1.
(001) The Cyber Surety journeyman monitors all of the following programs except
Correct Answer
C. Information security (INFOSEC).
Explanation
The Cyber Surety journeyman is responsible for monitoring and ensuring the security of various programs. This includes communications security (COMSEC), computer security (COMPUSEC), and emissions security (EMSEC). However, the journeyman does not monitor information security (INFOSEC) as it is not listed as one of their responsibilities.
2.
(002) What is the fourth step in the operational risk management (ORM) process?
Correct Answer
B. Make decisions based on overall cost versus benefit.
Explanation
The fourth step in the operational risk management (ORM) process is to make decisions based on overall cost versus benefit. This step involves evaluating the potential costs and benefits of different strategies to manage and mitigate risks. By considering the overall cost and benefit, organizations can make informed decisions on which strategies to implement. This step helps ensure that resources are allocated effectively and efficiently to address operational risks.
3.
(002) What minimum milli-ampere current can be lethal?
Correct Answer
B. 50
Explanation
A minimum milli-ampere current of 50 can be lethal. This suggests that any current below 50 milli-amperes is not enough to cause harm or be lethal.
4.
(003) Which type of network typically provides wireless broadband data services?
Correct Answer
C. Wireless wide area network (WWAN).
Explanation
A wireless wide area network (WWAN) is a type of network that typically provides wireless broadband data services. WWANs cover large areas, such as cities or even entire countries, and are used to connect devices to the internet or other networks without the need for physical cables. This type of network is commonly used by mobile network operators to provide internet access to mobile devices, such as smartphones or tablets, and is often associated with technologies like 3G, 4G, or 5G.
5.
(003) To use VPN products, obtain interim approval from?
Correct Answer
A. Services and Integration Division (SAF/XC).
Explanation
To use VPN products, individuals are required to obtain interim approval from the Services and Integration Division (SAF/XC). This division is responsible for overseeing the implementation and integration of various services within the Air Force, including VPN products. By obtaining interim approval from SAF/XC, individuals ensure that they are following the proper protocols and guidelines for using VPN products within the Air Force network.
6.
(004) Which bound media has a core surrounded by cladding and a second layer surrounded by
glass or plastic?
Correct Answer
B. Fiber optic.
Explanation
Fiber optic is the correct answer because it is the only option that describes a bound media with a core surrounded by cladding and a second layer surrounded by glass or plastic. Twisted pair, coaxial, and WiFi do not have this specific structure.
7.
(005) In which network does every device have exactly two neighbors?
Correct Answer
D. Ring
Explanation
In a ring network, every device is connected to exactly two neighbors, one on each side. This creates a circular loop where data can be transmitted in both directions. This type of network is commonly used in token ring networks, where a token is passed around the network to control access to the shared communication medium.
8.
(005) Which network integrates multiple topologies?
Correct Answer
C. Tree
Explanation
A tree network integrates multiple topologies because it is a combination of multiple star topologies connected to a central bus. Each star topology represents a branch of the tree, with devices connected to a central hub or switch, and all the branches are connected to the central bus. This allows for a hierarchical structure and efficient communication between devices in different branches of the tree network.
9.
(006) Which class of internet protocol addresses is used for very large networks?
Correct Answer
A. A
Explanation
Class A internet protocol addresses are used for very large networks. Class A addresses have a first octet range of 1-126, which allows for a large number of hosts in the network. These addresses are typically assigned to organizations or institutions that require a large number of IP addresses for their network infrastructure.
10.
(007) Which protocol has the job of verifying the correct delivery of data from client to server?
Correct Answer
B. Transmission control protocol (TCP).
Explanation
TCP is responsible for verifying the correct delivery of data from client to server. It ensures that all packets are received in the correct order and without errors. DHCP is used for assigning IP addresses to devices on a network. HTTP is a protocol for transferring hypertext documents, and IP is responsible for routing packets across the internet.
11.
(007) Which protocol is an Internet Engineering Task Force (IETF) standard designed to reduce
the administration burden and complexity of configuring hosts on a TCP/IP-based network?
Correct Answer
D. Dynamic host configuration protocol (DHCP).
Explanation
The correct answer is Dynamic host configuration protocol (DHCP). DHCP is an IETF standard protocol that simplifies the process of configuring hosts on a TCP/IP-based network. It allows hosts to automatically obtain IP addresses, subnet masks, default gateways, and other network configuration parameters from a DHCP server. This eliminates the need for manual configuration, reducing the administration burden and complexity of managing network configurations.
