CYBER Quiz

Descrição

QUESTIONS FROM THE STUDENT GUIDES
Casey Neville
Quiz por Casey Neville, atualizado more than 1 year ago
Casey Neville
Criado por Casey Neville mais de 2 anos atrás
1843
3

Resumo de Recurso

Questão 1

Questão
What regulations will DoD follow for cybersecurity policy? Select the best answer.
Responda
  • DIACAP
  • DoD 8500 Series
  • DCID 6/3
  • DoD 6500 Series

Questão 2

Questão
What policy partnerships has DoD developed to standardize cybersecurity and protect the unique requirements of DoD missions and warfighters? Select the best answer.
Responda
  • CNSS and NIST
  • Tier 1, Tier 2, and Tier 3
  • DIACAP and RMF
  • Platform, Process, and Organization

Questão 3

Questão
What factors do organizations need to take into account when implementing a holistic approach to organizational risk management? Select all that apply.
Responda
  • Strategic Goals and Objectives
  • Relationships between mission/business process
  • Supporting Information Systems
  • Organizational culture and infrastructure

Questão 4

Questão
PIT systems refer to: Select the best answer.
Responda
  • Priority Information Technology
  • Proprietary Information Technology
  • Platform Information Technology
  • Process Information Technology

Questão 5

Questão
What broad groups does DoD use to categorize information technology? Choose the best answer.
Responda
  • Information Systems and PIT
  • Information Systems and Products
  • PIT and Services
  • (a) and (b )
  • (b) and (c )

Questão 6

Questão
In what Step of the Risk Management Framework is continuous monitoring employed? Select the best answer.
Responda
  • Step 1
  • Step 4
  • Step 5
  • Step 6

Questão 7

Questão
Match the following Steps of the Risk Management Framework to "Step 1 Categorize System"
Responda
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Questão 8

Questão
Match the following Steps of the Risk Management Framework to "Step 2 Select Security Controls"
Responda
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Questão 9

Questão
Match the following Steps of the Risk Management Framework to "Step 3 Implement Security Controls"
Responda
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Questão 10

Questão
Match the following Steps of the Risk Management Framework to "Step 4 Assess Security Controls"
Responda
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Questão 11

Questão
Match the following Steps of the Risk Management Framework to "Step 5 Authorize System"
Responda
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Questão 12

Questão
Match the following Steps of the Risk Management Framework to "Step 6 Monitor Security Controls Activities"
Responda
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Questão 13

Questão
What activities occur in Step 4 of the Risk Management Framework (RMF), Assess Security Controls?
Responda
  • Conduct final risk determination
  • Prepare the Plan of Action and Milestones (POA&M)
  • Prepare Security Assessment Report (SAR)
  • All of the above

Questão 14

Questão
Select ALL of the correct responses. What is included in the security authorization package?
Responda
  • Plan of Action and Milestones (POA&M)
  • Security Assessment Report (SAR)
  • Security Plan
  • None of the above

Questão 15

Questão
Select ALL of the correct responses. What does the information owner do when determining the impact of changes?
Responda
  • Document in SAR for the AO to review
  • Provide written and signed report
  • Reports significant changes in the security posture of the system
  • Continuously monitors the system or information environment
  • Periodically assesses the quality of the security controls

Questão 16

Questão
Select ALL of the correct responses. What types and levels of vulnerabilities should you consider?
Responda
  • Information system level
  • Physical security
  • Mission/business process level
  • People
  • Organization level
  • None of the above

Questão 17

Questão
Confidentiality, integrity, availability, authentication, and non-repudiation are all attributes of cybersecurity.
Responda
  • True
  • False

Questão 18

Questão
What Risk Management Framework (RMF) step is designed to assess risk?
Responda
  • Implement Security Controls
  • Categorize System
  • Authorize System
  • Assess Security Controls

Questão 19

Questão
What is the last step in the Risk Management Framework (RMF)?
Responda
  • Implement Security Controls
  • Authorize System
  • Assess Security Controls
  • Categorize System
  • Select Security Controls
  • Monitor Security Controls

Questão 20

Questão
Where is the implementation of security controls documented?
Responda
  • DoD architectures and standards
  • System Security Plan (SSP)
  • Security Technical Implementation Guide (STIG)
  • Security Requirements Guide (SRG)

