1.
1. (001) Which of the following is a duty performed by a cyber surety journeyman?
Correct Answer
D. Detection activities, including real-time intrusion detection and firewall protection.
Explanation
A cyber surety journeyman is responsible for detecting and preventing cyber threats and attacks. This includes activities such as real-time intrusion detection and firewall protection. They are tasked with monitoring network traffic and systems to identify any unauthorized access or malicious activities. By actively detecting and responding to potential threats, they help ensure the security and integrity of the organization's information systems.
2.
2. (001) Which career field deploys, sustains, troubleshoots, and repairs standard voice, data, video network, and cryptographic client devices in fixed and deployed environments?
Correct Answer
A. Client Systems (3D1X1).
Explanation
Client Systems (3D1X1) is the correct answer because this career field specifically deals with deploying, sustaining, troubleshooting, and repairing standard voice, data, video network, and cryptographic client devices in both fixed and deployed environments. This job involves working with various technologies and equipment to ensure that the network and communication systems are functioning properly and securely.
3.
3. (002) How many steps are in the risk management (RM) process?
Correct Answer
B. 5
Explanation
The risk management (RM) process consists of five steps: identify risks, analyze risks, evaluate risks, treat risks, and monitor and review risks. Each step is crucial in effectively managing risks and minimizing their impact on an organization. Therefore, the correct answer is 5.
4.
4. (002) What is the third step in the risk management (RM) process?Assets hazards.
Correct Answer
D. Develop controls and make decisions.
Explanation
The third step in the risk management process is to develop controls and make decisions. This involves identifying and assessing potential risks, determining the best course of action to mitigate or eliminate those risks, and making decisions on the implementation of controls. This step is crucial in effectively managing risks and ensuring the safety and security of assets. Supervising and evaluating the effectiveness of the controls comes later in the process.
5.
5. (002) Human error causes approximately what percentage of all accidents?
Correct Answer
D. 95
Explanation
Human error is responsible for approximately 95% of all accidents. This means that the majority of accidents are caused by mistakes, lapses in judgment, or negligence on the part of individuals. This highlights the importance of human factors in accident prevention and the need for effective training, safety protocols, and risk management strategies to minimize the occurrence of human errors and their potential consequences.
6.
6. (003) Which type of network typically provides wireless broadband data services?
Correct Answer
C. Wireless wide area network (WWAN).
Explanation
A wireless wide area network (WWAN) is a type of network that typically provides wireless broadband data services. Unlike a wireless local area network (WLAN) or wireless metropolitan area network (WMAN), which have limited coverage areas, WWANs offer wide coverage areas and can be used to connect devices over long distances. This makes WWANs suitable for providing wireless broadband data services, such as internet access, to large geographical areas.
7.
7. (004) Which bound media has a core surrounded by cladding and a second layer surrounded by glass or plastic?
Correct Answer
C. Fiber optic.
Explanation
The correct answer is fiber optic. Fiber optic cables consist of a core, which carries the light signals, surrounded by cladding, which helps to keep the light signals contained within the core. Additionally, fiber optic cables often have a second layer of protection, such as glass or plastic, to further protect the core and cladding. This design allows for efficient and high-speed transmission of data through the use of light signals.
8.
8. (004) Which of the following is not an example of unbound media?
Correct Answer
A. Fiber optic.
Explanation
Fiber optic is not an example of unbound media because it is a type of guided media. Unbound media refers to wireless communication methods that do not require physical connections, such as radio frequency and satellite microwave. Terrestrial communication also falls under unbound media as it uses wireless signals for transmission. However, fiber optic cables use light signals to transmit data and are considered guided media because they require physical connections.
9.
9. (005) In which topology does a device wanting to communicate with another device on the network send a broadcast message onto the wire that all other devices see, but only the intended recipient actually accepts and processes?
Correct Answer
A. Bus.
Explanation
In a bus topology, a device wanting to communicate with another device on the network sends a broadcast message onto the wire that all other devices see. However, only the intended recipient actually accepts and processes the message. This is because all devices in a bus topology are connected to a single shared communication line, and when a device sends a message, it is received by all devices on the network. However, each device has a unique address, and only the device with the matching address accepts and processes the message, while the others ignore it.
