Kopieren und bearbeiten

CYBER Quiz

Beschreibung

QUESTIONS FROM THE STUDENT GUIDES
Casey Neville
Quiz von Casey Neville, aktualisiert more than 1 year ago
Casey Neville
Erstellt von Casey Neville vor mehr als 2 Jahre
1654
3
0

Zusammenfassung der Ressource

Frage 1

Frage
What regulations will DoD follow for cybersecurity policy? Select the best answer.
Antworten
  • DIACAP
  • DoD 8500 Series
  • DCID 6/3
  • DoD 6500 Series

Frage 2

Frage
What policy partnerships has DoD developed to standardize cybersecurity and protect the unique requirements of DoD missions and warfighters? Select the best answer.
Antworten
  • CNSS and NIST
  • Tier 1, Tier 2, and Tier 3
  • DIACAP and RMF
  • Platform, Process, and Organization

Frage 3

Frage
What factors do organizations need to take into account when implementing a holistic approach to organizational risk management? Select all that apply.
Antworten
  • Strategic Goals and Objectives
  • Relationships between mission/business process
  • Supporting Information Systems
  • Organizational culture and infrastructure

Frage 4

Frage
PIT systems refer to: Select the best answer.
Antworten
  • Priority Information Technology
  • Proprietary Information Technology
  • Platform Information Technology
  • Process Information Technology

Frage 5

Frage
What broad groups does DoD use to categorize information technology? Choose the best answer.
Antworten
  • Information Systems and PIT
  • Information Systems and Products
  • PIT and Services
  • (a) and (b )
  • (b) and (c )

Frage 6

Frage
In what Step of the Risk Management Framework is continuous monitoring employed? Select the best answer.
Antworten
  • Step 1
  • Step 4
  • Step 5
  • Step 6

Frage 7

Frage
Match the following Steps of the Risk Management Framework to "Step 1 Categorize System"
Antworten
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Frage 8

Frage
Match the following Steps of the Risk Management Framework to "Step 2 Select Security Controls"
Antworten
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Frage 9

Frage
Match the following Steps of the Risk Management Framework to "Step 3 Implement Security Controls"
Antworten
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Frage 10

Frage
Match the following Steps of the Risk Management Framework to "Step 4 Assess Security Controls"
Antworten
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Frage 11

Frage
Match the following Steps of the Risk Management Framework to "Step 5 Authorize System"
Antworten
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Frage 12

Frage
Match the following Steps of the Risk Management Framework to "Step 6 Monitor Security Controls Activities"
Antworten
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Frage 13

Frage
What activities occur in Step 4 of the Risk Management Framework (RMF), Assess Security Controls?
Antworten
  • Conduct final risk determination
  • Prepare the Plan of Action and Milestones (POA&M)
  • Prepare Security Assessment Report (SAR)
  • All of the above

Frage 14

Frage
Select ALL of the correct responses. What is included in the security authorization package?
Antworten
  • Plan of Action and Milestones (POA&M)
  • Security Assessment Report (SAR)
  • Security Plan
  • None of the above

Frage 15

Frage
Select ALL of the correct responses. What does the information owner do when determining the impact of changes?
Antworten
  • Document in SAR for the AO to review
  • Provide written and signed report
  • Reports significant changes in the security posture of the system
  • Continuously monitors the system or information environment
  • Periodically assesses the quality of the security controls

Frage 16

Frage
Select ALL of the correct responses. What types and levels of vulnerabilities should you consider?
Antworten
  • Information system level
  • Physical security
  • Mission/business process level
  • People
  • Organization level
  • None of the above

Frage 17

Frage
Confidentiality, integrity, availability, authentication, and non-repudiation are all attributes of cybersecurity.
Antworten
  • True
  • False

Frage 18

Frage
What Risk Management Framework (RMF) step is designed to assess risk?
Antworten
  • Implement Security Controls
  • Categorize System
  • Authorize System
  • Assess Security Controls

Frage 19

Frage
What is the last step in the Risk Management Framework (RMF)?
Antworten
  • Implement Security Controls
  • Authorize System
  • Assess Security Controls
  • Categorize System
  • Select Security Controls
  • Monitor Security Controls

Frage 20

Frage
Where is the implementation of security controls documented?
Antworten
  • DoD architectures and standards
  • System Security Plan (SSP)
  • Security Technical Implementation Guide (STIG)
  • Security Requirements Guide (SRG)

