1.
Which 3D career field deploys, sustains, troubleshoots, and repairs wireless, line-of-sight, beyond line-of-sight, wideband and ground-based satellite and encryption transmission devices?
Correct Answer
A. Radio Frequency Transmission Systems (3D1X3)
Explanation
The correct answer is Radio Frequency Transmission Systems (3D1X3) because this career field specifically deals with deploying, sustaining, troubleshooting, and repairing wireless, line-of-sight, beyond line-of-sight, wideband, and ground-based satellite and encryption transmission devices. This field focuses on working with various types of transmission devices and ensuring their proper functioning and maintenance.
2.
Which of the following is not a communications security program duty and responsibility for Cyber Transport Systems?
Correct Answer
B. Technical security.
Explanation
The question asks for the duty and responsibility that is not a part of the communications security program for Cyber Transport Systems. The options include transmission security, technical security, emission security, and physical security. Transmission security involves protecting the integrity and confidentiality of data during transmission. Emission security refers to preventing unauthorized disclosure of information through electromagnetic emissions. Physical security involves safeguarding the physical infrastructure and equipment. Therefore, the correct answer is technical security, as it is not a specific duty or responsibility related to communications security in this context.
3.
What is defined as an integrated bundle of expert knowledge and organizational skills inherent to a particular career field?
Correct Answer
C. Core competency.
Explanation
Core competency is defined as an integrated bundle of expert knowledge and organizational skills inherent to a particular career field. It refers to the unique capabilities and strengths that an individual or organization possesses, which sets them apart from others in the same field. Core competencies are essential for achieving success and competitive advantage in the industry. They represent the key areas of expertise and skills that are crucial for performing the core duties and responsibilities of a particular career field. Core values, core responsibilities, and core duties may be important aspects of a career, but they do not encompass the comprehensive expertise and skills that core competency entails.
4.
Which of the following is a core competency of Cyber Transport Systems?
Correct Answer
B. Voice network systems.
Explanation
Voice network systems are a core competency of Cyber Transport Systems. This means that Cyber Transport Systems specialize in developing and managing voice network systems, which involve the transmission of voice signals over a network infrastructure. This competency suggests that Cyber Transport Systems have the expertise and capabilities to design, implement, and maintain voice communication systems, making them a trusted provider in this area.
5.
Which AF form is used to report hazardous conditions that place Air Force personnel or property at risk?
Correct Answer
B. 457
Explanation
AF Form 457 is used to report hazardous conditions that place Air Force personnel or property at risk. This form is specifically designed to document and report any unsafe conditions or situations that may pose a threat to the safety and well-being of Air Force personnel or property. By using AF Form 457, individuals can effectively communicate and report these hazardous conditions to the appropriate authorities, ensuring that necessary actions are taken to mitigate the risks and maintain a safe environment for all.
6.
Which hazard is not one of the four major types of hazards?
Correct Answer
D. Nuclear
Explanation
Nuclear is not one of the four major types of hazards because the four major types of hazards are biological, chemical, physical, and nuclear hazards. Since nuclear is listed as one of the options, it cannot be the correct answer. Therefore, the correct answer must be nuclear.
7.
Which hazard is caused by heavy workloads, lack of control over the pace of work, shift work, noise, working by yourself, and conflict with coworkers and employers?
Correct Answer
D. Stress
Explanation
Stress is caused by various factors such as heavy workloads, lack of control over the pace of work, shift work, noise, working alone, and conflict with coworkers and employers. These factors can lead to increased pressure and tension, affecting an individual's mental and physical well-being. Stress can have negative effects on productivity, performance, and overall health. It is important to address and manage stress in the workplace to maintain a healthy and productive work environment.
8.
To prevent manual handling hazards, utilize team lifting when lifting items that weigh more than how many pounds?
Correct Answer
A. 25
Explanation
To prevent manual handling hazards, it is recommended to utilize team lifting when lifting items that weigh more than 25 pounds. This is because lifting heavy objects alone can put excessive strain on an individual's muscles and joints, increasing the risk of injuries such as strains, sprains, or even more serious conditions like hernias. By using a team lifting approach, the weight is distributed among multiple individuals, reducing the strain on each person and minimizing the risk of injuries.