10.
10. (006) When viewed in binary form, each octet within an Internet Protocol (IP) address has how many positions?
Correct Answer
C. 8
Explanation
Each octet within an Internet Protocol (IP) address has 8 positions when viewed in binary form. In binary representation, each position can hold either a 0 or a 1, allowing for a total of 8 possible combinations. This is because binary is a base-2 numbering system, meaning it only uses two digits (0 and 1) to represent numbers. Therefore, each octet in an IP address, which is made up of 8 bits, has 8 positions.
11.
11. (006) How many bits are within an internet protocol version 4 (IPv4) address?
Correct Answer
A. 32
Explanation
An internet protocol version 4 (IPv4) address consists of 32 bits. This means that there are 2^32 (or approximately 4.3 billion) unique IPv4 addresses available. Each bit in the address represents a binary value of either 0 or 1, resulting in a total of 32 bits. These bits are used to identify and locate devices on a network, allowing for communication and data transfer between them.
12.
12. (006) Which class of internet protocol (IP) addresses is only used for experimental purposes?
Correct Answer
D. E.
Explanation
Class E IP addresses are reserved for experimental purposes and are not intended to be used in public networks. These addresses range from 240.0.0.0 to 255.255.255.254 and are not allocated to any specific organization or country. They are meant to be used by researchers and developers for testing and experimentation.
13.
13. (006) Which internet protocol (IP) address is used for limited broadcasts?
Correct Answer
D. 255.255.255.255.
Explanation
The IP address 255.255.255.255 is used for limited broadcasts. This address is known as the broadcast address and is used to send a message to all devices on the network. When a device sends a message to this address, it is received by all devices on the network, allowing for efficient communication. This address is reserved specifically for limited broadcasts and cannot be assigned to any individual device on the network.
14.
14. (006) The sequence of leading bits in an internet protocol (IP) that are used to identify the network portion of an IP address is called a
Correct Answer
D. Routing prefix.
Explanation
The sequence of leading bits in an internet protocol (IP) that are used to identify the network portion of an IP address is called a routing prefix. This routing prefix helps in determining the network address and the host address within that network. It is used in routing tables to determine the next hop for forwarding packets in an IP network.
15.
15. (007) Which protocol does the Internet support as the “language” computers use to find and connect with each other?
Correct Answer
D. Transmission control protocol/Internet Protocol (TCP/IP).
Explanation
The correct answer is Transmission control protocol/Internet Protocol (TCP/IP). TCP/IP is the protocol that the Internet supports as the "language" computers use to find and connect with each other. TCP/IP is a set of rules that governs the transfer of data over the Internet. It ensures reliable and secure communication between computers by breaking down data into packets, addressing them, and reassembling them at the destination. TCP handles the reliable delivery of data, while IP handles the routing of packets across networks.
16.
16. (007) Which transmission control protocol (TCP) port is used by hypertext transfer protocol by default?
Correct Answer
B. 80
Explanation
The correct answer is 80. The Hypertext Transfer Protocol (HTTP) is the protocol used for transmitting web pages over the internet. By default, HTTP uses TCP port 80 for communication. TCP port 80 is specifically designated for HTTP traffic, allowing web servers and web browsers to establish a connection and exchange data.
17.
17. (007) Which protocol is an Internet Engineering Task Force (IETF) standard designed to reduce the administration burden and complexity of configuring hosts on a transmission control protocol/internet protocol (TCP/IP) based network?
Correct Answer
D. Dynamic host configuration protocol (DHCP).
Explanation
The correct answer is Dynamic host configuration protocol (DHCP). DHCP is an IETF standard that simplifies the process of configuring hosts on a TCP/IP network. It allows hosts to obtain IP addresses, subnet masks, default gateways, and other network configuration parameters automatically from a DHCP server. This reduces the administrative burden and complexity of manually configuring each host on the network. DHCP is widely used in both small and large networks to streamline the network configuration process.
18.