Questão 21

Questão
Why do you need to be aware of cybersecurity?
Responda
  • To account for and eliminate all risk
  • To appropriately manage risk by mitigating threats and vulnerabilities
  • To ensure all appropriate measures are taken to protect a designated space and ensure only people with permission enter and leave it
  • To uphold all elements of the National Industrial Security Program Operating Manual

Questão 22

Questão
Select ALL of the correct responses. What are all cybersecurity attributes susceptible to?
Responda
  • Disclosure
  • Authorization
  • Vulnerabilities
  • Threats

Questão 23

Questão
Which steps of the Risk Management Framework (RMF) are designed to evaluate risk?
Responda
  • Monitor Security Controls
  • Authorize System
  • Assess Security Controls
  • None of the above
  • All of the above

Questão 24

Questão
Evaluation ensures that new risks arising from changes are noticed and assessed.
Responda
  • True
  • False

Questão 25

Questão
Select ALL of the correct responses. Which policies and DoD regulations set our cybersecurity standards?
Responda
  • DoD 8530.01, Cybersecurity Activities Support to DoD Information Network Operations
  • DoDI 8510.01, Risk Management Framework for DoD Information Technology
  • DoDI 8500.01, Cybersecurity
  • None of the above

Questão 26

Questão
Which of the following are areas within cybersecurity?
Responda
  • Procedural security
  • Physical security
  • Personnel security
  • All of the above

Questão 27

Questão
Adversarial threats are
Responda
  • natural or man-made disasters, unusual natural events, or an infrastructure failure or outage.
  • unintentional threats made by a single user or privileged user or administrator when performing their everyday responsibilities.
  • from individual, group, organization, or nation-state seeking to exploit the organization's dependence on cyber resources.
  • failures of equipment, environmental controls, or software due to aging, resource depletion, or other circumstances.

Questão 28

Questão
Select ALL of the correct responses. Security personnel need to have which of the following skills?
Responda
  • New Technology and Equipment
  • System Categorization
  • Training Others
  • Compilation and Data Aggregation

Questão 29

Questão
Which of the following provides an overarching methodology to follow when managing cybersecurity risks?
Responda
  • Security Assessment Report (SAR)
  • Risk Management System
  • Security Technical Implementation Guide (STIG)
  • Department of Defense Security Skill Standard

Questão 30

Questão
Engagement and collaboration between security, information technology, and cybersecurity personnel should be proactive and continuous.
Responda
  • True
  • False

Questão 31

Questão
What are the cybersecurity attributes?
Responda
  • Confidentiality
  • Integrity
  • Availability
  • Authentication
  • Non-repudiation

Questão 32

Questão
What is the primary responsibility of security personnel?
Responda
  • Direct the operation of and assure the security of the global DoD network
  • Coordinate all DoD network operations
  • Protect classified information and controlled unclassified information from unauthorized disclosure
  • Monitor, evaluate, and provide advice to the Secretary of Defense

Questão 33

Questão
Why do you need to be aware of cybersecurity?
Responda
  • To uphold all elements of the national Security Program Operating Manual.
  • To appropriately manage risk by mitigating threats and vulnerabilities.
  • To examine your own actions and activities to uphold personal accountability
  • To ensure all appropriate measures are taken to protect a place and ensure only people with permission enter and leave it.

Questão 34

Questão
What is Security personnel’s primary skill in relationship to cybersecurity?
Responda
  • Analyze
  • Manage Risk
  • Execute Training
  • Respond to Incidents

Questão 35

Questão
What are the components of the Risk Management System?
Responda
  • Revision
  • Mitigation
  • Assessment
  • Evaluation

Questão 36

Questão
What are the cybersecurity drivers?
Responda
  • NIST 800-30 Rev 1, Guide for conducting Risk Assessments
  • DoD 8530.01, Cybersecurity Activities Support to DoD Information Network Operations
  • DoD 8510.01, Risk Management Framework
  • DoD 8500.01, Cybersecurity
  • DoD Security Policy

Questão 37

Questão
What are the steps in the Risk Management Framework (RMF)?
Responda
  • Monitor Security Controls
  • Categorize System
  • Authorize System
  • Assess Security Controls
  • Select Security Controls
  • Implement Security Controls

Questão 38

Questão
Which skills do security personnel need?
Responda
  • Protect information systems
  • Identify all cybersecurity concepts
  • Identify fundamentals cybersecurity concepts that are related to the protection of classified and controlled unclassified information.
  • Examine their role in protecting DoD’s information systems and the information they process, transmit, and store.