Frage 21

Frage
Why do you need to be aware of cybersecurity?
Antworten
  • To account for and eliminate all risk
  • To appropriately manage risk by mitigating threats and vulnerabilities
  • To ensure all appropriate measures are taken to protect a designated space and ensure only people with permission enter and leave it
  • To uphold all elements of the National Industrial Security Program Operating Manual

Frage 22

Frage
Select ALL of the correct responses. What are all cybersecurity attributes susceptible to?
Antworten
  • Disclosure
  • Authorization
  • Vulnerabilities
  • Threats

Frage 23

Frage
Which steps of the Risk Management Framework (RMF) are designed to evaluate risk?
Antworten
  • Monitor Security Controls
  • Authorize System
  • Assess Security Controls
  • None of the above
  • All of the above

Frage 24

Frage
Evaluation ensures that new risks arising from changes are noticed and assessed.
Antworten
  • True
  • False

Frage 25

Frage
Select ALL of the correct responses. Which policies and DoD regulations set our cybersecurity standards?
Antworten
  • DoD 8530.01, Cybersecurity Activities Support to DoD Information Network Operations
  • DoDI 8510.01, Risk Management Framework for DoD Information Technology
  • DoDI 8500.01, Cybersecurity
  • None of the above

Frage 26

Frage
Which of the following are areas within cybersecurity?
Antworten
  • Procedural security
  • Physical security
  • Personnel security
  • All of the above

Frage 27

Frage
Adversarial threats are
Antworten
  • natural or man-made disasters, unusual natural events, or an infrastructure failure or outage.
  • unintentional threats made by a single user or privileged user or administrator when performing their everyday responsibilities.
  • from individual, group, organization, or nation-state seeking to exploit the organization's dependence on cyber resources.
  • failures of equipment, environmental controls, or software due to aging, resource depletion, or other circumstances.

Frage 28

Frage
Select ALL of the correct responses. Security personnel need to have which of the following skills?
Antworten
  • New Technology and Equipment
  • System Categorization
  • Training Others
  • Compilation and Data Aggregation

Frage 29

Frage
Which of the following provides an overarching methodology to follow when managing cybersecurity risks?
Antworten
  • Security Assessment Report (SAR)
  • Risk Management System
  • Security Technical Implementation Guide (STIG)
  • Department of Defense Security Skill Standard

Frage 30

Frage
Engagement and collaboration between security, information technology, and cybersecurity personnel should be proactive and continuous.
Antworten
  • True
  • False

Frage 31

Frage
What are the cybersecurity attributes?
Antworten
  • Confidentiality
  • Integrity
  • Availability
  • Authentication
  • Non-repudiation

Frage 32

Frage
What is the primary responsibility of security personnel?
Antworten
  • Direct the operation of and assure the security of the global DoD network
  • Coordinate all DoD network operations
  • Protect classified information and controlled unclassified information from unauthorized disclosure
  • Monitor, evaluate, and provide advice to the Secretary of Defense

Frage 33

Frage
Why do you need to be aware of cybersecurity?
Antworten
  • To uphold all elements of the national Security Program Operating Manual.
  • To appropriately manage risk by mitigating threats and vulnerabilities.
  • To examine your own actions and activities to uphold personal accountability
  • To ensure all appropriate measures are taken to protect a place and ensure only people with permission enter and leave it.

Frage 34

Frage
What is Security personnel’s primary skill in relationship to cybersecurity?
Antworten
  • Analyze
  • Manage Risk
  • Execute Training
  • Respond to Incidents

Frage 35

Frage
What are the components of the Risk Management System?
Antworten
  • Revision
  • Mitigation
  • Assessment
  • Evaluation

Frage 36

Frage
What are the cybersecurity drivers?
Antworten
  • NIST 800-30 Rev 1, Guide for conducting Risk Assessments
  • DoD 8530.01, Cybersecurity Activities Support to DoD Information Network Operations
  • DoD 8510.01, Risk Management Framework
  • DoD 8500.01, Cybersecurity
  • DoD Security Policy

Frage 37

Frage
What are the steps in the Risk Management Framework (RMF)?
Antworten
  • Monitor Security Controls
  • Categorize System
  • Authorize System
  • Assess Security Controls
  • Select Security Controls
  • Implement Security Controls

Frage 38

Frage
Which skills do security personnel need?
Antworten
  • Protect information systems
  • Identify all cybersecurity concepts
  • Identify fundamentals cybersecurity concepts that are related to the protection of classified and controlled unclassified information.
  • Examine their role in protecting DoD’s information systems and the information they process, transmit, and store.

