CYBER Quiz

Description

QUESTIONS FROM THE STUDENT GUIDES
Casey Neville
Quiz by Casey Neville, updated more than 1 year ago
Casey Neville
Created by Casey Neville over 2 years ago
1843
3

Resource summary

Question 1

Question
What regulations will DoD follow for cybersecurity policy? Select the best answer.
Answer
  • DIACAP
  • DoD 8500 Series
  • DCID 6/3
  • DoD 6500 Series

Question 2

Question
What policy partnerships has DoD developed to standardize cybersecurity and protect the unique requirements of DoD missions and warfighters? Select the best answer.
Answer
  • CNSS and NIST
  • Tier 1, Tier 2, and Tier 3
  • DIACAP and RMF
  • Platform, Process, and Organization

Question 3

Question
What factors do organizations need to take into account when implementing a holistic approach to organizational risk management? Select all that apply.
Answer
  • Strategic Goals and Objectives
  • Relationships between mission/business process
  • Supporting Information Systems
  • Organizational culture and infrastructure

Question 4

Question
PIT systems refer to: Select the best answer.
Answer
  • Priority Information Technology
  • Proprietary Information Technology
  • Platform Information Technology
  • Process Information Technology

Question 5

Question
What broad groups does DoD use to categorize information technology? Choose the best answer.
Answer
  • Information Systems and PIT
  • Information Systems and Products
  • PIT and Services
  • (a) and (b )
  • (b) and (c )

Question 6

Question
In what Step of the Risk Management Framework is continuous monitoring employed? Select the best answer.
Answer
  • Step 1
  • Step 4
  • Step 5
  • Step 6

Question 7

Question
Match the following Steps of the Risk Management Framework to "Step 1 Categorize System"
Answer
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Question 8

Question
Match the following Steps of the Risk Management Framework to "Step 2 Select Security Controls"
Answer
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Question 9

Question
Match the following Steps of the Risk Management Framework to "Step 3 Implement Security Controls"
Answer
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Question 10

Question
Match the following Steps of the Risk Management Framework to "Step 4 Assess Security Controls"
Answer
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Question 11

Question
Match the following Steps of the Risk Management Framework to "Step 5 Authorize System"
Answer
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Question 12

Question
Match the following Steps of the Risk Management Framework to "Step 6 Monitor Security Controls Activities"
Answer
  • Register System with DoD
  • Common Control Identification
  • Implement Control Solutions
  • Develop & Approve Security Assessment Plan
  • AO Conducts Final Risk Determination
  • Determine Impact of changes to the system & environment

Question 13

Question
What activities occur in Step 4 of the Risk Management Framework (RMF), Assess Security Controls?
Answer
  • Conduct final risk determination
  • Prepare the Plan of Action and Milestones (POA&M)
  • Prepare Security Assessment Report (SAR)
  • All of the above

Question 14

Question
Select ALL of the correct responses. What is included in the security authorization package?
Answer
  • Plan of Action and Milestones (POA&M)
  • Security Assessment Report (SAR)
  • Security Plan
  • None of the above

Question 15

Question
Select ALL of the correct responses. What does the information owner do when determining the impact of changes?
Answer
  • Document in SAR for the AO to review
  • Provide written and signed report
  • Reports significant changes in the security posture of the system
  • Continuously monitors the system or information environment
  • Periodically assesses the quality of the security controls

Question 16

Question
Select ALL of the correct responses. What types and levels of vulnerabilities should you consider?
Answer
  • Information system level
  • Physical security
  • Mission/business process level
  • People
  • Organization level
  • None of the above

Question 17

Question
Confidentiality, integrity, availability, authentication, and non-repudiation are all attributes of cybersecurity.
Answer
  • True
  • False

Question 18

Question
What Risk Management Framework (RMF) step is designed to assess risk?
Answer
  • Implement Security Controls
  • Categorize System
  • Authorize System
  • Assess Security Controls

Question 19

Question
What is the last step in the Risk Management Framework (RMF)?
Answer
  • Implement Security Controls
  • Authorize System
  • Assess Security Controls
  • Categorize System
  • Select Security Controls
  • Monitor Security Controls

