Z3D053 CDC UREs

1. 5. (002) Human error causes approximately what percentage of all accidents?

40

60

75

95

2. 8. (004) Which of the following is not an example of unbound media?

Fiber optic.

Terrestrial.

Radio frequency.

Satellite microwave.

3. 24. (210) How often should communications security (COMSEC) access lists be reviewed for accuracy?

Weekly.

Monthly.

Quarterly.

Annually.

4. 48. (220) Sign the communication security (COMSEC) material destruction record

Immediately after the material is destroyed.

Immediately before the material is destroyed.

Within 12 hours after the material is destroyed.

Within 12 hours before the material is destroyed.

5. 7. (004) Which bound media has a core surrounded by cladding and a second layer surrounded by glass or plastic?

CAT–6.

Coaxial.

Fiber optic.

Twisted pair.

6. 9. (005) In which topology does a device wanting to communicate with another device on the network send a broadcast message onto the wire that all other devices see, but only the intended recipient actually accepts and processes?

Bus.

Star.

Ring.

Tree.

7. 18. (008) A logical connection point for the transmission of information packets is known as

A port.

A protocol.

A service point.

An entrance point.

8. 26. (009) Which type of transition technology is used to set up secure point-to-point communication?

Tunneling.

Dual layer.

Dual stack.

Peer-to-peer.

9. 39. (014) Which common access card (CAC) certificate would be used to sign an enlisted performance report (EPR)?

Digital.

Biometric.

Encryption.

Identification.

10. 41. (014) The contract manager must use what agency to validate a contractor employee’s need to obtain a government public key infrastructure (PKI) certificate?

Wing (WG).

Air Force (AF).

Department of Defense (DOD).

Local Registration Authority/Trusted Agent (LRA/TA).

11. 46. (018) Weaknesses or holes in a security system are considered

Threats.

Exploits.

Vulnerabilities.

Breaches of security.

12. 58. (023) What determines the number of alternate information assurance officers (IAO) in an organization?

Number of information systems.

Number of personnel assigned.

Type of organization.

Mission need.

13. 19. (008) Which port range constitutes well-known ports?

0 to 1023

1024 to 23535.

23536 to 49151.

49152 to 65535.

14. 20. (008) Which port is used for telnet?

7

20

23

53

15. 21. (008) Which port is used for hypertext transfer protocol (HTTP)?

21

22

60

80

16. 23. (008) Which type of scan is also known as a half open scan?

Fragment packets.

Synchronous (SYN) scan.

User datagram protocol (UDP) scan.

Transmission control protocol (TCP) scan.

17. 30. (011) What is the newest WiFi networking standard that is widely available?

802.11a.

802.11b.

802.11g.

802.11n.

18. 37. (014) The definition of integrity as it’s applied to identification, authentication, and encryption is

Having information ready when needed.

Not being able to deny who performed network actions.

The protection of the network from those not authorized access.

The assurance that no one has changed or destroyed information without permission.

19. 47. (018) Which of the following options is not involved when securing a UNIX system?

Shutting down ports.

Using strong passwords.

Ensuring remote access.

Disabling unused/unneeded services.

20. 52. (019) The two fundamental concepts of network security are

Authorization and confidentiality.

Authentication and authorization.

Confidentiality and integrity.

Authorization and integrity.

21. 23. (210) Which type of security clearance is not valid for personnel on a communications security (COMSEC) access list?

A final security clearance.

An interim security clearance.

A clearance equal to the COMSEC being accessed.

A clearance higher than the COMSEC being accessed.

22. 44. (219) Who may destroy communications security (COMSEC) material?

Communications security account manager (CAM) or any responsible person on the COMSECaccess list.

Communications security responsible officer (CRO).

Alternate CAM only.

CAM only.

23. 54. (223) When you are performing courier duties and transporting bulky communication security (COMSEC) material through the airlines, when is it acceptable to leave the COMSEC material unattended?

Under no circumstances.

When it is in a baggage claim area.

When it is loaded on a cargo dock.

When it is passed on to authorized airport personnel.

24. 55. (224) How many times do you wrap communications security (COMSEC) material prior to transportation?

One.

Two.

Three.

Four.

25. 4. (002) What is the third step in the risk management (RM) process?

Assets hazards.

Implement controls.

Supervise and evaluate.

Develop controls and make decisions.

26. 14. (006) The sequence of leading bits in an internet protocol (IP) that are used to identify the network portion of an IP address is called a

Mask.

Subnet.

Hierarchy.

Routing prefix.

27. 17. (007) Which protocol is an Internet Engineering Task Force (IETF) standard designed to reduce the administration burden and complexity of configuring hosts on a transmission control protocol/internet protocol (TCP/IP) based network?

Internet protocol (IP).

Hypertext transfer protocol (HTTP).

Transmission control protocol (TCP).

Dynamic host configuration protocol (DHCP).

28. 40. (014) What does the common access card (CAC) certificate used to sign e-mail provide?

Integrity.

Availability.

Confidentiality.

Non-repudiation.

29. 42. (015) Which of the following represents a strong password?

