5200 Vol 1

Question 1

What does DODM stand for?

Answer 1

Department of Defense Manual

Question 2

What is the primary focus of DODM 5200.01 vol 1?

Answer 2

Information Security

Question 3

True or False: DODM 5200.01 vol 1 is part of a series of manuals.

Answer 3

True

Question 4

Fill in the blank: DODM 5200.01 vol 1 establishes __________ for the protection of DoD information.

Answer 4

policies and procedures

Question 5

What is the significance of information assurance in DODM 5200.01 vol 1?

Answer 5

It ensures the confidentiality, integrity, and availability of information.

Question 6

Multiple Choice: Which of the following is a key principle of information security according to DODM 5200.01 vol 1? A) Availability B) Inaccessibility C) Irrelevance

Answer 6

A) Availability

Question 7

What is the purpose of risk management as stated in DODM 5200.01 vol 1?

Answer 7

To identify and mitigate risks to DoD information.

Question 8

True or False: DODM 5200.01 vol 1 applies only to classified information.

Answer 8

False

Question 9

What does the term ‘classified information’ refer to in the context of DODM 5200.01 vol 1?

Answer 9

Information that requires protection against unauthorized disclosure.

Question 10

Fill in the blank: DODM 5200.01 vol 1 outlines the roles and responsibilities of __________ in information security.

Answer 10

DoD personnel

Question 11

What are the three levels of classification mentioned in DODM 5200.01 vol 1?

Answer 11

Confidential, Secret, and Top Secret.

Question 12

Multiple Choice: Which of the following is NOT a type of information addressed by DODM 5200.01 vol 1? A) Sensitive Compartmented Information B) Public Information C) Unclassified Controlled Information

Answer 12

B) Public Information

Question 13

What is the role of the Defense Security Service (DSS) in relation to DODM 5200.01 vol 1?

Answer 13

To oversee and implement security policies for DoD components.

Question 14

True or False: Information security training is a requirement under DODM 5200.01 vol 1.

Answer 14

True

Question 15

Fill in the blank: The __________ is responsible for the overall management of information security programs according to DODM 5200.01 vol 1.

Answer 15

Chief Information Officer (CIO)

Question 16

What does the acronym ‘IA’ stand for in the context of DODM 5200.01 vol 1?

Answer 16

Information Assurance

Question 17

Multiple Choice: Which document must be referenced for specific guidelines on handling classified information? A) DODM 5200.01 vol 1 B) DODM 5200.01 vol 2 C) DODM 5200.01 vol 3

Answer 17

B) DODM 5200.01 vol 2

Question 18

What is the purpose of the Continuous Monitoring Strategy in DODM 5200.01 vol 1?

Answer 18

To ensure ongoing awareness of information security risks.

Question 19

True or False: DODM 5200.01 vol 1 includes guidance on incident response.

Answer 19

True

Question 20

Fill in the blank: The __________ framework is used to assess the security posture of DoD information systems.

Answer 20

Risk Management Framework (RMF)

Question 21

What is the expected outcome of implementing the policies in DODM 5200.01 vol 1?

Answer 21

Enhanced protection of DoD information.

Question 22

Multiple Choice: Which of the following is a key component of information security? A) Firewalls B) Social Media C) Cloud Storage

Answer 22

A) Firewalls

Question 23

What does ‘insider threat’ mean in the context of DODM 5200.01 vol 1?

Answer 23

Threats posed by individuals within the organization who have access to sensitive information.

Question 24

True or False: DODM 5200.01 vol 1 mandates the use of encryption for all sensitive information.

Answer 24

False

Question 25

Fill in the blank: The __________ process is vital for identifying vulnerabilities within information systems.

Answer 25

vulnerability assessment

Question 26

What is the role of security controls in DODM 5200.01 vol 1?

Answer 26

To mitigate risks to information and information systems.

Question 27

Multiple Choice: Which of the following is a method of data protection outlined in DODM 5200.01 vol 1? A) Backups B) Deletion C) Sharing

Answer 27

A) Backups

Question 28

What is the definition of ‘access control’ as per DODM 5200.01 vol 1?

Answer 28

The process of limiting access to information and information systems.

Question 29

True or False: DODM 5200.01 vol 1 provides guidelines for physical security measures.

Answer 29

True

Question 30

Fill in the blank: The __________ is responsible for the implementation of information security policies at the local level.

Answer 30

Information System Owner

Question 31

What does the term ‘security breach’ refer to in DODM 5200.01 vol 1?

Answer 31

An incident that results in unauthorized access to sensitive information.

Question 32

Multiple Choice: Which of the following is a key element of an incident response plan? A) Communication B) Ignoring incidents C) Delaying response

Answer 32

A) Communication

Question 33

What is the significance of audit trails in DODM 5200.01 vol 1?