Question 20

Question
Where is the implementation of security controls documented?
Answer
  • DoD architectures and standards
  • System Security Plan (SSP)
  • Security Technical Implementation Guide (STIG)
  • Security Requirements Guide (SRG)

Question 21

Question
Why do you need to be aware of cybersecurity?
Answer
  • To account for and eliminate all risk
  • To appropriately manage risk by mitigating threats and vulnerabilities
  • To ensure all appropriate measures are taken to protect a designated space and ensure only people with permission enter and leave it
  • To uphold all elements of the National Industrial Security Program Operating Manual

Question 22

Question
Select ALL of the correct responses. What are all cybersecurity attributes susceptible to?
Answer
  • Disclosure
  • Authorization
  • Vulnerabilities
  • Threats

Question 23

Question
Which steps of the Risk Management Framework (RMF) are designed to evaluate risk?
Answer
  • Monitor Security Controls
  • Authorize System
  • Assess Security Controls
  • None of the above
  • All of the above

Question 24

Question
Evaluation ensures that new risks arising from changes are noticed and assessed.
Answer
  • True
  • False

Question 25

Question
Select ALL of the correct responses. Which policies and DoD regulations set our cybersecurity standards?
Answer
  • DoD 8530.01, Cybersecurity Activities Support to DoD Information Network Operations
  • DoDI 8510.01, Risk Management Framework for DoD Information Technology
  • DoDI 8500.01, Cybersecurity
  • None of the above

Question 26

Question
Which of the following are areas within cybersecurity?
Answer
  • Procedural security
  • Physical security
  • Personnel security
  • All of the above

Question 27

Question
Adversarial threats are
Answer
  • natural or man-made disasters, unusual natural events, or an infrastructure failure or outage.
  • unintentional threats made by a single user or privileged user or administrator when performing their everyday responsibilities.
  • from individual, group, organization, or nation-state seeking to exploit the organization's dependence on cyber resources.
  • failures of equipment, environmental controls, or software due to aging, resource depletion, or other circumstances.

Question 28

Question
Select ALL of the correct responses. Security personnel need to have which of the following skills?
Answer
  • New Technology and Equipment
  • System Categorization
  • Training Others
  • Compilation and Data Aggregation

Question 29

Question
Which of the following provides an overarching methodology to follow when managing cybersecurity risks?
Answer
  • Security Assessment Report (SAR)
  • Risk Management System
  • Security Technical Implementation Guide (STIG)
  • Department of Defense Security Skill Standard

Question 30

Question
Engagement and collaboration between security, information technology, and cybersecurity personnel should be proactive and continuous.
Answer
  • True
  • False

Question 31

Question
What are the cybersecurity attributes?
Answer
  • Confidentiality
  • Integrity
  • Availability
  • Authentication
  • Non-repudiation

Question 32

Question
What is the primary responsibility of security personnel?
Answer
  • Direct the operation of and assure the security of the global DoD network
  • Coordinate all DoD network operations
  • Protect classified information and controlled unclassified information from unauthorized disclosure
  • Monitor, evaluate, and provide advice to the Secretary of Defense

Question 33

Question
Why do you need to be aware of cybersecurity?
Answer
  • To uphold all elements of the national Security Program Operating Manual.
  • To appropriately manage risk by mitigating threats and vulnerabilities.
  • To examine your own actions and activities to uphold personal accountability
  • To ensure all appropriate measures are taken to protect a place and ensure only people with permission enter and leave it.

Question 34

Question
What is Security personnel’s primary skill in relationship to cybersecurity?
Answer
  • Analyze
  • Manage Risk
  • Execute Training
  • Respond to Incidents

Question 35

Question
What are the components of the Risk Management System?
Answer
  • Revision
  • Mitigation
  • Assessment
  • Evaluation

Question 36

Question
What are the cybersecurity drivers?
Answer
  • NIST 800-30 Rev 1, Guide for conducting Risk Assessments
  • DoD 8530.01, Cybersecurity Activities Support to DoD Information Network Operations
  • DoD 8510.01, Risk Management Framework
  • DoD 8500.01, Cybersecurity
  • DoD Security Policy

Question 37

Question
What are the steps in the Risk Management Framework (RMF)?
Answer
  • Monitor Security Controls
  • Categorize System
  • Authorize System
  • Assess Security Controls
  • Select Security Controls
  • Implement Security Controls

Question 38

Question
Which skills do security personnel need?
Answer
  • Protect information systems
  • Identify all cybersecurity concepts
  • Identify fundamentals cybersecurity concepts that are related to the protection of classified and controlled unclassified information.
  • Examine their role in protecting DoD’s information systems and the information they process, transmit, and store.