9.
When working on electrical circuits, the role of safety observer is normally performed by the
Correct Answer
D. Supervisor
Explanation
In electrical circuits, the role of a safety observer is crucial to ensure the safety of the individuals working on the circuits. The supervisor is the most suitable candidate for this role as they have the authority and responsibility to oversee the work being done. They can monitor the procedures, identify any potential hazards, and take necessary actions to prevent accidents or injuries. Additionally, supervisors are typically experienced and knowledgeable in electrical safety protocols, making them well-equipped to fulfill the role of a safety observer.
10.
When working on electrical circuits, you may only wear metal framed eyeglasses if
Correct Answer
D. They are secured with a nonmetallic cord
Explanation
Metal framed eyeglasses conduct electricity, so wearing them while working on electrical circuits can be dangerous. However, if the eyeglasses are secured with a nonmetallic cord, it reduces the risk of them falling onto the circuit and causing a short circuit or electrical shock. This safety precaution ensures that even if the glasses accidentally come off, they will not pose a threat to the person working on the circuit.
11.
To whom does the risk management (RM) process apply?
Correct Answer
A. All personnel
Explanation
The risk management (RM) process applies to all personnel. This means that everyone within an organization, regardless of their role or department, is responsible for identifying, assessing, and mitigating risks. It emphasizes the importance of a collective effort in managing risks and ensuring the safety and well-being of all individuals involved. By involving all personnel in the RM process, organizations can benefit from a wider range of perspectives and expertise, leading to more effective risk management strategies.
12.
What simple, systematic process allows commanders to maximize combat capability, while limiting risk?
Correct Answer
C. Risk management
Explanation
Risk management is a simple, systematic process that allows commanders to maximize combat capability while limiting risk. It involves identifying potential risks, assessing their likelihood and impact, and implementing strategies to mitigate or control them. By effectively managing risks, commanders can ensure the safety of their personnel and equipment, while still achieving their mission objectives. Safety control and safety management are related concepts, but they specifically focus on ensuring the safety of personnel and equipment, whereas risk management encompasses a broader approach that addresses both safety and combat capability.
13.
Which of the following is a principle of risk management (RM)?
Correct Answer
B. Apply the RM process continuously
Explanation
The correct answer is "Apply the RM process continuously." This principle of risk management emphasizes the need to consistently and regularly apply the risk management process. Risk management is not a one-time activity but an ongoing process that involves identifying, assessing, and mitigating risks. By continuously applying the RM process, organizations can ensure that risks are effectively managed and that any changes or new risks are promptly addressed. This helps in maintaining a proactive approach towards risk management and minimizing the potential impact of risks on the organization.
14.
How many steps are in the risk management (RM) process?
Correct Answer
B. Five
Explanation
The correct answer is five because the risk management process typically consists of five steps: risk identification, risk analysis, risk evaluation, risk treatment, and risk monitoring. These steps are followed to systematically identify, assess, and mitigate potential risks in order to minimize their impact on a project or organization.
15.
An enclave that does not have a firewall and intrusion detection system (IDS) is classified as having what category of vulnerability?
Correct Answer
A. I
Explanation
An enclave that does not have a firewall and intrusion detection system (IDS) is classified as having a Category I vulnerability. This means that the enclave lacks the necessary security measures to protect against unauthorized access and potential attacks. Without a firewall, the enclave is vulnerable to network-based attacks, while the absence of an IDS leaves it exposed to intrusion attempts that may go undetected. This combination of vulnerabilities puts the enclave at high risk of compromise and unauthorized access to sensitive information.
16.
How many Integrated Network and Operation Security Centers (INOSC) does the Air Force have?
Correct Answer
B. Two
Explanation
The Air Force has two Integrated Network and Operation Security Centers (INOSC).
17.