Answer 33

They help in tracking access and changes to sensitive information.

Question 34

True or False: DODM 5200.01 vol 1 requires periodic reviews of information security policies.

Answer 34

True

Question 35

Fill in the blank: __________ is the process of verifying the identity of a user or system.

Answer 35

Authentication

Question 36

What is the purpose of security training as outlined in DODM 5200.01 vol 1?

Answer 36

To educate personnel about information security risks and best practices.

Question 37

Multiple Choice: Which group is primarily responsible for enforcing compliance with DODM 5200.01 vol 1? A) End users B) Security Officers C) IT Support

Answer 37

B) Security Officers

Question 38

What are the consequences of non-compliance with DODM 5200.01 vol 1?

Answer 38

Disciplinary actions, including termination and legal consequences.

Question 39

True or False: DODM 5200.01 vol 1 includes guidelines for data classification.

Answer 39

True

Question 40

Fill in the blank: The __________ is responsible for ensuring that information security measures are incorporated into system development.

Answer 40

System Development Lifecycle (SDLC)

Question 41

What does ‘data integrity’ mean in the context of DODM 5200.01 vol 1?

Answer 41

The accuracy and consistency of data over its lifecycle.

Question 42

Multiple Choice: Which of the following is a type of security assessment? A) Application Review B) System Scan C) Both A and B

Answer 42

C) Both A and B

Question 43

True or False: DODM 5200.01 vol 1 applies to all DoD contractors.

Answer 43

True

Question 44

Fill in the blank: __________ is the process of ensuring that only authorized users can access information.

Answer 44

Authorization

Question 45

What role do external audits play in DODM 5200.01 vol 1 compliance?

Answer 45

They provide an independent assessment of information security practices.

Question 46

Multiple Choice: Which of the following is a security principle emphasized in DODM 5200.01 vol 1? A) Least Privilege B) Maximum Access C) Open Access

Answer 46

A) Least Privilege

Question 47

What does ‘security posture’ refer to in DODM 5200.01 vol 1?

Answer 47

The overall effectiveness of an organization’s security measures.

Question 48

True or False: DODM 5200.01 vol 1 specifies the need for incident reporting.

Answer 48

True

Question 49

Fill in the blank: __________ is an essential part of the risk management process in DODM 5200.01 vol 1.

Answer 49

Threat assessment

Question 50

What is the goal of continuous improvement in information security as per DODM 5200.01 vol 1?

Answer 50

To enhance security measures based on lessons learned and emerging threats.

Question 51

Multiple Choice: Which of the following describes a security incident? A) Unauthorized access B) Routine maintenance C) Software updates

Answer 51

A) Unauthorized access

Question 52

True or False: DODM 5200.01 vol 1 encourages collaboration with external agencies for information security.

Answer 52

True

Question 53

Fill in the blank: __________ measures are implemented to protect against unauthorized access to information.

Answer 53

Physical security

Question 54

What is the importance of data encryption in DODM 5200.01 vol 1?

Answer 54

To protect sensitive information from unauthorized access during transmission and storage.

Question 55

Multiple Choice: Which of the following is a key element of the security architecture? A) Redundancy B) Complexity C) Simplicity

Answer 55

A) Redundancy

Question 56

What is the role of the Information Security Program according to DODM 5200.01 vol 1?

Answer 56

To establish and maintain a framework for managing information security.

Question 57

True or False: DODM 5200.01 vol 1 requires the implementation of security patches.

Answer 57

True

Question 58

Fill in the blank: __________ is the process of identifying, assessing, and prioritizing risks.

Answer 58

Risk assessment

Question 59

What is the significance of security policies in DODM 5200.01 vol 1?

Answer 59

They provide a foundation for establishing security practices and procedures.

Question 60

Multiple Choice: Which of the following is a consequence of a security breach? A) Increased trust B) Legal action C) Enhanced reputation

Answer 60

B) Legal action

Question 61

True or False: DODM 5200.01 vol 1 encourages the use of multi-factor authentication.

Answer 61

True

Question 62

Fill in the blank: __________ is the practice of regularly reviewing and updating security measures.

Answer 62

Security auditing

Question 63

What is the purpose of the security framework in DODM 5200.01 vol 1?

Answer 63

To provide a structured approach to managing information security risks.

Question 64

Multiple Choice: Which of the following is NOT a component of an information security program? A) Incident response B) Threat detection C) Personal opinions

Answer 64

C) Personal opinions

Question 65

True or False: DODM 5200.01 vol 1 applies only to federal employees.

Answer 65

False

Question 66

Fill in the blank: The __________ is responsible for overseeing information security compliance across the DoD.

Answer 66

Chief Information Security Officer (CISO)