1234!@#$asAShi.

P@ssw0rd123456.

Wsob^@49fg91*hd.

GwL18!np*Z&fB3q.

30. 51. (019) A program that contains or installs a malicious program is called a

Boot sector virus.

Worm program.

Trojan horse.

Macro virus.

31. 74. (028) Which term identifies any equipment or area in which classified information is processed?

TEMPEST.

BLACK.

EMSEC.

RED.

32. 83. (030) In which information assurance control must an organization ensure individual information system user actions can be traced to the user?

Risk Assessment (RA).

Personnel Security (PS).

Audit and Accountability (AU).

System and Information Integrity (SI).

33. 86. (031) What is the minimum rank the AF Information Network (AFIN) connection approval can be delegated to?

Major General (O–8).

Brigadier General (O–7).

Colonel (O–6).

Lieutenant Colonel (O–5).

34. 90. (033) Which of the following is not a phase in the information technology (IT) Lean reengineering process?

Design.

Define need.

Build and test.

Define need review.

35. 19. (209) Which of the following requirements would make a person ineligible for the cryptographic access program (CAP)?

Hold an interim security clearance.

Have a final security clearance.

Be a DOD cleared contractor.

Be a US citizen.

36. 39. (217) When you are sealing a package containing communications security (COMSEC) material where do you place your initials?

Upper right-hand corner.

Lower right-hand corner.

Bottom of envelope.

Across the seal.

37. 41. (218) Changes that must be made to material in communication security (COMSEC) publications are called

Modifications.

Amendments.

Corrections.

Updates.

38. 52. (222) How many people must unwrap the inner wrapper of a top secret (TS) crypto package?

One.

Two.

Three.

Four.

39. 79. (235) Comm kits are normally contained in

3-part folders.

6-part folders.

3-ring binders.

6-ring binders.

40. 2. (001) Which career field deploys, sustains, troubleshoots, and repairs standard voice, data, video network, and cryptographic client devices in fixed and deployed environments?

Client Systems (3D1X1).

Spectrum Operations (3D1X4).

Cyber Transport Systems (3D1X2).

Radio Frequency Transmission Systems (3D1X3).

41. 16. (007) Which transmission control protocol (TCP) port is used by hypertext transfer protocol

50

B. 80.

C. 5050.

D. 8080.

42. 38. (014) Logon and password management screens must be encrypted with at least what type of secure socket layer?

32-bit.

64-bit.

128-bit.

256-bit.

43. 43. (016) Which category of information must be stored on removable media?

Classified.

Unclassified.

Sensitive but unclassified.

For official use only (FOUO).

44. 44. (017) Users who perform troubleshooting, configuration changes, or system reviews are given which type of access?

End-user.

Remote user.

Administrative.

Limited (general).

45. 78. (029) Who is the installation’s focal point for emission security (EMSEC) matters?

Wing commander.

Information security system manager (ISPM).

Wing information assurance office (WIAO).

Communications and information system officer (CSO).

46. 26. (211) At a minimum, how often must you review the communications security (COMSEC) access list?

Every week.

Every two weeks.

Once a month.

Every six months.

47. 43. (219) Who requests disposition instructions for communications security (COMSEC) material?

Unit commander.

COMSEC material user.

Communications security account manager (CAM).

Cryptographic access program (CAP) administrator.

48. 50. (221) Two-person integrity (TPI) is the storage and handling system that prohibits access by any single person to what classification of communications security (COMSEC) material?

Top Secret (TS).

Secret.

Confidential.

Unclassified.

49. 51. (221) What provides the special protection of Top Secret (TS) communications security (COMSEC) material that is needed to help prevent otherwise avoidable problems from happening?

Two-person control (TPC).

Two-person integrity (TPI).

Cryptographic access program (CAP).

Communications security management system (CMS).

50. 64. (229) The front of the KOK–22A device fill connector allows interface with which type of file devices?

DS–101 only.

DS–102 only.

DS–101 and DS–102.

All types of fill devices.

51. 65. (229) On the back of the KOK–22A, which interface allows you to connect the serial input/output (I/O) port of the key processor (KP) to the serial I/O port of the controlling computer?

Black fill I/O.

Ground (GND) terminal.

RS–232 connector.

Ethernet connector.

52. 1. (001) Which of the following is a duty performed by a cyber surety journeyman?

Sustain cryptographic equipment.

Install and maintain servers or other computer systems.

Manage data, information, and knowledge sharing services.

Detection activities, including real-time intrusion detection and firewall protection.

53. 12. (006) Which class of internet protocol (IP) addresses is only used for experimental purposes?

B.

C.

D.

E.

54. 13. (006) Which internet protocol (IP) address is used for limited broadcasts?

X.x.x.0.

X.x.x.255.

127.x.x.x.

255.255.255.255.

55. 15. (007) Which protocol does the Internet support as the “language” computers use to find and connect with each other?

User datagram protocol (UDP).

B. Hypertext transfer protocol (HTTP).

C. Dynamic host configuration protocol (DHCP).

D. Transmission control protocol/Internet Protocol (TCP/IP).

56. 34. (013) Which of the following is not a result of initial information assurance (IA) awareness training for all network users?