18. (008) A logical connection point for the transmission of information packets is known as
Correct Answer
A. A port.
Explanation
A logical connection point for the transmission of information packets is known as a port. A port is a specific endpoint on a network device, such as a computer or a router, that allows communication between different devices. It acts as a gateway for data to enter or exit a device, enabling the transfer of information packets. Ports are identified by numbers and are used to establish connections and facilitate the exchange of data between devices in a network.
19.
19. (008) Which port range constitutes well-known ports?
Correct Answer
A. 0 to 1023
Explanation
The well-known ports range from 0 to 1023. Well-known ports are reserved for services that are commonly used and recognized by the Internet Assigned Numbers Authority (IANA). These ports are assigned to specific protocols such as HTTP (port 80), HTTPS (port 443), FTP (port 21), and many others. By reserving these ports, it ensures that these services can be easily identified and accessed by users and applications.
20.
20. (008) Which port is used for telnet?
Correct Answer
C. 23
Explanation
Port 23 is used for telnet. Telnet is a network protocol that allows users to remotely access and control devices or computers over a network. It provides a command-line interface where users can execute commands on the remote device. Port 23 is specifically assigned for telnet communication, making it the correct answer.
21.
21. (008) Which port is used for hypertext transfer protocol (HTTP)?
Correct Answer
D. 80
Explanation
Port 80 is used for hypertext transfer protocol (HTTP). HTTP is the protocol used for transmitting web pages and other web resources over the internet. When a user types a website URL into their browser, the browser sends an HTTP request to the server hosting the website on port 80. The server then responds with the requested web page, which is displayed in the user's browser. Port 80 is the default port for HTTP, although it can be changed if needed.
22.
22. (008) In which type of port scan does the scanner connect to the same port on more than one machine?
Correct Answer
B. Sweep scan.
Explanation
A sweep scan is a type of port scan where the scanner connects to the same port on multiple machines. This scan is used to gather information about open ports on different machines within a network. By connecting to the same port on multiple machines, the scanner can identify potential vulnerabilities and gather information about the network's security. Strobe scan, fragment packet scan, and FTP bounce scan are not types of port scans that involve connecting to the same port on multiple machines.
23.
23. (008) Which type of scan is also known as a half open scan?
Correct Answer
B. Synchronous (SYN) scan.
Explanation
A synchronous (SYN) scan is also known as a half open scan. In this type of scan, the attacker sends a SYN packet to the target system and waits for a response. If the target system responds with a SYN-ACK packet, it means the port is open. However, instead of completing the handshake by sending an ACK packet, the attacker closes the connection. This allows the attacker to gather information about open ports without fully establishing a connection, making it a stealthy scanning technique.
24.
24. (008) Which organization is responsible for developing Air Force ports, protocols and services (PPS) policies and procedures?
Correct Answer
B. Air Force Network Integration Center (AFNIC).
Explanation
The Air Force Network Integration Center (AFNIC) is responsible for developing Air Force ports, protocols, and services (PPS) policies and procedures. They are in charge of ensuring that the Air Force's network operations are efficient, secure, and aligned with the organization's goals. AFNIC plays a crucial role in managing and maintaining the Air Force's network infrastructure, making them the most suitable organization to develop PPS policies and procedures.
25.
25. (009) How is an Internet protocol version 6 (IPv6) address written?
Correct Answer
A. Eight groups of four hexadecimal numbers, separated by colons.
Explanation
An Internet Protocol version 6 (IPv6) address is written with eight groups of four hexadecimal numbers, separated by colons. This format allows for a larger number of unique IP addresses compared to the previous IPv4 format, which uses four groups of three decimal numbers separated by periods. The use of hexadecimal numbers in IPv6 allows for a more efficient representation of the address, as it can represent a larger range of values using fewer characters. The colons separate each group of numbers, making it easier to read and interpret the address.
26.
26. (009) Which type of transition technology is used to set up secure point-to-point communication?
