Kahoots

Question 1

What involves psychological manipulation of people to divulge information or perform actions that benefit attackers?

Answer 1

Social Engineering

Question 2

True or False: A targeted social engineering attack on a specific user for his/her specific likes is known as an insider attack.

Answer 2

False

Question 3

True or False: Cybersecurity in the supply chain can be viewed as an information technology problem only.

Answer 3

False

Question 4

Ensuring a third party is ___________ data is an important prerequisite when considering cloud computing.

Answer 4

Securing

Question 5

A third party contractor gaining _______ unauthorized access to information systems is considered an insider threat.

Answer 5

Physical or Virtual

Question 6

What malware has the defining factor of being able to replicate itself without user interaction?

Answer 6

Worm

Question 7

Malicious code is a category including _________ and website scripts that can be uploaded into a vulnerable system.

Answer 7

Malicious Software (malware)

Question 8

What are the two common pathways from criminals to users?

Answer 8

Email and World Wide Web

Question 9

Where does a “boot-sector virus” reside?

Answer 9

First sector of a disk or Universal Serial Bus (USB) drive

Question 10

File infector viruses will infect what type of files?

Answer 10

Executable Files

Question 11

A worm has the unique characteristic of being able to replicate without needing _________ to activate the virus.

Answer 11

a user

Question 12

Per the STRIDE model, what threat involves claiming you didn’t do something or were not responsible for an action?

Answer 12

Repudiation

Question 13

Per the STRIDE model, what term is described by exhausting resources needed to provide service?

Answer 13

Denial of Service

Question 14

Name the destructive behavior where the attacker changes entries in records.

Answer 14

Data diddling

Question 15

What are the ways to characterize an attack?

Answer 15

intent, point of initiation, and method of delivery

Question 16

Which network attack is difficult to address because it sends more requests to one machine than it can handle?

Answer 16

Distributed Denial of Service (DDoS)

Question 17

When Network Access Control connects to a network, what can it scan for on the system?

Answer 17

Virus definitions, antivirus software, and operating systems updates

Question 18

Agentless Network Access Control does not require a/an agent _________ to be installed on a client.

Answer 18

software

Question 19

True or False: Dissolvable agents run the NAC check for a current status of the system and remain installed on the system.

Answer 19

False

Question 20

What type of authentication factor requires a biometrics system?

Answer 20

something you are

Question 21

What type of authentication factor is based on user habits like typing patterns?

Answer 21

something you do

Question 22

True or False: Combining username & password is considered multi-factor authentication.

Answer 22

False

Question 23

Why are Universal Serial Bus (USB) devices particularly dangerous to computer systems and networks?

Answer 23

Worms can activate and spread just by plugging one in to a computer, they are easy to conceal, they hold large amounts of data

Question 24

What is a cryptographic processor stored on a separate card and installed on a system as an add-on device?

Answer 24

Hardware Security Module (HSM)

Question 25

To prevent data theft and worms, USB data ports are _________ on Department of Defense computers.

Answer 25

disabled

Question 26

When Bitlocker is enabled, Windows 7 and newer versions can’t boot without a key. What type of encryption is this?

Answer 26

full disk encryption (FDE)

Question 27

When using Full Disk Encryption (FDE), what stores the cryptographic keys within the system?

Answer 27

Trusted Platform Module (TPM)

Question 28

Storage Drive encryption can encrypt what kinds of storage drives?

Answer 28

Hard drives and Universal Serial Bus (USB) drive

Question 29

Which of the following is NOT an authentication factor?

Answer 29

Someone you know

Question 30

What service has this drawback: if an account is compromised, a hacker can access multiple servers rather than one?

Answer 30

Single-Sign-On (SSO)

Question 31

What must be supplied by a user who’s attempting to connect to a network secured with 802.1X?

Answer 31

Valid Credentials

Question 32

Any network resources the user consumes during their session is logged. What is this process called?

Answer 32

Accounting

Question 33

What’s defined as presenting information about yourself to a system?

Answer 33

Identification

Question 34

What protocol does DIAMETER use to send and secure data during transmission?

Answer 34

Transmission Control Protocol (TCP)

Question 35

What AAA protocol gives less reliable/secure service through User Datagram Protocol (UDP)?

Answer 35

Remote Authentication Dial-In User Service (RADIUS)

Question 36

The code is checked for functionality in what stage of the SDLC?

Answer 36

Testing

Question 37

Which software development life cycle requires completion of each development phase before moving to the next phase?

Answer 37

Waterfall

Question 38

During the Agile SDLC process, when can developers backtrack or repeat steps?

Answer 38

Anytime

Question 39

In what attack is malicious code injected into a web application via a script?

Answer 39

Cross Site Scripting (XSS)

Question 40

Websites store cookies containing user preferences and _________ information.

Answer 40

logon

Question 41

What risk is posed by enabling the “Remember Me” feature with internet browsers?

Answer 41

cross-site forgery

Question 42

What provides web filtering?

Answer 42

Proxy server

Question 43

Network administrators implement permissions on files and folders to build what?

Answer 43

Access Control List (ACL)

Question 44

Which NTFS permission gives a user all permission possible?

Answer 44

Full Control

Question 45

Group policy can be centrally configured for the network through _____________.