Frage 39

Frage
What threat environments should you consider?
Antworten
  • Adversarial
  • Environmental
  • Structural
  • Accidental

Frage 40

Frage
Which of the following are the activities that occur when performing RMF Step 2, Select Security Controls?
Antworten
  • Common Control Identification
  • Monitoring Strategy
  • Security Baseline and Overlay Selection
  • Security Plan Review Approval

Frage 41

Frage
What activities occur during implementation of security controls?
Antworten
  • Create appropriate training and communication plans
  • Ensure consistency with DoD architectures
  • Document security control implementation in the security plan
  • Identify Security controls available for inheritance

Frage 42

Frage
What should you look for when assessing vulnerabilities?
Antworten
  • Residual Risk
  • Ease
  • Likelihood
  • Related Threats
  • Rewards

Frage 43

Frage
Which steps of the RMF are designed to mitigate risk?
Antworten
  • Assess Security Controls
  • Monitor Security Controls
  • Select Security Controls
  • Authorize System
  • Implement Security Controls
  • Categorize System

Frage 44

Frage
Which steps of the RMF are designed to evaluate risk?
Antworten
  • Select Security Controls
  • Assess Security Controls
  • Monitor Security Controls
  • Authorize System
  • Categorize System
  • Implement Security Controls

Frage 45

Frage
What activities occur when assessing security controls?
Antworten
  • Prepare the Plan of Action and Milestones (POA&M)
  • Conduct final risk determination
  • Develop, plan, and approve Security Assessment Plan
  • Prepare Security Assessment Report (SAR)

Frage 46

Frage
Select ALL of the correct responses. Which of the following forms the basis for remediation actions?
Antworten
  • Ongoing monitoring activities
  • Outstanding items in the Plan of Action and Milestones (POA&M)
  • Risk assessment
  • Authorizing Official (AO) report

Frage 47

Frage
What activities occur when authorizing the system?
Antworten
  • Implement decommissioning strategy
  • Develop, review, and approve Security Assessment Plan
  • Prepare the Plan of Action and Milestones (POA&M)
  • Submit security authorization package

Frage 48

Frage
Which of the following are areas within cybersecurity?
Antworten
  • Procedural security
  • Physical security
  • Personnel security
  • All of the above

Frage 49

Frage
What activities occur when monitoring security controls?
Antworten
  • Prepare the Plan of Action and Milestones
  • Develop, review, and approve Security Assessment Plan
  • Implement decommissioning strategy
  • Determine impact of changes

Frage 50

Frage
Select ALL of the correct responses. What are the DoD cybersecurity policies?
Antworten
  • Operational Resilience
  • Risk Management
  • Performance
  • Identity Assurance
  • Mission Partners

Frage 51

Frage
Select ALL of the correct responses. Which of the following are cybersecurity skill standards needed by security personnel?
Antworten
  • Conduct assessment and evaluation of all IT systems
  • Identify and manage all cybersecurity concepts
  • Explain their role in protecting DoD's information systems
  • Identify fundamental cybersecurity concepts that are related to the protection of classified and controlled unclassified information

Frage 52

Frage
After you complete a risk management system component, you should constantly reassess as you deploy new solutions.
Antworten
  • True
  • False

Frage 53

Frage
Confidentiality is the only attribute susceptible to threats and vulnerabilities.
Antworten
  • True
  • False

Frage 54

Frage
Cybersecurity is important so that risk is eliminated.
Antworten
  • True
  • False

Frage 55

Frage
Categorize System is the RMF step designed to assess risk.
Antworten
  • True
  • False

Frage 56

Frage
Who prepares the Security Assessment Report (SAR)?
Antworten
  • USCYBERCOM
  • Security Controls Assessor (SCA)
  • Security Personnel
  • DoD CIO

Frage 57

Frage
Select ALL of the correct responses. What are the attributes of cybersecurity?
Antworten
  • Confidentiality
  • Non-repudiation
  • Authentication
  • Integrity
  • Availability
  • Authorization

Frage 58

Frage
Select ALL of the correct responses. When performing risk assessment, security personnel do which of the following?
Antworten
  • Identify countermeasures to eliminate risk
  • Identify and evaluate risks, impacts, and countermeasures
  • Determine the extent of threat