Correct Answer
A. Tunneling.
Explanation
Tunneling is the type of transition technology used to set up secure point-to-point communication. Tunneling involves encapsulating one network protocol within another, creating a "tunnel" through which data can be securely transmitted. This allows for the secure transmission of data between two points, protecting it from unauthorized access or interception. Dual layer, dual stack, and peer-to-peer are not specifically related to setting up secure point-to-point communication.
27.
27. (010) Networked resources must be consistently monitored and controlled to ensure access to the network while
Correct Answer
C. Minimizing risks posed by various cyberspace threats.
Explanation
Networked resources must be consistently monitored and controlled to ensure access to the network while minimizing risks posed by various cyberspace threats. This means that by monitoring and controlling the network, potential threats can be identified and mitigated, reducing the risk of cyber attacks or breaches. This is an important aspect of network security as it helps protect the integrity, confidentiality, and availability of the network and its resources.
28.
28. (010) Administrators must be in the habit of doing what to make it possible for replacement administrators to accomplish the same tasks as their predecessors?
Correct Answer
D. Keeping complete and accurate documentation for all configuration changes.
Explanation
To ensure that replacement administrators can accomplish the same tasks as their predecessors, it is important for administrators to keep complete and accurate documentation for all configuration changes. This documentation serves as a reference for future administrators, allowing them to understand the network setup and make necessary changes or troubleshoot issues effectively. Without proper documentation, it would be difficult for replacement administrators to understand the network's configuration and perform their tasks efficiently.
29.
29. (011) Which is the slowest yet least expensive WiFi standard?
Correct Answer
B. 802.11b.
Explanation
802.11b is the slowest yet least expensive WiFi standard because it operates on the 2.4 GHz frequency band and has a maximum data transfer rate of 11 Mbps. While it may not offer the fastest speeds compared to other WiFi standards like 802.11n or 802.11ac, it is still commonly used for basic internet browsing and email purposes. Additionally, 802.11b devices are generally cheaper and more widely available compared to newer WiFi standards.
30.
30. (011) What is the newest WiFi networking standard that is widely available?
Correct Answer
D. 802.11n.
Explanation
802.11n is the newest WiFi networking standard that is widely available. This standard was introduced in 2009 and offers faster speeds and better range compared to previous standards like 802.11a, 802.11b, and 802.11g. It supports multiple antennas and uses MIMO (Multiple Input Multiple Output) technology to improve performance. 802.11n is backward compatible with older standards, allowing devices that support 802.11n to connect to networks using older standards. It also operates on both the 2.4 GHz and 5 GHz frequency bands, providing more flexibility and less interference.
31.
32. (012) Defense-in-depth is the Department of Defense (DOD) approach for establishing
Correct Answer
A. An adequate information assurance (IA) posture in a shared-risk environment.
Explanation
Defense-in-depth is a strategy used by the Department of Defense (DOD) to establish an adequate information assurance (IA) posture in a shared-risk environment. This approach recognizes that no single security measure is sufficient to protect against all threats, so multiple layers of security controls are implemented to provide a comprehensive defense. By using defense-in-depth, the DOD aims to mitigate risks and protect sensitive information in a shared-risk environment.
32.
31. (011) Which wireless standard was originally intended to create a wireless security platform that would perform as securely as a traditional wired network by providing data encryption?
Correct Answer
B. Wired equivalency privacy (WEP).
Explanation
Wired equivalency privacy (WEP) was originally intended to create a wireless security platform that would perform as securely as a traditional wired network by providing data encryption. WEP was the first security protocol used in Wi-Fi networks and was designed to provide confidentiality and integrity of data transmitted over wireless networks. However, it was later found to have several vulnerabilities, making it less secure compared to other security protocols such as Wi-Fi protected access (WPA).
33.
33. (012) What is assigned to all Department of Defense (DOD) information systems that is directly associated with the importance of the information contained relative to achieving DOD goals and objectives?
Correct Answer
D. Mission assurance category.
Explanation
The correct answer is mission assurance category. The mission assurance category is assigned to all Department of Defense (DOD) information systems based on the importance of the information contained in them relative to achieving DOD goals and objectives. This classification helps to prioritize the level of protection and security measures that need to be implemented for each system.
34.