Users are aware of their role in IA.

Users are trained on network security.

Users have met investigative requirements.

Users have satisfied network access requirements.

57. 49. (018) When vulnerabilities are discovered within the Windows operating system and other products, Microsoft releases

Notices.

Postings.

Bulletins.

Announcements.

58. 50. (019) A companion file virus is one that

Writes itself before the original file.

Writes itself to the end of the original file.

Writes itself between file sections of 32-bit file.

Renames the original file and writes itself with the original file’s name.

59. 59. (024) What is the minimum grade requirement for an information assurance assessment and assistance program (IAAP) team chief?

NCO.

SNCO.

GS–07.

GS–09.

60. 63. (025) Where are thermal transfer and dye sublimation cartridges sent for sanitization?

Communications squadron (CS).

National Security Agency (NSA).

General Services Administration (GSA).

Wing Information Assurance Office (WIAO).

61. 64. (025) How many times should you wipe each active surface of the media being degaussed when using a degaussing wand?

2

3

4

5

62. 67. (026) How many years are the records of destruction of a hard drive maintained?

1

3

5

7

63. 4. (201) Who assists the communications security account manager (CAM) with day-to-day administration and maintenance of accounting records for communications security (COMSEC) material?

Local communication security management system (LCMS) administrator.

Communications security responsible officer (CRO).

COMSEC accountant.

Controlling authorities.

64. Match the following

Choice 1

Choice 2

Submit

65. 71. (233) Who provides formal classroom training to instruct aircrews on how to establish and maintain communications?

Pilots.

Communications security manager (CAM).

Information system security officer (ISSO).

Combat Crew Communications (CCC) technician.

66. 72. (233) What squadron are Combat Crew Communications (CCC) units assigned to?

Training.

Communications.

Mission support.

Operations support.

67. 73. (234) Combat Crew Communications (CCC) Level 2 certification ensures personnel are qualified to support

Conventional missions.

Simulated missions.

Directed missions.

Nuclear missions.

68. 75. (234) Which code helps the Air Force identify special experience and training?

Air Force specialty code (AFSC).

Special experience identifiers (SEI).

Air Force career experience level code.

Commercial vendor certification identifier.

69. 29. (011) Which is the slowest yet least expensive WiFi standard?

802.11a.

802.11b.

802.11g.

802.11n.

70. 32. (012) Defense-in-depth is the Department of Defense (DOD) approach for establishing

An adequate information assurance (IA) posture in a shared-risk environment.

An adequate IA posture in the AF environment.

A federal desktop configuration.

A federal server configuration.

71. 55. (020) When classified information is inadvertently sent through unclassified e-mail it is considered

An e-mail incident.

A message incident.

A classified e-mail incident.

A classified message incident.

72. 65. (025) How often must a degausser be recertified during its first 2 years of operation?

Every 3 months.

Every 6 months.

Every 12 months.

Only once during the first two years.

73. 70. (027) Who has the authority to impose restrictions upon and prohibit the use of government owned removable information systems storage media for classified systems or networks?

Major command (MAJCOM).

Wing (WG) commander.

Officer in charge (OIC).

Authorizing officials.

74. 79. (029) An emission security (EMSEC) manager documents an EMSEC assessment on

AF Form 4170.

AF Form 6170.

Standard Form 700.

Standard Form 701.

75. 2. (201) What allows one electronic key management system (EKMS) element to pass required information to another EKMS element enabling both elements to generate the same key session?

Communications security (COMSEC) account.

Firefly credentials.

Cryptoperiod.

Cryptonet.

76. 28. (212) What term is used to describe a communication security (COMSEC) security lapse with a potential to jeopardize the security of COMSEC material if it is allowed to continue?

COMSEC incident.

COMSEC deviation.

COMSEC insecurity.

Practice dangerous to security (PDS).

77. 36. (215) A communications security account manager (CAM) submits an amplifying report every how many days until the final report is submitted?

7

14

30

45

78. 38. (217) When you create a communication security physical inventory (CPI), you will need to include all of the following information except

Accounting legend code (ALC).

Edition.

Quantity.

Short title.

79. 57. (225) What local communications security management software (LCMS) desktop function provides a user with the ability to securely pass information and/or transfer Electronic Key Management System (EKMS) messages/keys directly to other EKMS accounts?

X.400.

X.500.

Message.

Direct Comms.

80. 6. (003) Which type of network typically provides wireless broadband data services?

Global network.

Wireless local area network (WLAN).

Wireless wide area network (WWAN).

Wireless metropolitan area network (WMAN).

81. 10. (006) When viewed in binary form, each octet within an Internet Protocol (IP) address has how many positions?

4

6

8

10

82. 22. (008) In which type of port scan does the scanner connect to the same port on more than one machine?

Strobe scan.

Sweep scan.

Fragment packet scan.

File transfer protocol (FTP) bounce scan.

83. 31. (011) Which wireless standard was originally intended to create a wireless security platform that would perform as securely as a traditional wired network by providing data encryption?