The Integrated Network Operations and Security Centers (INOSC) has several responsibilities except
Correct Answer
D. Install patches or perform any upgrades provided by the Air Force Enterprise Network (AFEN).
Explanation
The Integrated Network Operations and Security Centers (INOSC) is responsible for maintaining sole administrative privileges on the firewall, standardizing, configuring, backing up, and otherwise maintaining the firewall, and maintaining a single naming/configuration standard for boundary devices. However, they are not responsible for installing patches or performing any upgrades provided by the Air Force Enterprise Network (AFEN).
18.
Which term is used to describe the technology for transmitting voice communications over a data network using open-standard-based internet protocol (IP)?
Correct Answer
A. IP telepHony
Explanation
IP telephony is the correct answer because it refers to the technology of transmitting voice communications over a data network using open-standard-based internet protocol (IP). This technology allows for voice calls to be made over the internet rather than traditional telephone lines, making it more cost-effective and flexible. IP telephony is commonly known as Voice over Internet Protocol (VoIP).
19.
You should implement all of the following security features to help defend internet protocol (IP) telephony systems from attackers except
Correct Answer
C. Consolidating your voice with your data using virtual local area networks (VLAN)
Explanation
The correct answer is consolidating your voice with your data using virtual local area networks (VLAN). This is because consolidating voice and data on the same VLAN can increase the risk of attacks as it exposes the voice traffic to potential security breaches. It is recommended to separate voice and data traffic using separate VLANs to enhance security. The other options mentioned, such as enabling access control lists (ACL), deploying protection from DHCP spoofing, and enabling port security access, are all valid security measures to defend IP telephony systems from attackers.
20.
At which open systems interconnect (OSI) layer does a packet filter gateway operate at?
Correct Answer
B. 3
Explanation
A packet filter gateway operates at the third layer of the OSI model, which is the network layer. This layer is responsible for addressing, routing, and delivering data packets across different networks. A packet filter gateway examines the headers of incoming and outgoing packets and makes decisions based on predefined rules, such as allowing or blocking certain types of traffic. By operating at this layer, the packet filter gateway can effectively filter and control network traffic based on IP addresses, ports, and other criteria.
21.
At which open systems interconnect (OSI) layer does a circuit layer gateway operate?
Correct Answer
B. 4
Explanation
A circuit layer gateway operates at the OSI layer 4, also known as the transport layer. This layer is responsible for establishing and maintaining end-to-end connections between hosts, ensuring reliable and error-free data transmission. Circuit layer gateways are specifically designed to provide network connectivity and perform protocol conversion at this layer. They can analyze and manipulate the data flowing between different networks, enabling communication between different protocols and networks.
22.
At which open systems interconnect (OSI) layer does an application-level firewall operate?
Correct Answer
D. 7
Explanation
An application-level firewall operates at the seventh layer of the OSI model, which is the application layer. This layer is responsible for providing network services to user applications and is where protocols such as HTTP, FTP, and SMTP operate. By operating at this layer, an application-level firewall can monitor and control network traffic based on specific application-level protocols and rules. This allows it to provide more granular control and security for applications and their associated data.
23.
The disadvantage of a host-based intrusion detection system (HIDS) is that it
Correct Answer
B. Consumes resources on the host it resides on and slows that device down
Explanation
A host-based intrusion detection system (HIDS) consumes resources on the host it resides on and slows down the device because it needs to constantly monitor and analyze the system's activities and events. This continuous monitoring and analysis require processing power and memory, which can impact the overall performance of the host. As a result, the device may experience slower response times and decreased efficiency.
24.
One advantage of a network-based intrusion detection system (NIDS) is that it
Correct Answer
B. Uses very few network resources
Explanation
A network-based intrusion detection system (NIDS) that uses very few network resources is advantageous because it minimizes the impact on network performance. By efficiently utilizing network resources, the NIDS can effectively monitor and analyze network traffic without causing significant slowdowns or disruptions. This allows for continuous monitoring and detection of potential intrusions while maintaining optimal network performance.
25.