Answer 45

Active Directory

Question 46

When creating a firewall plan, you will typically create all of the following zones EXCEPT what?

Answer 46

communal zone

Question 47

What should be placed in a private zone?

Answer 47

Local Area Network (LAN)

Question 48

What security zone contains the internet?

Answer 48

public zone

Question 49

In what security zone would you put a limited-access server?

Answer 49

extranet zone

Question 50

In what security zone would you put a Wi-Fi network?

Answer 50

wireless zone

Question 51

By having secure network user habits, the cyber _________ of the network is ensured.

Answer 51

hygiene

Question 52

True or False: To ensure antivirus definitions are kept up to date, users should allow their software to perform automatic updates.

Answer 52

True

Question 53

How often should antivirus software be set up to automatically perform security scans?

Answer 53

Regularly

Question 54

Before you dispose of a computer you should use a wipe utility program to _________ the entire hard drive.

Answer 54

overwrite

Question 55

What incident response team role has technical expertise to assess and identify the scale of the security incident?

Answer 55

Technical Specialist

Question 56

What document should define each team member’s roles and responsibilities?

Answer 56

Incident Response Plan

Question 57

How would the following incident/event be categorized: normal functionality is denied.

Answer 57

CAT 4 - Denial of Service

Question 58

How would the following incident/event be categorized: authorized user breaches AF policy.

Answer 58

CAT 5 - Non-Compliance Activity

Question 59

How would the following incident/event be categorized: event that is a false alarm.

Answer 59

CAT 9 - Explained Anomaly

Question 60

How would the following incident/event be categorized: event undergoing further review.

Answer 60

CAT 8 - Investigating

Question 61

A/an _________ is an observable occurance in a system and/or network.

Answer 61

event

Question 62

A/an _________ is an assessed occurance in a system and/or network that jeopardizes the information system.

Answer 62

incident

Question 63

If a virus is discovered on a system, who should isolate the computer from the network?

Answer 63

first responder

Question 64

Cyber Incident Response: What’s the first incident response phase where the AF detects activity with a variety of means and capabilities?

Answer 64

Detection & Reporting Events

Question 65

During an incident, what must the incident handling staff do with the data to allow for further incident analysis?

Answer 65

preserve integrity of data

Question 66

The goal of a network incident first responder is to _________ the incident.

Answer 66

contain

Question 67

What is the starting point for all future configuration assessments?

Answer 67

Baseline

Question 68

True or False: Baselining will require updating to make it current with a desired configuration.

Answer 68

True

Question 69

When creating a baseline, what metric will change the perspective of your data?

Answer 69

time span and starting point

Question 70

It’s necessary to maintain a/an _________ to revert the system after changes if needed.

Answer 70

baseline

Question 71

Which backup method backs up files that were altered since the last backup and clears the archive flag after?

Answer 71

Incremental Backup

Question 72

Disaster Recovery Plan: In which step would you form a team to assist in the entire disaster recovery operation?

Answer 72

Assemble a Disaster Recovery Team

Question 73

In which step would you gather and document equipment, policies, telephone numbers, and other valuable documents?

Answer 73

data collection

Question 74

When should gathering information take place during root cause analysis?

Answer 74

first step

Question 75

Root Cause Analysis: During which phase should personnel continuously review the incident to ensure accuracy?

Answer 75

Validate the Incident

Question 76

What part of post-incident analysis captures lessons learned, initial root cause, and other problems?

Answer 76

postmortem

Question 77

Name the all-source report that focuses on individuals, groups, or organizations ID’d as threats to DoD networks.

Answer 77

Network Intelligence Report (NIR)

Question 78

All involved personnel should ID and ______ all relevant information about a network incident for future analysis.

Answer 78

collect

Question 79

What document identifies potential foreign threats to Department of Defense networks?

Answer 79

Network Intelligence Report (NIR)

Question 80

Having the goals of Confidentiality, Integrity, and Availability best describes which security program?

Answer 80

COMPUSEC (Computer Security)

Question 81

TEMPEST is a security program that identifies compromising _________ in information systems

Answer 81

emanations

Question 82

What level of classification, if disclosed, could cause exceptionally grave damage to national security?

Answer 82

Top Secret (TS)

Question 83

OPSEC reduces mission vulnerabilities by eliminating or reducing adversary collection of _______.

Answer 83

critical information

Question 84

Cryptography is the use of coding systems to _________ information.

Answer 84

encrypt & decrypt

Question 85

TRANSEC results from all measures designed to protect intentional transmissions by means other than what?

Answer 85

crypto analysis

Question 86

What security program focuses on end-point security, ports, protocols, and service management within the Air Force?

Answer 86

COMPUSEC

Question 87

_________ vulnerabilities come from unintentionally emitted signals or compromising emanations.

Answer 87

TEMPEST

Question 88

Which of the following would be considered the LEAST classified compared to the others?

Answer 88

Confidential (C)

Question 89

Which security program is a continuous process and an inherent part of military culture?

Answer 89

OPSEC

Question 90

We aim to defeat our enemy’s crypto analysis efforts with our _________ systems.

Answer 90

cryptographic

Question 91

_______ is applying cryptosecurity techniques to each situation so our intercepted signals will be unintelligible.

Answer 91

TRANSEC