12.
(008) As the migration to internet protocol (IP) V6 continues, many organizations rely upon what
to compensate for the lack of usable IP addresses?
Correct Answer
B. Subnetting.
Explanation
As the migration to internet protocol (IP) V6 continues, many organizations rely upon subnetting to compensate for the lack of usable IP addresses. Subnetting allows organizations to divide a single IP network into smaller subnetworks, which helps in efficiently utilizing the available IP addresses. By dividing the network into smaller subnets, organizations can allocate IP addresses only to the devices that require them, reducing wastage and conserving IP addresses. This allows organizations to accommodate more devices within the limited pool of IP addresses provided by IP V6.
13.
(008) The sequence of leading bits in an internet protocol used to identify the network portion of
an IP address is called?
Correct Answer
A. Routing prefix.
Explanation
The sequence of leading bits in an internet protocol used to identify the network portion of an IP address is called the routing prefix. This prefix helps in determining the network address and allows routers to efficiently route packets to their destination. It is an essential component of IP addressing and plays a crucial role in network communication.
14.
(009) Breaking down the packets’ addresses to act as a gateway to allow traffic to pass between
networks involves which transition technology?
Correct Answer
B. Dual layer.
15.
(009) Setting up a secure point-to-point communication is called
Correct Answer
C. Tunneling.
Explanation
Setting up a secure point-to-point communication is called tunneling. Tunneling is a technique that allows data to be encapsulated within a separate network protocol, creating a "tunnel" through which the data can be securely transmitted. This ensures that the communication between two points is protected from potential threats and unauthorized access. Dual stack refers to the implementation of both IPv4 and IPv6 protocols, dual layer is not a term related to secure communication, and peer-to-peer refers to a decentralized network architecture.
16.
(010) Networked resources must be consistently monitored and controlled to ensure access to the
network while
Correct Answer
B. Minimizing risks posed by various cyberspace threats
Explanation
Consistently monitoring and controlling networked resources is important to ensure access to the network while minimizing risks posed by various cyberspace threats. By regularly monitoring the network, potential vulnerabilities or suspicious activities can be identified and addressed promptly. Additionally, by implementing controls and security measures, the network can be protected from unauthorized access or malicious attacks. Keeping complete and accurate documentation for all configuration changes is also crucial as it helps in tracking and auditing any changes made to the network, ensuring accountability and facilitating troubleshooting if any issues arise. Installing all applicable security patches is important but it alone does not address the broader goal of minimizing risks posed by various cyberspace threats.
17.
(010) To make it possible for replacement administrators to accomplish the same tasks as their
predecessors, administrators must be in the habit of
Correct Answer
A. Keeping complete and accurate documentation for all configuration changes.
Explanation
To ensure that replacement administrators can perform the same tasks as their predecessors, it is essential for administrators to maintain comprehensive and precise documentation for all configuration changes. This documentation serves as a reference and guide for new administrators, enabling them to understand the network setup, make necessary changes, and troubleshoot any issues effectively. By documenting configuration changes, administrators can ensure continuity and prevent any disruptions or errors that may arise from miscommunication or lack of information. This practice also promotes accountability and transparency within the network administration team.
18.
(011) When coupled with standardized network policy, the standard desktop configuration (SDC)
substantially
Correct Answer
D. Improves network security.
Explanation
The standard desktop configuration (SDC) improves network security by reducing the number of network users with administrative privileges. This means that only authorized individuals have the ability to make changes or access sensitive information, reducing the risk of unauthorized access or malicious activity. By implementing standardized network policies alongside the SDC, organizations can enhance their overall network security posture.
19.
(011) With the consolidation of the several Network Operations and Security Centers (NOSC),
the Air Force
Correct Answer
B. Achieves near end-to-end command and control capability.
Explanation
The consolidation of the several Network Operations and Security Centers (NOSC) allows the Air Force to achieve near end-to-end command and control capability. This means that the Air Force will have better control and oversight over its network operations, enabling them to effectively manage and coordinate activities across the entire network. This consolidation improves the Air Force's ability to monitor and control their network, enhancing their overall command and control capabilities.
20.
(012) Which WiFi standard is the slowest yet least expensive?
Correct Answer
B. 802.11b
Explanation
802.11b is the slowest yet least expensive WiFi standard. Although it operates at a lower frequency than other standards, it still provides a decent speed for basic internet browsing and email. It is the most affordable option for those on a budget or with older devices that do not support newer WiFi standards.