WiFi protected access (WPA).

Wired equivalency privacy (WEP).

Wireless local area network (WLAN).

Wireless wide area network (WWAN).

84. 57. (022) Continuity of operations plans (COOP) are not used in which of the following situations?

Accidents.

Man-made disasters.

Health related incidents.

Operating system failure.

85. 66. (026) When destroying DVD storage devices, what is the maximum particle size allowable on the normal edge dimensions?

10 square millimeters.

15 square millimeters.

20 square millimeters.

25 square millimeters.

86. 71. (027) Which standard form (SF) is used to record the opening and closing of security containers?

SF 700.

SF 702.

SF 704.

SF 705.

87. 73. (027) An installation commander can authorize keeping which classification types on the flight line for in-transit storage?

Secret and top secret.

Confidential and secret.

Unclassified and confidential.

All classifications may be kept on the flight line.

88. 29. (213) When an error or anomaly is detected upon receipt/inspection of communications security (COMSEC) material, who sends a message to DIRNSA/I31132?

Unit commander.

Security manager.

Communications security account manager (CAM).

Communication security responsible officer (CRO).

89. 34. (215) The rank requirement for an inquiry officer includes all of these except

Captain.

Master Sergeant.

Technical Sergeant.

GS–9.

90. Which one do you like?

Option 1

Option 2

Option 3

Option 4

91. 58. (226) Which statement is not accurate regarding firefly credentials?

They have a set cryptoperiod.

They have an expiration date.

They are valid for one month from the creation date.

They must be generated to successfully exchange keying material (KEYMAT).

92. 76. (235) Who is responsible for building, issuing, and recovering comm kits?

Pilots.

Communications security manager (CAM).

Information system security officer (ISSO).

Combat Crew Communications (CCC) technician.

93. 28. (010) Administrators must be in the habit of doing what to make it possible for replacement administrators to accomplish the same tasks as their predecessors?

Installing all applicable security patches.

Creating continuity throughout the network.

Minimizing risks posed by various cyberspace threats.

Keeping complete and accurate documentation for all configuration changes.

94. 48. (018) Which UNIX command allows remote logins?

Rsh.

Telnet.

Finger.

File transfer protocol (FTP).

95. 1. (201) What is a collection of interoperable systems developed for the services and government agencies to automate handling and management of communications security (COMSEC) material?

Electronic key management system (EKMS).

COMSEC account.

Firefly credentials.

Cryptonet.

96. 11. (205) Who performs the semiannual inspections and audits on the base communications security (COMSEC) account?

Communications security responsible officer (CRO).

Communications security account manager (CAM).

COMSEC accountant.

Security manager.

97. 35. (215) Who completes an initial report for each communications security (COMSEC) incident?

Communications security account manager (CAM).

Communications security responsible officer (CRO).

Information assurance officer (IAO).

Responsible party.

98. 37. (216) When removing material from a communication security physical inventory (CPI), always annotate it by

Using red ink.

Using green ink.

Using correction fluid.

Writing a memorandum for record (MFR).

99. 84. (236) What type of change notice is not scheduled and is only published as required to provide amendments for safety and flight information?

Urgent.

Enroute.

Planning.

Terminal.

100. 11. (006) How many bits are within an internet protocol version 4 (IPv4) address?

32

64

128

256

101. 33. (012) What is assigned to all Department of Defense (DOD) information systems that is directly associated with the importance of the information contained relative to achieving DOD goals and objectives?

Secure location.

System classification.

Defense-in-depth code.

Mission assurance category.

102. 45. (017) Which device provides the initial entry point into a network?

Router.

Firewall.

Proxy server.

Network access server.

103. Which one do you like?

Option 1

Option 2

Option 3

Option 4

104. 13. (206) Qualified personnel perform preventative maintenance and security inspections on safes and vaults every

Two years.

Five years.

Two years for safes and five years for vaults.

Five years for safes and two years for vaults.

105. 59. (226) The simple key loader (SKL) is the replacement for which device?

Data transfer device (DTD).

Data management device (DMD).

Secure terminal equipment (STE).

Secure telephone unit-third generation (STU-III).

106. 81. (236) Flight Information Publications (FLIP) are divided into how many geographical regions?

4

8

10

12

107. 25. (009) How is an Internet protocol version 6 (IPv6) address written?

Eight groups of four hexadecimal numbers, separated by colons.

Eight groups of four hexadecimal numbers, separated by periods.

Four groups of eight hexadecimal numbers, separated by colons.

Four groups of eight hexadecimal numbers, separated by periods.

108. Which one do you like?

Option 1

Option 2

Option 3

Option 4

109. 72. (027) Personnel removing top secret material from storage must use

An Air Force (AF) Form 144.

A Standard Form (SF) 704.

A SF 705.

A SF 706.

110. 82. (030) What type of impact occurs when the loss of confidentiality, integrity, and availability (CIA) could be expected to have a serious adverse effect on organizational operations, organizational assets, or people?

Low.

Moderate.

High.

Extreme.