Question 39

Question
What threat environments should you consider?
Answer
  • Adversarial
  • Environmental
  • Structural
  • Accidental

Question 40

Question
Which of the following are the activities that occur when performing RMF Step 2, Select Security Controls?
Answer
  • Common Control Identification
  • Monitoring Strategy
  • Security Baseline and Overlay Selection
  • Security Plan Review Approval

Question 41

Question
What activities occur during implementation of security controls?
Answer
  • Create appropriate training and communication plans
  • Ensure consistency with DoD architectures
  • Document security control implementation in the security plan
  • Identify Security controls available for inheritance

Question 42

Question
What should you look for when assessing vulnerabilities?
Answer
  • Residual Risk
  • Ease
  • Likelihood
  • Related Threats
  • Rewards

Question 43

Question
Which steps of the RMF are designed to mitigate risk?
Answer
  • Assess Security Controls
  • Monitor Security Controls
  • Select Security Controls
  • Authorize System
  • Implement Security Controls
  • Categorize System

Question 44

Question
Which steps of the RMF are designed to evaluate risk?
Answer
  • Select Security Controls
  • Assess Security Controls
  • Monitor Security Controls
  • Authorize System
  • Categorize System
  • Implement Security Controls

Question 45

Question
What activities occur when assessing security controls?
Answer
  • Prepare the Plan of Action and Milestones (POA&M)
  • Conduct final risk determination
  • Develop, plan, and approve Security Assessment Plan
  • Prepare Security Assessment Report (SAR)

Question 46

Question
Select ALL of the correct responses. Which of the following forms the basis for remediation actions?
Answer
  • Ongoing monitoring activities
  • Outstanding items in the Plan of Action and Milestones (POA&M)
  • Risk assessment
  • Authorizing Official (AO) report

Question 47

Question
What activities occur when authorizing the system?
Answer
  • Implement decommissioning strategy
  • Develop, review, and approve Security Assessment Plan
  • Prepare the Plan of Action and Milestones (POA&M)
  • Submit security authorization package

Question 48

Question
Which of the following are areas within cybersecurity?
Answer
  • Procedural security
  • Physical security
  • Personnel security
  • All of the above

Question 49

Question
What activities occur when monitoring security controls?
Answer
  • Prepare the Plan of Action and Milestones
  • Develop, review, and approve Security Assessment Plan
  • Implement decommissioning strategy
  • Determine impact of changes

Question 50

Question
Select ALL of the correct responses. What are the DoD cybersecurity policies?
Answer
  • Operational Resilience
  • Risk Management
  • Performance
  • Identity Assurance
  • Mission Partners

Question 51

Question
Select ALL of the correct responses. Which of the following are cybersecurity skill standards needed by security personnel?
Answer
  • Conduct assessment and evaluation of all IT systems
  • Identify and manage all cybersecurity concepts
  • Explain their role in protecting DoD's information systems
  • Identify fundamental cybersecurity concepts that are related to the protection of classified and controlled unclassified information

Question 52

Question
After you complete a risk management system component, you should constantly reassess as you deploy new solutions.
Answer
  • True
  • False

Question 53

Question
Confidentiality is the only attribute susceptible to threats and vulnerabilities.
Answer
  • True
  • False

Question 54

Question
Cybersecurity is important so that risk is eliminated.
Answer
  • True
  • False

Question 55

Question
Categorize System is the RMF step designed to assess risk.
Answer
  • True
  • False

Question 56

Question
Who prepares the Security Assessment Report (SAR)?
Answer
  • USCYBERCOM
  • Security Controls Assessor (SCA)
  • Security Personnel
  • DoD CIO

Question 57

Question
Select ALL of the correct responses. What are the attributes of cybersecurity?
Answer
  • Confidentiality
  • Non-repudiation
  • Authentication
  • Integrity
  • Availability
  • Authorization

