Copiar y Editar

CYBER Quiz

Descripción

QUESTIONS FROM THE STUDENT GUIDES
Casey Neville
Test por Casey Neville, actualizado hace más de 1 año
Casey Neville
Creado por Casey Neville hace más de 2 años
1798
3
0

Resumen del Recurso

Pregunta 1

Pregunta
What regulations will DoD follow for cybersecurity policy? Select the best answer.
Respuesta
  • DIACAP
  • DoD 8500 Series
  • DCID 6/3
  • DoD 6500 Series

Pregunta 2

Pregunta
What policy partnerships has DoD developed to standardize cybersecurity and protect the unique requirements of DoD missions and warfighters? Select the best answer.
Respuesta
  • CNSS and NIST
  • Tier 1, Tier 2, and Tier 3
  • DIACAP and RMF
  • Platform, Process, and Organization

Pregunta 3

Pregunta
What factors do organizations need to take into account when implementing a holistic approach to organizational risk management? Select all that apply.
Respuesta
  • Strategic Goals and Objectives
  • Relationships between mission/business process
  • Supporting Information Systems
  • Organizational culture and infrastructure

Pregunta 4

Pregunta
PIT systems refer to: Select the best answer.
Respuesta
  • Priority Information Technology
  • Proprietary Information Technology
  • Platform Information Technology
  • Process Information Technology

Pregunta 5

Pregunta
What broad groups does DoD use to categorize information technology? Choose the best answer.
Respuesta
  • Information Systems and PIT
  • Information Systems and Products
  • PIT and Services
  • (a) and (b )
  • (b) and (c )

Pregunta 6

Pregunta
In what Step of the Risk Management Framework is continuous monitoring employed? Select the best answer.
Respuesta
  • Step 1
  • Step 4
  • Step 5
  • Step 6

Pregunta 7

Pregunta
Match the following Steps of the Risk Management Framework to "Step 1 Categorize System"
Respuesta
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Pregunta 8

Pregunta
Match the following Steps of the Risk Management Framework to "Step 2 Select Security Controls"
Respuesta
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Pregunta 9

Pregunta
Match the following Steps of the Risk Management Framework to "Step 3 Implement Security Controls"
Respuesta
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Pregunta 10

Pregunta
Match the following Steps of the Risk Management Framework to "Step 4 Assess Security Controls"
Respuesta
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Pregunta 11

Pregunta
Match the following Steps of the Risk Management Framework to "Step 5 Authorize System"
Respuesta
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Pregunta 12

Pregunta
Match the following Steps of the Risk Management Framework to "Step 6 Monitor Security Controls Activities"
Respuesta
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Pregunta 13

Pregunta
What activities occur in Step 4 of the Risk Management Framework (RMF), Assess Security Controls?
Respuesta
  • Conduct final risk determination
  • Prepare the Plan of Action and Milestones (POA&M)
  • Prepare Security Assessment Report (SAR)
  • All of the above

Pregunta 14

Pregunta
Select ALL of the correct responses. What is included in the security authorization package?
Respuesta
  • Plan of Action and Milestones (POA&M)
  • Security Assessment Report (SAR)
  • Security Plan
  • None of the above

Pregunta 15

Pregunta
Select ALL of the correct responses. What does the information owner do when determining the impact of changes?
Respuesta
  • Document in SAR for the AO to review
  • Provide written and signed report
  • Reports significant changes in the security posture of the system
  • Continuously monitors the system or information environment
  • Periodically assesses the quality of the security controls

Pregunta 16

Pregunta
Select ALL of the correct responses. What types and levels of vulnerabilities should you consider?
Respuesta
  • Information system level
  • Physical security
  • Mission/business process level
  • People
  • Organization level
  • None of the above

Pregunta 17

Pregunta
Confidentiality, integrity, availability, authentication, and non-repudiation are all attributes of cybersecurity.
Respuesta
  • True
  • False

Pregunta 18

Pregunta
What Risk Management Framework (RMF) step is designed to assess risk?
Respuesta
  • Implement Security Controls
  • Categorize System
  • Authorize System
  • Assess Security Controls

Pregunta 19

Pregunta
What is the last step in the Risk Management Framework (RMF)?
Respuesta
  • Implement Security Controls
  • Authorize System
  • Assess Security Controls
  • Categorize System
  • Select Security Controls
  • Monitor Security Controls

Pregunta 20

Pregunta
Where is the implementation of security controls documented?
Respuesta
  • DoD architectures and standards
  • System Security Plan (SSP)
  • Security Technical Implementation Guide (STIG)
  • Security Requirements Guide (SRG)