Which intrusion detection system (IDS) uses software sensors
Correct Answer
C. Host-based
Explanation
A host-based intrusion detection system (IDS) uses software sensors to monitor the activities and behavior of individual hosts or endpoints within a network. These software sensors are installed on each host and collect data about system logs, file integrity, user activity, and network connections. By analyzing this data, the host-based IDS can detect and alert on any suspicious or malicious activities occurring on the host itself. This type of IDS is particularly effective in detecting insider threats or attacks targeting specific hosts within a network.
26.
Which intrusion detection system (IDS) monitors packets for protocol anomalies and known virus signatures?
Correct Answer
D. Network-based
Explanation
A network-based intrusion detection system (IDS) is designed to monitor packets for both protocol anomalies and known virus signatures. It operates by analyzing network traffic and looking for unusual patterns or behaviors that could indicate a potential intrusion. Additionally, it compares the packets against a database of known virus signatures to identify any malicious activity. This type of IDS is typically deployed at the network perimeter or within the network infrastructure to provide comprehensive monitoring and protection against network-based attacks.
27.
Host-based intrusion detection systems (HIDS) are
Correct Answer
C. Passive and active
Explanation
Host-based intrusion detection systems (HIDS) are both passive and active. Passive means that they monitor and analyze system activities without taking any action. They detect and log any suspicious or malicious activities happening on the host. On the other hand, active means that they can take action to prevent or mitigate an intrusion. This can include blocking network traffic, terminating processes, or alerting system administrators. By combining both passive and active capabilities, HIDS can provide comprehensive protection against intrusions by detecting and responding to them in real-time.
28.
Network-based intrusion detection systems (NIDS) are
Correct Answer
B. Passive only
Explanation
NIDS stands for Network-based Intrusion Detection Systems, which are designed to monitor network traffic and detect any suspicious or malicious activity. The term "passive" refers to the fact that NIDS do not actively interfere with the network or the traffic being monitored. Instead, they passively analyze the network packets and look for patterns or signatures that indicate an intrusion. Therefore, the correct answer is "passive only" as NIDS do not actively participate in network activities.
29.
What security posture permits everything that is not specifically denied?
Correct Answer
D. Open
Explanation
The correct answer is "Open." An "Open" security posture allows everything unless it is specifically denied. This means that there are no restrictions or limitations on what is allowed, and all access and actions are permitted by default. This approach can be risky as it leaves the system vulnerable to potential threats and breaches, as there are no predefined rules or restrictions in place to protect against unauthorized access or malicious activities.
30.
What type of certificate authenticates the identity of the user
Correct Answer
A. Digital
Explanation
A digital certificate is a type of certificate that authenticates the identity of the user. It is a digital document that contains information about the user and is issued by a trusted third party known as a Certificate Authority (CA). The digital certificate is used to verify the identity of the user in online transactions and communications. It ensures that the user is who they claim to be and helps to establish a secure and encrypted connection between the user and the recipient.
31.
What is the first line of defense in securing laptops
Correct Answer
A. Set a login ID and password combination for access
Explanation
The first line of defense in securing laptops is to set a login ID and password combination for access. This ensures that only authorized individuals can gain access to the laptop and its contents. It acts as a barrier against unauthorized access and protects sensitive information from being compromised. Installing biometrics and encryption certificates, placing a lock on the computer, and storing it in a locked case can provide additional layers of security, but setting a login ID and password is the initial and fundamental step in securing a laptop.
32.
The definition of integrity as applied to identification, authentication, and encryption is
Correct Answer
D. The assurance that no one has changed or destroyed information without permission
Explanation
Integrity, in the context of identification, authentication, and encryption, refers to the assurance that no unauthorized individual has tampered with or destroyed information without permission. It ensures the accuracy and reliability of data by preventing unauthorized modifications or deletions. This aspect of integrity is crucial for maintaining data integrity and trust in the network.
33.
What Air Force Systems Security Instruction (AFSSI) series covers emission security (EMSEC)?