21.
(012) Which wireless standard originally intended to create a wireless security platform that
would perform as securely as a traditional wired network by providing data encryption?
Correct Answer
D. Wired equivalency privacy (WEP).
Explanation
Wired equivalency privacy (WEP) is the correct answer because it was originally intended to create a wireless security platform that would perform as securely as a traditional wired network by providing data encryption. WEP was the first security protocol used in Wi-Fi networks, but it is now considered to be weak and easily compromised.
22.
(013) What shall be assigned to all Department of Defense information systems that is directly
associated with the importance of the information contained relative to achieving DOD goals and
objectives?
Correct Answer
A. Mission assurance category.
Explanation
All Department of Defense information systems that are directly associated with the importance of the information contained relative to achieving DOD goals and objectives shall be assigned a mission assurance category.
23.
(013) Requirements for availability and integrity are associated with
Correct Answer
B. Mission assurance.
Explanation
Requirements for availability and integrity are associated with mission assurance. Mission assurance refers to the measures taken to ensure the successful accomplishment of a mission or objective. In the context of information, availability refers to the accessibility and usability of information, while integrity refers to the accuracy, completeness, and reliability of information. Therefore, mission assurance encompasses the requirements for both availability and integrity of information to ensure the successful completion of a mission.
24.
(014) Who is responsible for verifying proper security clearances and background investigation
checks prior to granting a network user access to the Air Force Provisioned Portion of the Global
Information Grid (AF GIG)?
Correct Answer
B. IAO and security manager.
Explanation
The correct answer is IAO and security manager. The responsibility for verifying proper security clearances and background investigation checks prior to granting network user access to the AF GIG lies with both the Information Assurance Officer (IAO) and the security manager. These individuals play a crucial role in ensuring that only authorized personnel are granted access to the network, thereby maintaining the security and integrity of the AF GIG. The IAO is responsible for overseeing the overall information assurance program, while the security manager is responsible for implementing and enforcing security policies and procedures. Together, they collaborate to ensure proper security measures are in place.
25.
(014) Initial information assurance (IA) awareness training for all network users ensures all of the
following except that users
Correct Answer
C. Have met investigative requirements.
Explanation
Initial information assurance (IA) awareness training for all network users ensures that users are aware of their role in IA, are trained on network security, and have satisfied network access requirements. However, it does not ensure that users have met investigative requirements. This means that the training does not guarantee that users have completed any necessary investigations or background checks that may be required for certain roles or access levels within the network.
26.
(015) Which common access card (CAC) certificate would be used to sign an enlisted
performance report (EPR)?
Correct Answer
D. Identification.
Explanation
The correct answer is "Identification." In the context of a common access card (CAC), the identification certificate is used for verifying the identity of the individual. It is commonly used for signing and authenticating documents such as enlisted performance reports (EPRs). The identification certificate ensures that the person signing the document is the authorized individual and helps maintain the integrity and security of the information being transmitted.
27.
(015) With what agency must the contract manager validate a contractor employee’s need to
obtain a government PKI certificate?
Correct Answer
D. Local Registration Authority/Trusted Agent (LRA/TA).
Explanation
The contract manager must validate a contractor employee's need to obtain a government PKI certificate with the Local Registration Authority/Trusted Agent (LRA/TA).
28.
(016) When network password composition rules are not automatically enforced, what process
should network administrators use to enforce good password stringency?
Correct Answer
A. Cracking.
29.
(017) Report loss or suspected loss of removable media containing controlled unclassified
information (CUI) or personally identifiable information (PII) according to reporting procedures
in which Air Force Instruction (AFI)?
Correct Answer
A. AFI 33–138, Enterprise Network Operations Notification and Tracking.
Explanation
The correct answer is AFI 33–138, Enterprise Network Operations Notification and Tracking. This AFI provides guidance on reporting procedures for the loss or suspected loss of removable media containing controlled unclassified information (CUI) or personally identifiable information (PII). It outlines the steps that need to be taken to report such incidents, ensuring that appropriate actions are taken to mitigate the potential risks associated with the loss of sensitive information.
30.
(017) Which Air Force Instruction (AFI) guides security policy and guidance for government
contractors?
Correct Answer
D. AFI 31–601, Industrial Security Program Management.
31.