Pregunta 21

Pregunta
Why do you need to be aware of cybersecurity?
Respuesta
  • To account for and eliminate all risk
  • To appropriately manage risk by mitigating threats and vulnerabilities
  • To ensure all appropriate measures are taken to protect a designated space and ensure only people with permission enter and leave it
  • To uphold all elements of the National Industrial Security Program Operating Manual

Pregunta 22

Pregunta
Select ALL of the correct responses. What are all cybersecurity attributes susceptible to?
Respuesta
  • Disclosure
  • Authorization
  • Vulnerabilities
  • Threats

Pregunta 23

Pregunta
Which steps of the Risk Management Framework (RMF) are designed to evaluate risk?
Respuesta
  • Monitor Security Controls
  • Authorize System
  • Assess Security Controls
  • None of the above
  • All of the above

Pregunta 24

Pregunta
Evaluation ensures that new risks arising from changes are noticed and assessed.
Respuesta
  • True
  • False

Pregunta 25

Pregunta
Select ALL of the correct responses. Which policies and DoD regulations set our cybersecurity standards?
Respuesta
  • DoD 8530.01, Cybersecurity Activities Support to DoD Information Network Operations
  • DoDI 8510.01, Risk Management Framework for DoD Information Technology
  • DoDI 8500.01, Cybersecurity
  • None of the above

Pregunta 26

Pregunta
Which of the following are areas within cybersecurity?
Respuesta
  • Procedural security
  • Physical security
  • Personnel security
  • All of the above

Pregunta 27

Pregunta
Adversarial threats are
Respuesta
  • natural or man-made disasters, unusual natural events, or an infrastructure failure or outage.
  • unintentional threats made by a single user or privileged user or administrator when performing their everyday responsibilities.
  • from individual, group, organization, or nation-state seeking to exploit the organization's dependence on cyber resources.
  • failures of equipment, environmental controls, or software due to aging, resource depletion, or other circumstances.

Pregunta 28

Pregunta
Select ALL of the correct responses. Security personnel need to have which of the following skills?
Respuesta
  • New Technology and Equipment
  • System Categorization
  • Training Others
  • Compilation and Data Aggregation

Pregunta 29

Pregunta
Which of the following provides an overarching methodology to follow when managing cybersecurity risks?
Respuesta
  • Security Assessment Report (SAR)
  • Risk Management System
  • Security Technical Implementation Guide (STIG)
  • Department of Defense Security Skill Standard

Pregunta 30

Pregunta
Engagement and collaboration between security, information technology, and cybersecurity personnel should be proactive and continuous.
Respuesta
  • True
  • False

Pregunta 31

Pregunta
What are the cybersecurity attributes?
Respuesta
  • Confidentiality
  • Integrity
  • Availability
  • Authentication
  • Non-repudiation

Pregunta 32

Pregunta
What is the primary responsibility of security personnel?
Respuesta
  • Direct the operation of and assure the security of the global DoD network
  • Coordinate all DoD network operations
  • Protect classified information and controlled unclassified information from unauthorized disclosure
  • Monitor, evaluate, and provide advice to the Secretary of Defense

Pregunta 33

Pregunta
Why do you need to be aware of cybersecurity?
Respuesta
  • To uphold all elements of the national Security Program Operating Manual.
  • To appropriately manage risk by mitigating threats and vulnerabilities.
  • To examine your own actions and activities to uphold personal accountability
  • To ensure all appropriate measures are taken to protect a place and ensure only people with permission enter and leave it.

Pregunta 34

Pregunta
What is Security personnel’s primary skill in relationship to cybersecurity?
Respuesta
  • Analyze
  • Manage Risk
  • Execute Training
  • Respond to Incidents

Pregunta 35

Pregunta
What are the components of the Risk Management System?
Respuesta
  • Revision
  • Mitigation
  • Assessment
  • Evaluation

Pregunta 36

Pregunta
What are the cybersecurity drivers?
Respuesta
  • NIST 800-30 Rev 1, Guide for conducting Risk Assessments
  • DoD 8530.01, Cybersecurity Activities Support to DoD Information Network Operations
  • DoD 8510.01, Risk Management Framework
  • DoD 8500.01, Cybersecurity
  • DoD Security Policy

Pregunta 37

Pregunta
What are the steps in the Risk Management Framework (RMF)?
Respuesta
  • Monitor Security Controls
  • Categorize System
  • Authorize System
  • Assess Security Controls
  • Select Security Controls
  • Implement Security Controls

Pregunta 38

Pregunta
Which skills do security personnel need?
Respuesta
  • Protect information systems
  • Identify all cybersecurity concepts
  • Identify fundamentals cybersecurity concepts that are related to the protection of classified and controlled unclassified information.
  • Examine their role in protecting DoD’s information systems and the information they process, transmit, and store.