111. 88. (032) Integrated Network Operations Security Centers (I-NOSC) use security and network monitoring tools to do all of the following except

Restore systems.

Monitor network health.

Identify system vulnerabilities.

Review contents of fixed disks.

112. 6. (202) Who requires that the communications security account manager (CAM) be formally trained to certify the training of local management device/key processor (LMD/KP) platform users?

Federal Aviation Administration (FAA).

Cryptologic Systems Division (CPSD).

National Security Agency (NSA).

Major command (MAJCOM).

113. 25. (210) At the base level, who initials the communications security (COMSEC) access list?

Communications security account manager (CAM).

Communications security responsible officer (CRO).

Base commander.

Base security manager.

114. 33. (215) Within how many hours from the time a communications security (COMSEC) incident is discovered must a commander appoint an inquiry officer?

24

36

48

72

115. 40. (217) How often must a communications security account manager (CAM) review the communications security (COMSEC) physical inventory?

Once a month.

Every 3 months.

Every 6 months.

Every 12 months.

116. 42. (218) How many people are required to complete page replacements in unclassified communication security (COMSEC) publications?

One.

Two.

Three.

Four.

117. 63. (228) How often must local communications management software (LCMS) audit data be reviewed?

Daily.

Weekly.

Monthly

Quarterly.

118. 77. (235) Of the four types of comm kits you can build, which one includes the coverage period of the mission plus 3 days?

1

2

3

4

119. 69. (027) Which standard form (SF) label is used as a data descriptor label?

SF 701.

SF 706.

SF 710.

SF 711.

120. 8. (203) Who assists the communications security account manager (CAM) in his or her day-to-day duties?

Communications security responsible officer (CRO).

Communications access program (CAP) assistant.

Communications security accountant.

Security manager.

121. 31. (214) What type of communications security (COMSEC) incident is any loss of control, theft, capture, recovery by salvage, tampering, unauthorized viewing, access, or photographing that has the potential to jeopardize COMSEC material?

Aircraft.

Physical.

Personnel.

Cryptographic.

122. 53. (222) How many people are required to transport Top Secret (TS) keying material (KEYMAT) sealed in National Security Agency (NSA) protective packaging?

One.

Two.

Three.

Four.

123. 74. (234) Once entered into Combat Crew Communications (CCC) Level 1 certification training, how long does an active duty technician have to complete certification?

30 days.

60 days.

6 months.

1 year.

124. 82. (236) Which documents are designed to provide aircrews with information on radio navigation, departure, airway structure, approach and landing information?

Ariel and flight.

Enroute and terminal.

Departure and arrival.

Geographical and communications.

125. 83. (236) Flight Information Handbooks (FIH) are issued every

6 weeks.

18 weeks.

32 weeks.

48 weeks.

126. 62. (025) When sanitizing sealed disks with a degausser, what percentage of the overwritten information should be randomly reread to confirm only the overwritten characters are recovered?

1

3

5

10

127. 77. (029) What type of equipment is used for acquisition, storage and manipulation of voice and data?

System equipment.

Cryptographic equipment.

Communications equipment.

Information technology equipment.

128. 22. (209) Who is responsible for overseeing the cryptographic access program (CAP) and providing written local procedures to the CAP administrator?

Security manager.

Unit commander.

Communications security account manager (CAM).

Communications security responsible officer (CRO).

129. 56. (224) Which method is not used to complete a bulk encrypted transaction (BET)?

X.400.

Floppy disk.

Direct communications.

Defense Courier Service (DCS).

130. 3. (002) How many steps are in the risk management (RM) process?

4

5

6

7

131. 75. (028) A facility with an inspectable space of more than 20 meters, but less than 100 meters is considered to be in facility zone

A.

B.

C.

D.

132. 32. (215) Report communications security (COMSEC) deviations and incidents immediately to all of these personnel except

Security manager.

Commander.

Communications security account manager (CAM).

Communications security responsible officer (CRO).

133. 46. (219) Which is not an authorized method to destroy key tapes?

Disintegrating.

Pulverizing.

Shredding.

Burning.

134. 61. (227) The local management device (LMD) supports or utilizes all of the following except

The Santa Cruz Operation (SCO) UNIX Open Server operating system.

Unencrypted keying material (KEYMAT).

Dial-up communications.

Encrypted KEYMAT.

135. 78. (235) What comm kit type do you build for emergency war orders (EWO)?

1

2

3

4

136. 85. (236) Which squadron commander must be notified before outdated Flight Information Publications (FLIP) information is issued?

Communications.

Mission support.

Operations support.

Combat communications.

137. 85. (031) In which phase of the Department of Defense information assurance certification and accreditation process (DIACAP) do you initiate and plan for certification and accreditation (C&A)?

I.

II.

III.

IV.

138. 18. (208) Which form do you use to record the arrival or departure of all personnel not named on the facility authorized access list?

Standard Form (SF) 701.

SF 702.

AF Form 1109.

AFTO Form 36.

139. 20. (209) Those not eligible to be enrolled in the cryptographic access program (CAP) are personnel

Assigned to communications security (COMSEC) accounts.