(018) What type of access is given to remote users who access, download, or upload data?
Correct Answer
D. End-user access.
Explanation
End-user access is the type of access given to remote users who access, download, or upload data. This means that these users have limited permissions and are only able to perform basic tasks related to accessing and using the data. They do not have administrative privileges or full control over the system.
32.
(018) What type of access is given to users who perform troubleshooting, configuration changes,
or system reviews?
Correct Answer
B. Administrative.
Explanation
Administrative access is given to users who perform troubleshooting, configuration changes, or system reviews. This type of access allows users to have full control and authority over the system, including the ability to make changes, modify settings, and perform administrative tasks. It is necessary for these users to have administrative access in order to effectively carry out their responsibilities and ensure the smooth functioning of the system. Limited (general) access, remote user access, and end-user access do not provide the same level of privileges and permissions as administrative access.
33.
(019) Whenever possible, in which environment would you run the UNIX Apache server?
Correct Answer
C. Chroot.
Explanation
The correct answer is chroot. Running the UNIX Apache server in a chroot environment provides an added layer of security. Chroot allows the server process to be confined to a specific directory, preventing it from accessing the rest of the system. This helps to limit the potential damage that can be caused by a compromised server.
34.
(019) To improve system security, several services that are preloaded on many UNIX systems can
be disabled except
Correct Answer
D. Rfinger.
Explanation
To improve system security, it is recommended to disable unnecessary services that come preloaded on UNIX systems. This helps to reduce the attack surface and potential vulnerabilities. Out of the given options, rfinger is the service that can be disabled. Rfinger is used to retrieve information about users on a remote system, but it is considered a security risk as it can provide valuable information to attackers. Disabling rfinger helps to protect the system from potential unauthorized access and information leakage.
35.
(019) When vulnerabilities are discovered within the Windows operating system and its other
products, Microsoft releases
Correct Answer
C. Bulletins.
Explanation
When vulnerabilities are discovered within the Windows operating system and its other products, Microsoft releases bulletins. Bulletins are official documents or announcements that provide information about the vulnerabilities and offer guidance on how to mitigate them. These bulletins typically include details about the vulnerability, its potential impact, and the steps that users can take to protect their systems. By releasing bulletins, Microsoft aims to inform its users about the vulnerabilities and help them keep their systems secure.
36.
(020) A companion file virus is one that
Correct Answer
D. Renames the original file and writes itself with the original file’s name.
Explanation
A companion file virus is a type of virus that renames the original file and writes itself with the original file's name. This means that the virus disguises itself as the original file, making it difficult to detect. By renaming the file and replacing it with the virus, the user may unknowingly execute the virus instead of the intended file, allowing the virus to spread and potentially cause harm to the system.
37.
(020) A program that contains or installs a malicious program is called a
Correct Answer
C. Trojan horse
Explanation
A Trojan horse is a type of program that appears harmless or useful but actually contains or installs a malicious program. Unlike a boot sector virus, which infects the boot sector of a computer's hard drive, a worm program, which replicates itself and spreads across networks, or a macro virus, which infects documents and spreads through macros, a Trojan horse disguises itself as something legitimate to deceive users into executing it. Therefore, the correct answer is Trojan horse.
38.
(020) To virus-protect your system, make sure you perform all the following steps except
Correct Answer
A. Log off your computer daily.
Explanation
The correct answer is "Log off your computer daily." This step is not directly related to virus protection. Logging off your computer daily helps to protect your privacy and prevent unauthorized access, but it does not specifically protect against viruses. The other three steps mentioned - installing the latest service packs, updating anti-virus software, and watching for files with certain attachments - are all important for virus protection.
39.
(020) By providing users with the necessary level of access to perform their jobs, you are
Correct Answer
B. Using the least privilege principle.
Explanation
The correct answer is "using the least privilege principle." This means that by providing users with only the necessary level of access to perform their jobs, you are following the principle of granting the minimum necessary permissions. This helps to reduce the risk of unauthorized access or misuse of resources, as users are only given the specific privileges they need to carry out their tasks. It is a security best practice to limit access rights to only what is required for a user to perform their job effectively.
40.
(021) What category is an incident in which an unauthorized person gained user-level privileges
on an Air Force computer/information system/network device?
Correct Answer
B. II
Explanation
Category II refers to an incident where an unauthorized person gains user-level privileges on an Air Force computer/information system/network device. This means that the unauthorized individual has managed to access and manipulate the system or device at a level that is typically reserved for authorized users. This type of incident is considered significant as it can lead to potential security breaches and compromise sensitive information.