Questão 39

Questão
What threat environments should you consider?
Responda
  • Adversarial
  • Environmental
  • Structural
  • Accidental

Questão 40

Questão
Which of the following are the activities that occur when performing RMF Step 2, Select Security Controls?
Responda
  • Common Control Identification
  • Monitoring Strategy
  • Security Baseline and Overlay Selection
  • Security Plan Review Approval

Questão 41

Questão
What activities occur during implementation of security controls?
Responda
  • Create appropriate training and communication plans
  • Ensure consistency with DoD architectures
  • Document security control implementation in the security plan
  • Identify Security controls available for inheritance

Questão 42

Questão
What should you look for when assessing vulnerabilities?
Responda
  • Residual Risk
  • Ease
  • Likelihood
  • Related Threats
  • Rewards

Questão 43

Questão
Which steps of the RMF are designed to mitigate risk?
Responda
  • Assess Security Controls
  • Monitor Security Controls
  • Select Security Controls
  • Authorize System
  • Implement Security Controls
  • Categorize System

Questão 44

Questão
Which steps of the RMF are designed to evaluate risk?
Responda
  • Select Security Controls
  • Assess Security Controls
  • Monitor Security Controls
  • Authorize System
  • Categorize System
  • Implement Security Controls

Questão 45

Questão
What activities occur when assessing security controls?
Responda
  • Prepare the Plan of Action and Milestones (POA&M)
  • Conduct final risk determination
  • Develop, plan, and approve Security Assessment Plan
  • Prepare Security Assessment Report (SAR)

Questão 46

Questão
Select ALL of the correct responses. Which of the following forms the basis for remediation actions?
Responda
  • Ongoing monitoring activities
  • Outstanding items in the Plan of Action and Milestones (POA&M)
  • Risk assessment
  • Authorizing Official (AO) report

Questão 47

Questão
What activities occur when authorizing the system?
Responda
  • Implement decommissioning strategy
  • Develop, review, and approve Security Assessment Plan
  • Prepare the Plan of Action and Milestones (POA&M)
  • Submit security authorization package

Questão 48

Questão
Which of the following are areas within cybersecurity?
Responda
  • Procedural security
  • Physical security
  • Personnel security
  • All of the above

Questão 49

Questão
What activities occur when monitoring security controls?
Responda
  • Prepare the Plan of Action and Milestones
  • Develop, review, and approve Security Assessment Plan
  • Implement decommissioning strategy
  • Determine impact of changes

Questão 50

Questão
Select ALL of the correct responses. What are the DoD cybersecurity policies?
Responda
  • Operational Resilience
  • Risk Management
  • Performance
  • Identity Assurance
  • Mission Partners

Questão 51

Questão
Select ALL of the correct responses. Which of the following are cybersecurity skill standards needed by security personnel?
Responda
  • Conduct assessment and evaluation of all IT systems
  • Identify and manage all cybersecurity concepts
  • Explain their role in protecting DoD's information systems
  • Identify fundamental cybersecurity concepts that are related to the protection of classified and controlled unclassified information

Questão 52

Questão
After you complete a risk management system component, you should constantly reassess as you deploy new solutions.
Responda
  • True
  • False

Questão 53

Questão
Confidentiality is the only attribute susceptible to threats and vulnerabilities.
Responda
  • True
  • False

Questão 54

Questão
Cybersecurity is important so that risk is eliminated.
Responda
  • True
  • False

Questão 55

Questão
Categorize System is the RMF step designed to assess risk.
Responda
  • True
  • False

Questão 56

Questão
Who prepares the Security Assessment Report (SAR)?
Responda
  • USCYBERCOM
  • Security Controls Assessor (SCA)
  • Security Personnel
  • DoD CIO

Questão 57

Questão
Select ALL of the correct responses. What are the attributes of cybersecurity?
Responda
  • Confidentiality
  • Non-repudiation
  • Authentication
  • Integrity
  • Availability
  • Authorization

Questão 58

Questão
Select ALL of the correct responses. When performing risk assessment, security personnel do which of the following?
Responda
  • Identify countermeasures to eliminate risk
  • Identify and evaluate risks, impacts, and countermeasures
  • Determine the extent of threat