Correct Answer
C. 7000
Explanation
The Air Force Systems Security Instruction (AFSSI) series that covers emission security (EMSEC) is the 7000 series. This series specifically focuses on the protection of electromagnetic emissions and ensuring that sensitive information is not leaked through unintentional electromagnetic radiation. EMSEC is crucial in preventing adversaries from intercepting and exploiting these emissions to gather intelligence or compromise the security of Air Force systems.
34.
Which AF System Security Instruction (AFSSI) provides the overall implementation of DOD’s TEMPEST program?
Correct Answer
A. 7700
Explanation
AFSSI 7700 provides the overall implementation of DOD's TEMPEST program. TEMPEST is a program that ensures the security of electronic systems by preventing the compromising of classified information through compromising emanations. AFSSI 7700 outlines the guidelines and procedures for protecting classified information from unauthorized access via electromagnetic radiation. It establishes the standards and requirements for TEMPEST countermeasures to be implemented in DOD systems.
35.
Which method of containing radiated emanations requires both facility and equipment testing?
Correct Answer
A. Zoning
Explanation
Zoning is the method of containing radiated emanations that requires both facility and equipment testing. This involves dividing the facility into different zones based on the level of sensitivity to radiated emanations. Each zone is then tested to ensure that the equipment and facilities within it meet the required standards for containing radiated emanations. This method ensures that sensitive information is protected by creating controlled areas where the risk of radiated emanations is minimized.
36.
A facility with an inspectable space of more than 20 meters, but less than 100 meters would be considered to be in facility zone
Correct Answer
B. B
Explanation
A facility with an inspectable space of more than 20 meters but less than 100 meters would be considered to be in facility zone. This suggests that the facility falls within a specific range of space, which is greater than 20 meters but less than 100 meters. The answer B accurately represents this range, making it the correct answer choice.
37.
Equipment with an equipment radiation TEMPEST zone (ERTZ) of 20 to 100 meters would be considered to be in equipment zone
Correct Answer
C. C
Explanation
Equipment with an equipment radiation TEMPEST zone (ERTZ) of 20 to 100 meters would be considered to be in the equipment zone C.
38.
Why must the use of TEMPEST-certified equipment be validated by an AF Certified TEMPEST technical authority (CTTA) prior to testing an inspectable space?
Correct Answer
D. It is expensive
Explanation
The use of TEMPEST-certified equipment must be validated by an AF Certified TEMPEST technical authority (CTTA) prior to testing an inspectable space because it is expensive. This implies that the validation process involves significant costs, which may include the fees for the certification authority, specialized equipment, and expert personnel. By requiring validation, the authorities ensure that the investment in TEMPEST-certified equipment is justified and that the equipment meets the necessary standards to protect against electromagnetic radiation and potential security breaches.
39.
What plays a major role in a conductor’s ability to minimizing compromising emanations?
Correct Answer
A. Distance and angle
Explanation
The ability to minimize compromising emanations is influenced by both distance and angle. Distance refers to the physical separation between the conductor and the source of emanations, with greater distance generally resulting in reduced interference. Angle, on the other hand, refers to the orientation or direction of the conductor in relation to the source, and adjusting the angle can help mitigate the impact of emanations. Both factors are important in ensuring effective reduction of compromising emanations.
40.
Equipment is comprised as machines that process information in electronic or electrical form. What equipment should be designated as RED?
Correct Answer
D. Equipment processing clear-text classified information
Explanation
The equipment that should be designated as RED is the one processing clear-text classified information. This means that the equipment is handling information that is not encrypted and is considered to be confidential and classified. It is important to designate this equipment as RED to ensure proper security measures are in place to protect the sensitive information being processed.
41.
What equipment should be designated as BLACK when designating equipment that supports physical and electrical concepts?
Correct Answer
B. Equipment processing encrypted classified information
Explanation
The equipment that should be designated as BLACK when designating equipment that supports physical and electrical concepts is the one processing encrypted classified information. This is because encryption involves the use of algorithms and keys to convert information into a code that can only be deciphered by authorized parties. Therefore, equipment processing encrypted classified information requires additional security measures and controls to protect the sensitive data.