34. (013) Which of the following is not a result of initial information assurance (IA) awareness training for all network users?
Correct Answer
C. Users have met investigative requirements.
Explanation
Initial information assurance (IA) awareness training for all network users focuses on educating them about their role in IA and training them on network security. It aims to ensure that users are aware of the importance of network security and their responsibilities in maintaining it. It also helps users satisfy network access requirements by providing them with the necessary knowledge and skills. However, meeting investigative requirements is not a direct result of IA awareness training. Investigative requirements typically involve specific procedures and protocols for conducting investigations, which may not be covered in IA awareness training.
35.
35. (013) Who is the approval authority for foreign nationals to access unclassified systems?
Correct Answer
C. AF Network Operations (AFNETOPS) commander.
Explanation
The AF Network Operations (AFNETOPS) commander is the approval authority for foreign nationals to access unclassified systems. This individual is responsible for overseeing network operations and ensuring the security of the network. They have the authority to grant or deny access to foreign nationals based on the policies and procedures in place. The other options, such as the Wing commander and Wing information assurance officer (WIAO), may have some level of authority but the AFNETOPS commander is the highest authority in this situation.
36.
36. (013) Who initiates a local files check prior to allowing volunteers access to the AF network?
Correct Answer
B. Unit security manager.
Explanation
The unit security manager is responsible for initiating a local files check before granting volunteers access to the AF network. This is because the unit security manager is in charge of ensuring the security of the unit's information systems and safeguarding sensitive data. By conducting a local files check, the unit security manager can verify the volunteers' background and ensure that they do not pose any security risks before granting them access to the network.
37.
37. (014) The definition of integrity as it’s applied to identification, authentication, and encryption is
Correct Answer
D. The assurance that no one has changed or destroyed information without permission.
Explanation
The correct answer is "the assurance that no one has changed or destroyed information without permission." This means that integrity, in the context of identification, authentication, and encryption, refers to ensuring that information remains unchanged and unaltered, and that no unauthorized modifications or destruction of information have occurred. It emphasizes the importance of maintaining the accuracy, consistency, and reliability of data, and preventing any unauthorized tampering or manipulation.
38.
38. (014) Logon and password management screens must be encrypted with at least what type of secure socket layer?
Correct Answer
C. 128-bit.
Explanation
Logon and password management screens must be encrypted with at least 128-bit secure socket layer. This level of encryption provides a high level of security for transmitting sensitive information such as login credentials. The higher the number of bits, the stronger the encryption, making it more difficult for unauthorized individuals to intercept and decipher the data. Therefore, 128-bit encryption is considered a standard and secure choice for protecting logon and password information.
39.
39. (014) Which common access card (CAC) certificate would be used to sign an enlisted performance report (EPR)?
Correct Answer
D. Identification.
Explanation
The correct answer is Identification. In order to sign an enlisted performance report (EPR), a common access card (CAC) certificate for identification purposes would be used. This certificate verifies the identity of the person signing the report, ensuring that it is authentic and trustworthy. The identification certificate is specifically designed to provide proof of identity and is commonly used for various official purposes, including signing important documents like performance reports.
40.
40. (014) What does the common access card (CAC) certificate used to sign e-mail provide?
Correct Answer
D. Non-repudiation.
Explanation
The common access card (CAC) certificate used to sign e-mail provides non-repudiation. Non-repudiation ensures that the sender of the e-mail cannot deny sending it, as the digital signature provided by the CAC certificate verifies the identity of the sender and ensures the integrity of the message. This helps to prevent any disputes or denials regarding the authenticity of the e-mail.
41.
41. (014) The contract manager must use what agency to validate a contractor employee’s need to obtain a government public key infrastructure (PKI) certificate?
Correct Answer
D. Local Registration Authority/Trusted Agent (LRA/TA).
Explanation
The correct answer is Local Registration Authority/Trusted Agent (LRA/TA). The contract manager must use this agency to validate a contractor employee's need to obtain a government public key infrastructure (PKI) certificate. This agency is responsible for verifying the contractor's identity and ensuring that they have a legitimate reason for needing the certificate. They play a crucial role in the PKI certification process and help maintain the security of the government's digital infrastructure.