Who operate certification authority workstations (CAW).

With access to only Confidential cryptographic media.

Who perform duties as cryptographic maintenance, engineering or installation technicians.

140. 45. (219) Which is not an authorized method for routinely destroying paper communications security (COMSEC) aids?

Disintegrating.

Pulverizing.

Burning.

Pulping.

141. 47. (220) What form serves as the destruction certificate for communication security (COMSEC) material?

Standard Form (SF) 153.

Air Force (AF) Form 1109.

Air Force Communications Security (AFCOMSEC) Form 9.

AFCOMSEC Form 16.

142. 5. (201) Who is responsible for identifying cryptonet members?

Local communication security management system (LCMS) administrator.

Communications security responsible officer (CRO).

Communications security (COMSEC) accountant.

Controlling authorities.

143. 10. (204) When a unit receives an unsatisfactory rating on a communications security (COMSEC) inspection, the wing will reassess the unit within how many days?

30

45

60

90

144. 54. (020) An incident in which an Air Force computer, information system, or network was denied use due to an overwhelming volume of unauthorized network traffic is category

I.

II.

IV.

VII.

145. 7. (202) Who must sign all communications security manager (CAM) waivers?

Unit commander.

Security manager.

Wing commander.

Communications security responsible officer (CRO).

146. 61. (025) Which form is used to annotate that storage media from an information system has been cleared?

SF 700.

SF 702.

SF 703.

SF 711.

147. 80. (029) Once it is filled out an AF Form 4170, Emission Security Assessments/Emission Security Countermeasures, is considered

Secret.

Top secret.

Unclassified.

Confidential.

148. 9. (204) Wing information assurance (IA) assessments are generally conducted every

Six months.

Year.

Two years.

Three years.

149. 15. (207) For accountability purposes, store short-term keyed devices in an approved container and account for the devices on a

Communications security physical inventory (CPI).

Electronic Key Management System (EKMS).

Standard Form (SF) 700, Security Container Information.

SF 702, Security Container Checklist.

150. 60. (227) What classification of communication security (COMSEC) material is the local management device (LMD) designed to support and process?

Secret.

Crypto.

Top Secret.

Confidential.

151. 66. (230) What is the classification of magnetic media used to transport encrypted key?

Top Secret.

Secret.

Confidential.

Unclassified.

152. 60. (024) Which agency conducts assessments of wing information assurance (IA) programs using an AF Form 4170 every two years or sooner?

Wings (WG).

Squadrons (SG).

Major commands (MAJCOM).

Headquarters Air Force Network Integration Center (HQ AFNIC).

153. 12. (205) How often does the communications security account manager (CAM) perform an assessment on the communications security responsible officer (CRO) communication security (COMSEC) account?

Monthly.

Quarterly.

Semiannually.

Yearly.

154. 16. (208) Which form do you use to document and annotate opening, closing, and checking of any GSA-approved security container?

SF 700.

SF 701.

SF 702.

AF IMT 1109.

155. 30. (214) What type of incident includes the unauthorized disclosure of communications security (COMSEC) information or material?

Physical.

Personnel.

Cryptographic.

Practice dangerous to security.

156. 80. (236) Which is not a flight phase that Flight Information Publications (FLIP) are aligned with?

Enroute.

Planning.

Terminal.

Approach.

157. 27. (010) Networked resources must be consistently monitored and controlled to ensure access to the network while

Installing all applicable security patches.

Creating continuity throughout the network.

Minimizing risks posed by various cyberspace threats.

Keeping complete and accurate documentation for all configuration changes.

158. 68. (026) When overwriting hard drives, you must examine no less than what percentage of all overwritten hard drives to verify the overwriting process?

10

20

50

70

159. 81. (030) How many steps are in the risk management framework process?

4

5

6

7

160. 87. (031) Who is the connection approval authority for mission assurance category I (MAC I) systems?

AF Network Operations (AFNETOPS) commander.

AF Network Integration Center (AFNIC) commander.

Wing communications and information systems officer (CSO).

MAJCOM communications and information systems officer (CSO).

161. 27. (212) What is the term used to identify the highest level of security lapse in handling communications security (COMSEC)?

COMSEC incident.

COMSEC deviation.

COMSEC insecurity.

Practice dangerous to security (PDS).

162. 49. (220) What is the classification of the Standard Form (SF) 153 when the disposition record card (DRC) is attached?

Top Secret (TS).

Secret.

Confidential.

Unclassified.

163. 67. (231) Which communication security (COMSEC) management software is used in conjunction with the key processor (KP) to generate electronic keys as well as transfer physical and electronic keys to other COMSEC accounts?

User application software (UAS).

Common user application software (CUAS).

Card loader user application software (CLUAS).

Local communications security management software (LCMS).

164. 56. (021) Who tracks Air Force information condition (INFOCON) status to ensure directed actions are accomplished in a timely manner?

Major commands.

Direct reporting units.

Field operating agencies.

Air Force network operating center network control division.

165. 84. (030) How many steps are in the system development life cycle?