42.
Which type of separation ensures that every signal conductor from a RED device routes to another RED device, or becomes encrypted before connecting to a BLACK device?
Correct Answer
B. Electrical
Explanation
Electrical separation ensures that every signal conductor from a RED device routes to another RED device or becomes encrypted before connecting to a BLACK device. This type of separation involves using electrical techniques to isolate and protect sensitive information from unauthorized access or interference. By implementing proper electrical separation, the integrity and security of the data transmission can be maintained, ensuring that only authorized devices can access the information.
43.
What is the grounding resistance goal for military communications electronics (C-E) facilities?
Correct Answer
D. 10 ohms or less
Explanation
The grounding resistance goal for military communications electronics (C-E) facilities is 10 ohms or less. This means that the resistance between the ground and the facility should be 10 ohms or lower. This low resistance is important for safety and proper functioning of the equipment, as it helps to prevent electrical shocks, minimize interference, and ensure effective grounding of electrical currents.
44.
Which facility ground subsystem uses surge arrestors?
Correct Answer
D. Lightning protection
Explanation
The facility ground subsystem that uses surge arrestors is lightning protection. Surge arrestors are devices designed to protect electrical systems from sudden voltage spikes or surges caused by lightning strikes. Lightning protection systems typically include surge arrestors to divert the excess electrical energy from a lightning strike away from sensitive equipment, preventing damage or disruption to the facility's electrical system.
45.
Which facility ground subsystem is also called the safety ground?
Correct Answer
B. Fault protection
Explanation
Fault protection is also called the safety ground because it is responsible for protecting against faults in electrical systems. It ensures that any excessive current or voltage is directed safely to the ground, preventing damage to equipment and ensuring the safety of individuals. This subsystem is designed to detect faults and activate protective measures, such as circuit breakers or fuses, to isolate the faulty part and prevent further damage. Therefore, fault protection serves as a safety ground by safeguarding the system and preventing potential hazards.
46.
Which facility ground subsystem is also called the “signal ground” and controls electrical noise and static in a facility?
Correct Answer
C. Signal reference
Explanation
The facility ground subsystem that is also called the "signal ground" is the signal reference. It is responsible for controlling electrical noise and static in a facility. This ground connection ensures that all signals within the facility are referenced to a common ground point, reducing the risk of interference and improving signal quality.
47.
Bonds in the earth electrode subsystem normally are direct permanent bonds and do not exceed a resistance of
Correct Answer
A. 1 milliohm
Explanation
The earth electrode subsystem consists of bonds that connect various components of an electrical system to the earth. These bonds are designed to be direct and permanent, meaning they provide a continuous and stable connection to the earth. To ensure effective grounding, the resistance of these bonds should be minimal. Therefore, the resistance should not exceed 1 milliohm, allowing for efficient dissipation of electrical currents into the earth.
48.
What kind of bond is normally applied to signal reference bonds?
Correct Answer
D. Mechanical
49.
What is required in electronic settings to prevent equipment and signals from propagating interference and to protect equipment and signals from the effects of interference propagated by other devices?
Correct Answer
B. Shielding
Explanation
Shielding is required in electronic settings to prevent equipment and signals from propagating interference and to protect equipment and signals from the effects of interference propagated by other devices. Shielding involves using materials or structures that can block or absorb electromagnetic waves, preventing them from interfering with the functioning of electronic equipment. It creates a barrier between the equipment and external sources of interference, ensuring that the signals remain clear and undisturbed. By implementing shielding measures, the integrity and reliability of electronic systems can be maintained.
50.
Which type of shielding utilizes braid, foil, metal wrap, conduit or twisted wire around a conductor?
Correct Answer
A. Cable
Explanation
Cable is the correct answer because it is the type of shielding that utilizes braid, foil, metal wrap, conduit, or twisted wire around a conductor. Cable shielding is used to protect the conductor from electromagnetic interference and to prevent signal leakage. It helps to maintain the integrity and quality of the signal being transmitted through the cable.