Pregunta 39

Pregunta
What threat environments should you consider?
Respuesta
  • Adversarial
  • Environmental
  • Structural
  • Accidental

Pregunta 40

Pregunta
Which of the following are the activities that occur when performing RMF Step 2, Select Security Controls?
Respuesta
  • Common Control Identification
  • Monitoring Strategy
  • Security Baseline and Overlay Selection
  • Security Plan Review Approval

Pregunta 41

Pregunta
What activities occur during implementation of security controls?
Respuesta
  • Create appropriate training and communication plans
  • Ensure consistency with DoD architectures
  • Document security control implementation in the security plan
  • Identify Security controls available for inheritance

Pregunta 42

Pregunta
What should you look for when assessing vulnerabilities?
Respuesta
  • Residual Risk
  • Ease
  • Likelihood
  • Related Threats
  • Rewards

Pregunta 43

Pregunta
Which steps of the RMF are designed to mitigate risk?
Respuesta
  • Assess Security Controls
  • Monitor Security Controls
  • Select Security Controls
  • Authorize System
  • Implement Security Controls
  • Categorize System

Pregunta 44

Pregunta
Which steps of the RMF are designed to evaluate risk?
Respuesta
  • Select Security Controls
  • Assess Security Controls
  • Monitor Security Controls
  • Authorize System
  • Categorize System
  • Implement Security Controls

Pregunta 45

Pregunta
What activities occur when assessing security controls?
Respuesta
  • Prepare the Plan of Action and Milestones (POA&M)
  • Conduct final risk determination
  • Develop, plan, and approve Security Assessment Plan
  • Prepare Security Assessment Report (SAR)

Pregunta 46

Pregunta
Select ALL of the correct responses. Which of the following forms the basis for remediation actions?
Respuesta
  • Ongoing monitoring activities
  • Outstanding items in the Plan of Action and Milestones (POA&M)
  • Risk assessment
  • Authorizing Official (AO) report

Pregunta 47

Pregunta
What activities occur when authorizing the system?
Respuesta
  • Implement decommissioning strategy
  • Develop, review, and approve Security Assessment Plan
  • Prepare the Plan of Action and Milestones (POA&M)
  • Submit security authorization package

Pregunta 48

Pregunta
Which of the following are areas within cybersecurity?
Respuesta
  • Procedural security
  • Physical security
  • Personnel security
  • All of the above

Pregunta 49

Pregunta
What activities occur when monitoring security controls?
Respuesta
  • Prepare the Plan of Action and Milestones
  • Develop, review, and approve Security Assessment Plan
  • Implement decommissioning strategy
  • Determine impact of changes

Pregunta 50

Pregunta
Select ALL of the correct responses. What are the DoD cybersecurity policies?
Respuesta
  • Operational Resilience
  • Risk Management
  • Performance
  • Identity Assurance
  • Mission Partners

Pregunta 51

Pregunta
Select ALL of the correct responses. Which of the following are cybersecurity skill standards needed by security personnel?
Respuesta
  • Conduct assessment and evaluation of all IT systems
  • Identify and manage all cybersecurity concepts
  • Explain their role in protecting DoD's information systems
  • Identify fundamental cybersecurity concepts that are related to the protection of classified and controlled unclassified information

Pregunta 52

Pregunta
After you complete a risk management system component, you should constantly reassess as you deploy new solutions.
Respuesta
  • True
  • False

Pregunta 53

Pregunta
Confidentiality is the only attribute susceptible to threats and vulnerabilities.
Respuesta
  • True
  • False

Pregunta 54

Pregunta
Cybersecurity is important so that risk is eliminated.
Respuesta
  • True
  • False

Pregunta 55

Pregunta
Categorize System is the RMF step designed to assess risk.
Respuesta
  • True
  • False

Pregunta 56

Pregunta
Who prepares the Security Assessment Report (SAR)?
Respuesta
  • USCYBERCOM
  • Security Controls Assessor (SCA)
  • Security Personnel
  • DoD CIO

Pregunta 57

Pregunta
Select ALL of the correct responses. What are the attributes of cybersecurity?
Respuesta
  • Confidentiality
  • Non-repudiation
  • Authentication
  • Integrity
  • Availability
  • Authorization

Pregunta 58

Pregunta
Select ALL of the correct responses. When performing risk assessment, security personnel do which of the following?
Respuesta
  • Identify countermeasures to eliminate risk
  • Identify and evaluate risks, impacts, and countermeasures
  • Determine the extent of threat