42.
42. (015) Which of the following represents a strong password?
Correct Answer
D. GwL18!np*Z&fB3q.
Explanation
The password "GwL18!np*Z&fB3q" represents a strong password because it is a combination of uppercase and lowercase letters, numbers, and special characters. It is also long and does not contain any easily guessable patterns or common words. This makes it more difficult for hackers to guess or crack the password, increasing the security of the account or system it is used for.
43.
43. (016) Which category of information must be stored on removable media?
Correct Answer
A. Classified.
Explanation
Classified information refers to sensitive information that requires a higher level of security and protection. Storing classified information on removable media allows for easier transport and secure storage when not in use. Unclassified, sensitive but unclassified, and for official use only (FOUO) information do not require the same level of security and can be stored on other forms of media.
44.
44. (017) Users who perform troubleshooting, configuration changes, or system reviews are given which type of access?
Correct Answer
C. Administrative.
Explanation
This question is asking about the type of access given to users who perform troubleshooting, configuration changes, or system reviews. The correct answer is "Administrative" because these tasks require elevated privileges and access to make changes to the system. End-users typically do not have this level of access, remote users may have limited access, and limited (general) access would not provide the necessary privileges for these tasks.
45.
45. (017) Which device provides the initial entry point into a network?
Correct Answer
D. Network access server.
Explanation
A network access server provides the initial entry point into a network by allowing users to connect to the network and access its resources. It acts as a gateway, authenticating and authorizing users, and providing them with access to the network. A router, firewall, and proxy server are all important components of a network, but they do not specifically serve as the initial entry point into the network like a network access server does.
46.
46. (018) Weaknesses or holes in a security system are considered
Correct Answer
C. Vulnerabilities.
Explanation
Weaknesses or holes in a security system are considered vulnerabilities. Vulnerabilities refer to any flaw, loophole, or weakness in a security system that can potentially be exploited by attackers or threats. These vulnerabilities can exist in hardware, software, network configurations, or even human behavior. Identifying and addressing vulnerabilities is crucial for maintaining a robust and secure security system.
47.
47. (018) Which of the following options is not involved when securing a UNIX system?
Correct Answer
C. Ensuring remote access.
Explanation
Securing a UNIX system involves various measures such as shutting down ports, using strong passwords, and disabling unused/unneeded services. However, ensuring remote access is not directly related to securing the system. In fact, allowing remote access can introduce additional vulnerabilities if not properly configured and monitored. Therefore, it is important to implement strong security measures for remote access, such as using secure protocols and authentication methods, to ensure the system remains secure.
48.
48. (018) Which UNIX command allows remote logins?
Correct Answer
B. Telnet.
Explanation
The correct answer is telnet. Telnet is a UNIX command that allows remote logins by establishing a virtual terminal connection with a remote host over a network. It enables users to log in and access the remote system as if they were physically present at the machine. Telnet provides a way to remotely manage and control UNIX systems, making it a commonly used command for remote administration purposes.
49.
49. (018) When vulnerabilities are discovered within the Windows operating system and other products, Microsoft releases
Correct Answer
C. Bulletins.
Explanation
When vulnerabilities are discovered within the Windows operating system and other products, Microsoft releases bulletins. Bulletins are official announcements or notifications that provide information about the vulnerabilities and the necessary steps to address them. These bulletins typically include details about the affected software, the severity of the vulnerability, and any patches or updates that have been released to fix the issue. By releasing bulletins, Microsoft ensures that users are aware of the vulnerabilities and can take appropriate actions to protect their systems.
50.
50. (019) A companion file virus is one that
Correct Answer
D. Renames the original file and writes itself with the original file’s name.
Explanation
A companion file virus is one that renames the original file and writes itself with the original file's name. This means that the virus disguises itself as the original file, making it difficult for users to detect. By renaming the file and replacing it with the virus, the attacker can gain control over the system and potentially infect other files. This technique allows the virus to spread and carry out its malicious activities without being easily detected or removed.