Frage 59

Frage
How do security personnel protect classified information and controlled unclassified information?
Antworten
  • Minimize vulnerabilities
  • Manage threats
  • Respond to incidents swiftly and appropriately
  • All of the above

Frage 60

Frage
Select ALL of the correct responses. Which steps of the Risk Management Framework (RMF) are designed to evaluate risk?
Antworten
  • Authorize System
  • Implement Security Controls
  • Assess Security Controls
  • Categorize System
  • Monitor Security Controls
  • Select Security Controls

Frage 61

Frage
Which role monitors, evaluates, and provides advice?
Antworten
  • Security personnel
  • US Cyber Command (USCYBERCOM)
  • DoD Chief Information Officer (CIO)
  • Authorizing Official (AO)

Frage 62

Frage
Which policies and DoD regulations set our cybersecurity standards?
Antworten
  • DoDI 8500.01, Cybersecurity
  • DoDI 8510.01, Risk Management Framework for DoD Information Technology
  • NIST 800-30 Rev 1, Guide for Conducting Risk Assessments
  • All of the above

Frage 63

Frage
Select ALL of the correct responses. Which activities occur during Step 2, Select Security Controls?
Antworten
  • Security Plan Review and Approval
  • Unique Control Identification
  • Security Plan Creation
  • Monitoring Strategy
  • Common Control Identification

Frage 64

Frage
Select ALL of the correct responses. Impact levels are used to perform which of the following?
Antworten
  • Overlay selection
  • Document the security plan
  • Security baseline

Frage 65

Frage
When mitigating risk, what are your options?
Antworten
  • Limitation
  • Acceptance
  • Avoidance
  • All of the above

Frage 66

Frage
What are the implied skills of security personnel?
Antworten
  • Counsel stakeholders on security-related concerns
  • Execute security awareness training
  • Analysis
  • All of the above

Frage 67

Frage
Security controls should not consider legacy security plans.
Antworten
  • True
  • False

Frage 68

Frage
What evolving threats are attempts by hackers to damage or destroy a computer network or system?
Antworten
  • Insider Threat
  • Social Media
  • Cyber Attack
  • Mobile Computing

Frage 69

Frage
Select ALL of the correct responses. What are the Risk Management Framework (RMF) steps designed to mitigate risk?
Antworten
  • Assess Security Controls
  • Implement Security Controls
  • Categorize System
  • Select Security Control

Frage 70

Frage
Who is responsible for final review and authorization?
Antworten
  • Security Controls Assessor (SCA)
  • Chief Information Officer (CIO)
  • Security personnel
  • Authorizing Official (AO)

Frage 71

Frage
Select Security Controls is the only Risk Management Framework (RMF) step designed to mitigate risk.
Antworten
  • True
  • False

Frage 72

Frage
The risk management system provides an overarching methodology to follow when managing cybersecurity risks.
Antworten
  • True
  • False

Frage 73

Frage
Select ALL of the correct responses. What should you look for when assessing vulnerabilities?
Antworten
  • Related threats
  • Rewards
  • Residual risk
  • Likelihood
  • Ease

Frage 74

Frage
Security personnel must be able to identify all cybersecurity concepts.
Antworten
  • True
  • False

Frage 75

Frage
Vulnerabilities are weaknesses that could be exploited to gain unauthorized access to information on an information system.
Antworten
  • True
  • False

Frage 76

Frage
In which step of the Risk Management Framework (RMF) would you implement the decommissioning strategy?
Antworten
  • Step 3 - Implement security controls
  • Step 4 – Assess security controls
  • Step 5 – Authorize system
  • Step 6 – Monitor security controls
Zusammenfassung anzeigen Zusammenfassung ausblenden

Möchten Sie mit GoConqr kostenlos Ihre eigenen Quiz erstellen? eigenen Mehr erfahren.

ähnlicher Inhalt

SFPC (Possible Test Questions)
Casey Neville
PHYSEC Quiz
Casey Neville
INDUSTRIAL Quiz
Casey Neville
PERSEC Quiz
Casey Neville
2.1 Business Influences and Associated Security Risks
DJ Perrone
Die Verwandlung von Franz Kafka
barbara91
Ökologie fürs Abitur - Lernfolien
disubbidienza
Deutsch Abitur 2016: Sprache
Lena S.
PuKW - GESKO WERB
Elisa Kosch
vetie mibi Altfragen 2019
Anne Heyne
STADA Jörg Matthes 2021
Julia W.
Bibliothek durchsuchen