Question 58

Question
Select ALL of the correct responses. When performing risk assessment, security personnel do which of the following?
Answer
  • Identify countermeasures to eliminate risk
  • Identify and evaluate risks, impacts, and countermeasures
  • Determine the extent of threat

Question 59

Question
How do security personnel protect classified information and controlled unclassified information?
Answer
  • Minimize vulnerabilities
  • Manage threats
  • Respond to incidents swiftly and appropriately
  • All of the above

Question 60

Question
Select ALL of the correct responses. Which steps of the Risk Management Framework (RMF) are designed to evaluate risk?
Answer
  • Authorize System
  • Implement Security Controls
  • Assess Security Controls
  • Categorize System
  • Monitor Security Controls
  • Select Security Controls

Question 61

Question
Which role monitors, evaluates, and provides advice?
Answer
  • Security personnel
  • US Cyber Command (USCYBERCOM)
  • DoD Chief Information Officer (CIO)
  • Authorizing Official (AO)

Question 62

Question
Which policies and DoD regulations set our cybersecurity standards?
Answer
  • DoDI 8500.01, Cybersecurity
  • DoDI 8510.01, Risk Management Framework for DoD Information Technology
  • NIST 800-30 Rev 1, Guide for Conducting Risk Assessments
  • All of the above

Question 63

Question
Select ALL of the correct responses. Which activities occur during Step 2, Select Security Controls?
Answer
  • Security Plan Review and Approval
  • Unique Control Identification
  • Security Plan Creation
  • Monitoring Strategy
  • Common Control Identification

Question 64

Question
Select ALL of the correct responses. Impact levels are used to perform which of the following?
Answer
  • Overlay selection
  • Document the security plan
  • Security baseline

Question 65

Question
When mitigating risk, what are your options?
Answer
  • Limitation
  • Acceptance
  • Avoidance
  • All of the above

Question 66

Question
What are the implied skills of security personnel?
Answer
  • Counsel stakeholders on security-related concerns
  • Execute security awareness training
  • Analysis
  • All of the above

Question 67

Question
Security controls should not consider legacy security plans.
Answer
  • True
  • False

Question 68

Question
What evolving threats are attempts by hackers to damage or destroy a computer network or system?
Answer
  • Insider Threat
  • Social Media
  • Cyber Attack
  • Mobile Computing

Question 69

Question
Select ALL of the correct responses. What are the Risk Management Framework (RMF) steps designed to mitigate risk?
Answer
  • Assess Security Controls
  • Implement Security Controls
  • Categorize System
  • Select Security Control

Question 70

Question
Who is responsible for final review and authorization?
Answer
  • Security Controls Assessor (SCA)
  • Chief Information Officer (CIO)
  • Security personnel
  • Authorizing Official (AO)

Question 71

Question
Select Security Controls is the only Risk Management Framework (RMF) step designed to mitigate risk.
Answer
  • True
  • False

Question 72

Question
The risk management system provides an overarching methodology to follow when managing cybersecurity risks.
Answer
  • True
  • False

Question 73

Question
Select ALL of the correct responses. What should you look for when assessing vulnerabilities?
Answer
  • Related threats
  • Rewards
  • Residual risk
  • Likelihood
  • Ease

Question 74

Question
Security personnel must be able to identify all cybersecurity concepts.
Answer
  • True
  • False

Question 75

Question
Vulnerabilities are weaknesses that could be exploited to gain unauthorized access to information on an information system.
Answer
  • True
  • False

Question 76

Question
In which step of the Risk Management Framework (RMF) would you implement the decommissioning strategy?
Answer
  • Step 3 - Implement security controls
  • Step 4 – Assess security controls
  • Step 5 – Authorize system
  • Step 6 – Monitor security controls
Show full summary Hide full summary

Similar

SFPC (Possible Test Questions)
Casey Neville
PHYSEC Quiz
Casey Neville
INDUSTRIAL Quiz
Casey Neville
PERSEC Quiz
Casey Neville
2.1 Business Influences and Associated Security Risks
DJ Perrone
Computing
Ben Leader
Symbols in Lord of the Flies
lowri_luxton
AS Biology - Types of Carbohydrates.
pheebzda
Sociology: Crime and Deviance Flash cards
Beth Morley
Passing Dark Colored Urine
Batool Aldaher
TISSUE TYPES
Missi Shoup