Pregunta 59

Pregunta
How do security personnel protect classified information and controlled unclassified information?
Respuesta
  • Minimize vulnerabilities
  • Manage threats
  • Respond to incidents swiftly and appropriately
  • All of the above

Pregunta 60

Pregunta
Select ALL of the correct responses. Which steps of the Risk Management Framework (RMF) are designed to evaluate risk?
Respuesta
  • Authorize System
  • Implement Security Controls
  • Assess Security Controls
  • Categorize System
  • Monitor Security Controls
  • Select Security Controls

Pregunta 61

Pregunta
Which role monitors, evaluates, and provides advice?
Respuesta
  • Security personnel
  • US Cyber Command (USCYBERCOM)
  • DoD Chief Information Officer (CIO)
  • Authorizing Official (AO)

Pregunta 62

Pregunta
Which policies and DoD regulations set our cybersecurity standards?
Respuesta
  • DoDI 8500.01, Cybersecurity
  • DoDI 8510.01, Risk Management Framework for DoD Information Technology
  • NIST 800-30 Rev 1, Guide for Conducting Risk Assessments
  • All of the above

Pregunta 63

Pregunta
Select ALL of the correct responses. Which activities occur during Step 2, Select Security Controls?
Respuesta
  • Security Plan Review and Approval
  • Unique Control Identification
  • Security Plan Creation
  • Monitoring Strategy
  • Common Control Identification

Pregunta 64

Pregunta
Select ALL of the correct responses. Impact levels are used to perform which of the following?
Respuesta
  • Overlay selection
  • Document the security plan
  • Security baseline

Pregunta 65

Pregunta
When mitigating risk, what are your options?
Respuesta
  • Limitation
  • Acceptance
  • Avoidance
  • All of the above

Pregunta 66

Pregunta
What are the implied skills of security personnel?
Respuesta
  • Counsel stakeholders on security-related concerns
  • Execute security awareness training
  • Analysis
  • All of the above

Pregunta 67

Pregunta
Security controls should not consider legacy security plans.
Respuesta
  • True
  • False

Pregunta 68

Pregunta
What evolving threats are attempts by hackers to damage or destroy a computer network or system?
Respuesta
  • Insider Threat
  • Social Media
  • Cyber Attack
  • Mobile Computing

Pregunta 69

Pregunta
Select ALL of the correct responses. What are the Risk Management Framework (RMF) steps designed to mitigate risk?
Respuesta
  • Assess Security Controls
  • Implement Security Controls
  • Categorize System
  • Select Security Control

Pregunta 70

Pregunta
Who is responsible for final review and authorization?
Respuesta
  • Security Controls Assessor (SCA)
  • Chief Information Officer (CIO)
  • Security personnel
  • Authorizing Official (AO)

Pregunta 71

Pregunta
Select Security Controls is the only Risk Management Framework (RMF) step designed to mitigate risk.
Respuesta
  • True
  • False

Pregunta 72

Pregunta
The risk management system provides an overarching methodology to follow when managing cybersecurity risks.
Respuesta
  • True
  • False

Pregunta 73

Pregunta
Select ALL of the correct responses. What should you look for when assessing vulnerabilities?
Respuesta
  • Related threats
  • Rewards
  • Residual risk
  • Likelihood
  • Ease

Pregunta 74

Pregunta
Security personnel must be able to identify all cybersecurity concepts.
Respuesta
  • True
  • False

Pregunta 75

Pregunta
Vulnerabilities are weaknesses that could be exploited to gain unauthorized access to information on an information system.
Respuesta
  • True
  • False

Pregunta 76

Pregunta
In which step of the Risk Management Framework (RMF) would you implement the decommissioning strategy?
Respuesta
  • Step 3 - Implement security controls
  • Step 4 – Assess security controls
  • Step 5 – Authorize system
  • Step 6 – Monitor security controls
Mostrar resumen completo Ocultar resumen completo

¿Quieres crear tus propios Tests gratis con GoConqr? Más información.

Similar

SFPC (Possible Test Questions)
Casey Neville
PHYSEC Quiz
Casey Neville
INDUSTRIAL Quiz
Casey Neville
PERSEC Quiz
Casey Neville
2.1 Business Influences and Associated Security Risks
DJ Perrone
Al Ándalus
ignaciobll
Test de Auxiliar de Enfermeria para repaso
leyvamiri
Método de registración contable balanceante: partida doble
Pamela Román
Les Participes Passés.
ANTONIO JIMENEZ
Primera Guerra Mundial
Diego Santos
Tejidos animales
Enrique Bravo
Explorar la Librería