some involvement in the approval process, but the ultimate authority lies with the AFNETOPS commander. The AF Network Operations Center (AFNOC) commander may also play a role in the approval process, but they are not specifically mentioned as the approval authority in this question.
36.
36. (013) Who initiates a local files check prior to allowing volunteers access to the AF network?
Correct Answer
B. B. Unit security manager.
Explanation
The correct answer is b. Unit security manager. The unit security manager is responsible for ensuring that volunteers have the necessary security clearances and meet all the requirements before granting them access to the AF network. They initiate a local files check to verify the volunteer's background and ensure they are eligible for network access. The unit commander may have input in the decision, but the unit security manager is the one who initiates the check. The ISSO and WISSO may also have involvement in the process, but they do not initiate the local files check.
37.
37. (014) The definition of integrity as it’s applied to identification, authentication, and encryption is
Correct Answer
D. D. the assurance that no one has changed or destroyed information without permission.
Explanation
The correct answer is d. the assurance that no one has changed or destroyed information without permission. This answer accurately describes the concept of integrity in the context of identification, authentication, and encryption. Integrity ensures that information remains unchanged and unaltered, providing assurance that unauthorized modifications or destruction have not occurred.
38.
38. (014) Logon and password management screens must be encrypted with at least what type of
secure socket layer?
Correct Answer
C. C. 128-bit.
Explanation
Logon and password management screens must be encrypted to ensure the security of user credentials. Encryption with a 128-bit secure socket layer provides a strong level of security, making it difficult for unauthorized individuals to intercept and decipher the transmitted data. A higher bit encryption, such as 256-bit, would offer even stronger security, but 128-bit encryption is commonly used and considered sufficient for most applications. Therefore, the correct answer is c. 128-bit.
39.
39. (014) Which common access card (CAC) certificate would be used to sign an enlisted
performance report (EPR)?
Correct Answer
D. D. Identification.
Explanation
The correct answer is "d. Identification" because when signing an enlisted performance report (EPR) with a common access card (CAC) certificate, the identification certificate is used. This certificate is used to verify the identity of the individual signing the document. The other options, such as digital, biometric, and encryption certificates, do not specifically pertain to the purpose of signing an EPR.
40.
40. (014) What does the common access card (CAC) certificate used to sign e-mail provide?
Correct Answer
D. D. Non-repudiation.
Explanation
The common access card (CAC) certificate used to sign e-mail provides non-repudiation. Non-repudiation means that the sender of the e-mail cannot deny sending it, as the CAC certificate ensures that the message is digitally signed and authenticated. This provides evidence of the sender's identity and prevents them from later claiming that they did not send the email.
41.
41. (014) The contract manager must use what agency to validate a contractor employee’s need to
obtain a government public key infrastructure (PKI) certificate?
Correct Answer
D. D. Local Registration Authority/Trusted Agent (LRA/TA).
Explanation
The correct answer is d. Local Registration Authority/Trusted Agent (LRA/TA). The contract manager must use the LRA/TA to validate a contractor employee's need to obtain a government public key infrastructure (PKI) certificate. The LRA/TA is responsible for verifying the identity and need of individuals requesting PKI certificates within a specific organization or agency. They ensure that only authorized individuals have access to PKI certificates, which are used for secure communication and authentication purposes.
42.
42. (015) Which of the following represents a strong password?
Correct Answer
D. D. GwL18!np*Z&fB3q.
Explanation
The password "GwL18!np*Z&fB3q" represents a strong password because it includes a combination of uppercase and lowercase letters, numbers, and special characters. This combination makes it more difficult for hackers to guess or crack the password. Additionally, the password is of sufficient length, which adds to its strength.
43.
43. (016) Which category of information must be stored on removable media?
Correct Answer
A. A. Classified.
Explanation
Classified information must be stored on removable media because it needs to be protected and controlled. Removable media allows for easier transport and storage of classified information, while also providing the ability to physically secure and restrict access to the media. Storing classified information on removable media helps to prevent unauthorized access and potential compromise of sensitive information.
44.
44. (017) Users who perform troubleshooting, configuration changes, or system reviews are given
which type of access?
Correct Answer
C. C. Administrative.
Explanation
Users who perform troubleshooting, configuration changes, or system reviews are given administrative access. This type of access allows them to have full control and authority over the system, including the ability to make changes, modify settings, and troubleshoot issues. Administrative access is typically granted to individuals who have the knowledge and expertise to handle these tasks and ensure the proper functioning of the system.
45.
45. (017) Which device provides the initial entry point into a network?
Correct Answer
D. D. Network access server.
Explanation
A network access server (NAS) is a device that provides the initial entry point into a network. It is responsible for authenticating and authorizing users, as well as providing them with access to the network. A router is a device that forwards data packets between networks, a firewall is a security device that monitors and controls incoming and outgoing network traffic, and a proxy server is a server that acts as an intermediary between clients and servers. None of these devices specifically serve as the initial entry point into a network like a NAS does.
46.
46. (018) Weaknesses or holes in a security system are considered
Correct Answer
C. C. vulnerabilities.
Explanation
Weaknesses or holes in a security system are considered vulnerabilities because they expose the system to potential threats and can be exploited by attackers. Vulnerabilities can include software bugs, misconfigurations, or design flaws that can be leveraged to compromise the security of a system. By identifying and addressing vulnerabilities, organizations can strengthen their security posture and reduce the risk of breaches or exploits.
47.
47. (018) Which of the following options is not involved when securing a UNIX system?
Correct Answer
C. C. Ensuring remote access.
Explanation
The option "Ensuring remote access" is not involved when securing a UNIX system. Securing a UNIX system typically involves shutting down ports to prevent unauthorized access, using strong passwords to protect user accounts, and disabling unused/unneeded services to reduce potential vulnerabilities. However, ensuring remote access is not directly related to securing the system, as it focuses on enabling and managing remote connections rather than implementing security measures.
48.
48. (018) Which UNIX command allows remote logins?
Correct Answer
B. B. telnet.
Explanation
The correct answer is b. telnet. Telnet is a UNIX command that allows remote logins. It is used to establish a remote connection to another computer over a network. With telnet, users can log in to a remote system and access its resources and services as if they were physically present at the remote location. Telnet is commonly used for remote administration, troubleshooting, and accessing remote servers. Other options such as rsh, finger, and FTP do not specifically allow remote logins like telnet does.
49.
49. (018) When vulnerabilities are discovered within the Windows operating system and other
products, Microsoft releases
Correct Answer
C. C. bulletins.
Explanation
When vulnerabilities are discovered within the Windows operating system and other products, Microsoft releases bulletins. Bulletins are official documents or notifications that provide information about the vulnerabilities, their impact, and any available patches or updates to fix them. These bulletins are important for users to stay informed about potential security risks and take necessary actions to protect their systems.
50.
50. (019) A companion file virus is one that
Correct Answer
D. D. renames the original file and writes itself with the original file’s name.
Explanation
A companion file virus is a type of virus that renames the original file and writes itself with the original file's name. This means that the virus disguises itself as the original file, making it difficult for users to detect and remove. By renaming the file and replacing it with the virus, the companion file virus can spread and infect other files without being easily detected. This method allows the virus to remain hidden and continue its malicious activities without raising suspicion.