4

5

6

8

166. 24. (008) Which organization is responsible for developing Air Force ports, protocols and services (PPS) policies and procedures?

Air Force Network Operations (AFNetOps).

Air Force Network Integration Center (AFNIC).

Air Force Network Operations Center (AFNOC).

Air Force Information, Services and Integration Directorate (SAF/XCIA).

167. 36. (013) Who initiates a local files check prior to allowing volunteers access to the AF network?

Unit commander.

Unit security manager.

Information system security officer (ISSO).

Wing information system security office (WISSO).

168. 69. (232) Which communications security (COMSEC) management software uses menus and submenus for necessary tasks?

User application software (UAS).

Common user application software (CUAS).

Card loader user application software (CLUAS).

Local communications security management software (LCMS).

169. 76. (028) Equipment with an equipment radiation TEMPEST zone (ERTZ) of 20 to 100 meters is considered to be in equipment zone considered to be in facility zone

A.

B.

C.

D.

170. 89. (032) Automated security incident measurement (ASIM) transcripts are controlled and are only released with approval of the

Wing commander (WG).

Major command (MAJCOM) commander.

Air Force network operations center (AFNOC).

Air Force Office of Special Investigation (AFOSI).

171. 17. (208) Which form do you use to document when a safe or vault is put into use?

SF 701.

SF 702.

AF Form 1109.

AFTO Form 36.

172. 35. (013) Who is the approval authority for foreign nationals to access unclassified systems?

Wing commander.

Wing information assurance officer (WIAO).

AF Network Operations (AFNETOPS) commander.

AF Network Operations Center (AFNOC) commander.

173. 68. (231) Which communication security (COMSEC) management software allows a user to view the exact location of any COMSEC item held by the local account or a local element?

User application software (UAS).

Common user application software (CUAS).

Card loader user application software (CLUAS).

Local communication security management software (LCMS).

174. 70. (232) Which communications security (COMSEC) management software does not allow an account to perform a semiannual inventory?

User application software (UAS).

Common user application software (CUAS).

Card loader user application software (CLUAS).

Local communications security management software (LCMS).

175. 53. (020) An incident in which an unauthorized person gained user-level privileges on an Air Force computer, information system, or network device is considered category

I.

II.

IV.

VII.

176. 3. (201) Who appoints a communications security responsible officer (CRO) to support a unit’s communications security (COMSEC) mission?

Communications security account manager (CAM).

Communications unit commander.

Supported unit commander.

Wing commander.

177. 62. (228) Which type of National Security Agency (NSA)-approved encryption device does the local management device (LMD) use to communicate over a communications link?

Type I.

Type II.

Type III.

Type IV.

178. 21. (209) Who appoints a cryptographic access program (CAP) administrator?

Security manager.

Unit commander.

Communications security account manager (CAM).

Communications security responsible officer (CRO).

179. 14. (206) Which form is used to document the highest level classification of a security container?

SF 700.

SF 702.

AF IMT 1109.

AFTO Form 36.

Z3d053 CDC UREs

1. 5. (002) Human error causes approximately what percentage of all accidents?

2.

What first name or nickname would you like us to use?

2. 8. (004) Which of the following is not an example of unbound media?

3. 24. (210) How often should communications security (COMSEC) access lists be reviewed for accuracy?

4. 48. (220) Sign the communication security (COMSEC) material destruction record

5. 7. (004) Which bound media has a core surrounded by cladding and a second layer surrounded by glass or plastic?

6. 9. (005) In which topology does a device wanting to communicate with another device on the network send a broadcast message onto the wire that all other devices see, but only the intended recipient actually accepts and processes?

7. 18. (008) A logical connection point for the transmission of information packets is known as

8. 26. (009) Which type of transition technology is used to set up secure point-to-point communication?

9. 39. (014) Which common access card (CAC) certificate would be used to sign an enlisted performance report (EPR)?

10. 41. (014) The contract manager must use what agency to validate a contractor employee’s need to obtain a government public key infrastructure (PKI) certificate?

11. 46. (018) Weaknesses or holes in a security system are considered

12. 58. (023) What determines the number of alternate information assurance officers (IAO) in an organization?

13. 19. (008) Which port range constitutes well-known ports?

14. 20. (008) Which port is used for telnet?

15. 21. (008) Which port is used for hypertext transfer protocol (HTTP)?

16. 23. (008) Which type of scan is also known as a half open scan?

17. 30. (011) What is the newest WiFi networking standard that is widely available?

18. 37. (014) The definition of integrity as it’s applied to identification, authentication, and encryption is

19. 47. (018) Which of the following options is not involved when securing a UNIX system?

20. 52. (019) The two fundamental concepts of network security are

21. 23. (210) Which type of security clearance is not valid for personnel on a communications security (COMSEC) access list?

22. 44. (219) Who may destroy communications security (COMSEC) material?

23. 54. (223) When you are performing courier duties and transporting bulky communication security (COMSEC) material through the airlines, when is it acceptable to leave the COMSEC material unattended?

24. 55. (224) How many times do you wrap communications security (COMSEC) material prior to transportation?