41.
(021) What category is an incident in which an Air Force computer/information system/network
was denied use due to an overwhelming volume of unauthorized network traffic?
Correct Answer
C. IV
Explanation
Category IV refers to an incident where an Air Force computer/information system/network is denied use due to an overwhelming volume of unauthorized network traffic. This means that the system is being flooded with unauthorized network traffic, making it impossible for legitimate users to access or use the system. This can be a result of a denial of service attack or a similar type of cyber attack.
42.
(022) What is the lowest level information condition (INFOCON)?
Correct Answer
C. 5
Explanation
The lowest level information condition (INFOCON) is 5. This level indicates that there is no current threat to the information systems and no specific actions need to be taken to protect them. This means that the systems are operating normally and there is no immediate risk or danger to the information.
43.
(022) All agencies/organizations implement information condition (INFOCON) measures except
Correct Answer
D. Air Force network operating center network control division.
Explanation
The correct answer is the Air Force network operating center network control division. This division is responsible for managing and controlling the Air Force network, so it would not implement information condition measures like INFOCON. On the other hand, major commands, direct reporting units, and field operating agencies are all agencies/organizations that would implement INFOCON measures as part of their responsibilities.
44.
(023) Information security-related access controls that include segregation of duties and security
screening of users can be classified as which category of access preservation?
Correct Answer
B. Administrative.
Explanation
The correct answer is Administrative. Information security-related access controls such as segregation of duties and security screening of users fall under the category of administrative access preservation. These controls are put in place to ensure that individuals have appropriate levels of access and responsibilities within an organization, reducing the risk of unauthorized access and potential security breaches.
45.
(023) What type of certificate authenticates the identity of the user?
Correct Answer
A. Digital.
Explanation
A digital certificate is a type of certificate that is used to authenticate the identity of the user. It is a digital document that contains information about the user and is issued by a trusted authority. The certificate is used to verify the identity of the user in various online transactions and communications.
46.
(023) What should be implemented on desktop systems connected to critical networks to prevent
unauthorized people from gaining control of the system when the system is powered up?
Correct Answer
B. BIOS password.
Explanation
A BIOS password should be implemented on desktop systems connected to critical networks to prevent unauthorized people from gaining control of the system when it is powered up. This password is set in the Basic Input/Output System (BIOS) of the computer and acts as an additional layer of security. It prevents unauthorized access to the system by requiring a password to be entered before the operating system can be loaded. This helps ensure that only authorized individuals can gain control of the system and protect sensitive information and resources.
47.
(024) Who reviews information assurance assistance program (IAAP) reports and has the final
authority to downgrade IAAP report ratings when it is clear that incidents or deviations are
involved?
Correct Answer
A. Headquarters Air Force Network Integration Center (HQ AFNIC).
Explanation
HQ AFNIC reviews IAAP reports and has the final authority to downgrade IAAP report ratings when incidents or deviations are involved.
48.
(024) Which agency conducts assessments of wing information assurance (IA) programs using
AF Form 4160 every 2 years or sooner?
Correct Answer
C. Major commands.
Explanation
Major commands conduct assessments of wing information assurance (IA) programs using AF Form 4160 every 2 years or sooner.
49.
(025) Threats that include flaws in building construction, improper implementation of utilities,
inadequate wiring, and poor housekeeping practices can be best classified as what type of threat?
Correct Answer
D. Environmental.
Explanation
Threats that include flaws in building construction, improper implementation of utilities, inadequate wiring, and poor housekeeping practices are best classified as environmental threats. These threats arise from the physical environment and can cause damage or harm to individuals or property. They are not caused by human actions, technology, or unintentional mistakes, but rather by the conditions and elements present in the surrounding environment.
50.
(026) Degaussing with an NSA-approved degausser is the only way to clear which media type?
Correct Answer
D. Magnetic tapes.
Explanation
Degaussing with an NSA-approved degausser is the only way to clear magnetic tapes. Degaussing is the process of erasing or demagnetizing the data stored on magnetic media. Magnetic tapes use magnetic particles to store data, and degaussing is necessary to completely remove all traces of data from the tapes. NSA-approved degaussers ensure that the degaussing process meets specific security standards set by the National Security Agency. Therefore, magnetic tapes can only be effectively cleared using an NSA-approved degausser.