Questão 59

Questão
How do security personnel protect classified information and controlled unclassified information?
Responda
  • Minimize vulnerabilities
  • Manage threats
  • Respond to incidents swiftly and appropriately
  • All of the above

Questão 60

Questão
Select ALL of the correct responses. Which steps of the Risk Management Framework (RMF) are designed to evaluate risk?
Responda
  • Authorize System
  • Implement Security Controls
  • Assess Security Controls
  • Categorize System
  • Monitor Security Controls
  • Select Security Controls

Questão 61

Questão
Which role monitors, evaluates, and provides advice?
Responda
  • Security personnel
  • US Cyber Command (USCYBERCOM)
  • DoD Chief Information Officer (CIO)
  • Authorizing Official (AO)

Questão 62

Questão
Which policies and DoD regulations set our cybersecurity standards?
Responda
  • DoDI 8500.01, Cybersecurity
  • DoDI 8510.01, Risk Management Framework for DoD Information Technology
  • NIST 800-30 Rev 1, Guide for Conducting Risk Assessments
  • All of the above

Questão 63

Questão
Select ALL of the correct responses. Which activities occur during Step 2, Select Security Controls?
Responda
  • Security Plan Review and Approval
  • Unique Control Identification
  • Security Plan Creation
  • Monitoring Strategy
  • Common Control Identification

Questão 64

Questão
Select ALL of the correct responses. Impact levels are used to perform which of the following?
Responda
  • Overlay selection
  • Document the security plan
  • Security baseline

Questão 65

Questão
When mitigating risk, what are your options?
Responda
  • Limitation
  • Acceptance
  • Avoidance
  • All of the above

Questão 66

Questão
What are the implied skills of security personnel?
Responda
  • Counsel stakeholders on security-related concerns
  • Execute security awareness training
  • Analysis
  • All of the above

Questão 67

Questão
Security controls should not consider legacy security plans.
Responda
  • True
  • False

Questão 68

Questão
What evolving threats are attempts by hackers to damage or destroy a computer network or system?
Responda
  • Insider Threat
  • Social Media
  • Cyber Attack
  • Mobile Computing

Questão 69

Questão
Select ALL of the correct responses. What are the Risk Management Framework (RMF) steps designed to mitigate risk?
Responda
  • Assess Security Controls
  • Implement Security Controls
  • Categorize System
  • Select Security Control

Questão 70

Questão
Who is responsible for final review and authorization?
Responda
  • Security Controls Assessor (SCA)
  • Chief Information Officer (CIO)
  • Security personnel
  • Authorizing Official (AO)

Questão 71

Questão
Select Security Controls is the only Risk Management Framework (RMF) step designed to mitigate risk.
Responda
  • True
  • False

Questão 72

Questão
The risk management system provides an overarching methodology to follow when managing cybersecurity risks.
Responda
  • True
  • False

Questão 73

Questão
Select ALL of the correct responses. What should you look for when assessing vulnerabilities?
Responda
  • Related threats
  • Rewards
  • Residual risk
  • Likelihood
  • Ease

Questão 74

Questão
Security personnel must be able to identify all cybersecurity concepts.
Responda
  • True
  • False

Questão 75

Questão
Vulnerabilities are weaknesses that could be exploited to gain unauthorized access to information on an information system.
Responda
  • True
  • False

Questão 76

Questão
In which step of the Risk Management Framework (RMF) would you implement the decommissioning strategy?
Responda
  • Step 3 - Implement security controls
  • Step 4 – Assess security controls
  • Step 5 – Authorize system
  • Step 6 – Monitor security controls

Semelhante

SFPC (Possible Test Questions)
Casey Neville
PHYSEC Quiz
Casey Neville
INDUSTRIAL Quiz
Casey Neville
PERSEC Quiz
Casey Neville
2.1 Business Influences and Associated Security Risks
DJ Perrone
Francês
BeatrizL
DIREITOS FUNDAMENTAIS CARACTERÍSTICAS
veleal
Evolução Biológica: os mecanismos. A formação de novas espécies I
Bruno Fernandes3682
Modelos Atômicos
Caio Carboni
ÁRVORE DOS SONHOS_UCBV
SBMS SBMS
Sistema Urinário
mariana monteiro