25. 4. (002) What is the third step in the risk management (RM) process?

26. 14. (006) The sequence of leading bits in an internet protocol (IP) that are used to identify the network portion of an IP address is called a

27. 17. (007) Which protocol is an Internet Engineering Task Force (IETF) standard designed to reduce the administration burden and complexity of configuring hosts on a transmission control protocol/internet protocol (TCP/IP) based network?

28. 40. (014) What does the common access card (CAC) certificate used to sign e-mail provide?

29. 42. (015) Which of the following represents a strong password?

30. 51. (019) A program that contains or installs a malicious program is called a

31. 74. (028) Which term identifies any equipment or area in which classified information is processed?

32. 83. (030) In which information assurance control must an organization ensure individual information system user actions can be traced to the user?

33. 86. (031) What is the minimum rank the AF Information Network (AFIN) connection approval can be delegated to?

34. 90. (033) Which of the following is not a phase in the information technology (IT) Lean reengineering process?

35. 19. (209) Which of the following requirements would make a person ineligible for the cryptographic access program (CAP)?

36. 39. (217) When you are sealing a package containing communications security (COMSEC) material where do you place your initials?

37. 41. (218) Changes that must be made to material in communication security (COMSEC) publications are called

38. 52. (222) How many people must unwrap the inner wrapper of a top secret (TS) crypto package?

39. 79. (235) Comm kits are normally contained in

40. 2. (001) Which career field deploys, sustains, troubleshoots, and repairs standard voice, data, video network, and cryptographic client devices in fixed and deployed environments?

41. 16. (007) Which transmission control protocol (TCP) port is used by hypertext transfer protocol

42. 38. (014) Logon and password management screens must be encrypted with at least what type of secure socket layer?

43. 43. (016) Which category of information must be stored on removable media?

44. 44. (017) Users who perform troubleshooting, configuration changes, or system reviews are given which type of access?

45. 78. (029) Who is the installation’s focal point for emission security (EMSEC) matters?

46. 26. (211) At a minimum, how often must you review the communications security (COMSEC) access list?

47. 43. (219) Who requests disposition instructions for communications security (COMSEC) material?

48. 50. (221) Two-person integrity (TPI) is the storage and handling system that prohibits access by any single person to what classification of communications security (COMSEC) material?

49. 51. (221) What provides the special protection of Top Secret (TS) communications security (COMSEC) material that is needed to help prevent otherwise avoidable problems from happening?

50. 64. (229) The front of the KOK–22A device fill connector allows interface with which type of file devices?

51. 65. (229) On the back of the KOK–22A, which interface allows you to connect the serial input/output (I/O) port of the key processor (KP) to the serial I/O port of the controlling computer?

52. 1. (001) Which of the following is a duty performed by a cyber surety journeyman?

53. 12. (006) Which class of internet protocol (IP) addresses is only used for experimental purposes?

54. 13. (006) Which internet protocol (IP) address is used for limited broadcasts?

55. 15. (007) Which protocol does the Internet support as the “language” computers use to find and connect with each other?

56. 34. (013) Which of the following is not a result of initial information assurance (IA) awareness training for all network users?

57. 49. (018) When vulnerabilities are discovered within the Windows operating system and other products, Microsoft releases

58. 50. (019) A companion file virus is one that

59. 59. (024) What is the minimum grade requirement for an information assurance assessment and assistance program (IAAP) team chief?

60. 63. (025) Where are thermal transfer and dye sublimation cartridges sent for sanitization?

61. 64. (025) How many times should you wipe each active surface of the media being degaussed when using a degaussing wand?

62. 67. (026) How many years are the records of destruction of a hard drive maintained?

63. 4. (201) Who assists the communications security account manager (CAM) with day-to-day administration and maintenance of accounting records for communications security (COMSEC) material?

64. Match the following

65. 71. (233) Who provides formal classroom training to instruct aircrews on how to establish and maintain communications?

66. 72. (233) What squadron are Combat Crew Communications (CCC) units assigned to?

67. 73. (234) Combat Crew Communications (CCC) Level 2 certification ensures personnel are qualified to support

68. 75. (234) Which code helps the Air Force identify special experience and training?

69. 29. (011) Which is the slowest yet least expensive WiFi standard?

70. 32. (012) Defense-in-depth is the Department of Defense (DOD) approach for establishing

71. 55. (020) When classified information is inadvertently sent through unclassified e-mail it is considered

72. 65. (025) How often must a degausser be recertified during its first 2 years of operation?

73. 70. (027) Who has the authority to impose restrictions upon and prohibit the use of government owned removable information systems storage media for classified systems or networks?

74. 79. (029) An emission security (EMSEC) manager documents an EMSEC assessment on

75. 2. (201) What allows one electronic key management system (EKMS) element to pass required information to another EKMS element enabling both elements to generate the same key session?

76. 28. (212) What term is used to describe a communication security (COMSEC) security lapse with a potential to jeopardize the security of COMSEC material if it is allowed to continue?

77. 36. (215) A communications security account manager (CAM) submits an amplifying report every how many days until the final report is submitted?