CYBER SECURITY FUNDAMENTALS
POST & PRE-TEST QUESTIONS WITH
ANSWERS 2024
A denial-of-service (DoS) attack occurs when legitimate _________ are unable to
access ________, ______ or other network resources due to the actions of
malicious cyber threat factors
users, Information systems, devices
Which of the following certifications would satisfy IAM level II and IAM level III?
Security+
Which of the following categories require a privileged access agreement?
IA Management
In accordance with AR 25-2, whose responsibility is it to ensure all users receive
initial and annual IA awareness training?
IASO
A ________ and _________ are network infrastructure devices
All
Shoulder Surfing is a good thing because people can get valuable information.
You should never try to protect against this behavior
FALSE
What is the current DoD repository for sharing security authorization packages
and risk assessment data with Authorizing officials?
Army Portfolio Management System (APMS)
What are the three main cloud computing service models
Software as a Service, platform as a Service and Infrastructure as a Service
Interoperability is a weakness in Cloud Computing
TRUE
Encryptions is a way to send a message in ____________
code
What is a Distributed Denial-of-Service attack?
,It occurs when multiple machines are operating together to attack one target
What are the four objectives of planning for security
Identify , design, test and monitor
What is a Virtual Private Network used for
Allows employees to connect securely to their network when away from the office
A precursor is a sign that an incident may occur in the future
True
The two common denial-of-service attacks are
rootkits and botnets
An indication is a sign that an incident may never occur
FALSE
SSID stands for
Service Set Identifier
What does LAMP stands for
Linux, Apache, My SQL and PHP
Viruses, Worms and Trojan horses are types of malicious code
True
What are rootkits
A piece of software that can be installed and hidden on your computer without your
knowledge
How often do all cybersecurity workforce personnel take the Cybersecurity
Fundamental training IAW DA PAM 25-2-6
Every year
How can I protect myself against fake antiviruses
All
What does an Incident Response Plans allows for
A timely and controlled response to security incidents, and attempts to mitigate any
damage or lose
What is Website security
Both A&B
, According to DoD 8570.01-M, the IA technical category consists of how many
levels?
I, II, & III
Individual networks may be affected by DoS attacks without being directly
targeted
True
_____________your wireless data prevents anyone who might be able to access
your network from viewing it
Encrypting
What does LAMP stands for
Linux , Apache, My SQL and PHP
Cybersecurity is not a holistic program to manage Information Technology
related security risk
False
What is a hash function
A fixed-length string of numbers and letters generated from a mathematical algorithm
and an arbitrarily sized message such as an email, document, picture or other type of
data.
How can I protect myself against fake antiviruses
All
A Botnet is a term derived from the idea of bot networks In its most basic form, a
bot is simply an automated computer program, or robot
True
How often do all cybersecurity workforce personnel take the Cybersecurity
Fundamental training IAW DA PAM 25-2-6
Every 3 years
In accordance with AR 25-2, whose responsibility is it to ensure all users receive
initial and annual IA awareness training?
IASO
POST & PRE-TEST QUESTIONS WITH
ANSWERS 2024
A denial-of-service (DoS) attack occurs when legitimate _________ are unable to
access ________, ______ or other network resources due to the actions of
malicious cyber threat factors
users, Information systems, devices
Which of the following certifications would satisfy IAM level II and IAM level III?
Security+
Which of the following categories require a privileged access agreement?
IA Management
In accordance with AR 25-2, whose responsibility is it to ensure all users receive
initial and annual IA awareness training?
IASO
A ________ and _________ are network infrastructure devices
All
Shoulder Surfing is a good thing because people can get valuable information.
You should never try to protect against this behavior
FALSE
What is the current DoD repository for sharing security authorization packages
and risk assessment data with Authorizing officials?
Army Portfolio Management System (APMS)
What are the three main cloud computing service models
Software as a Service, platform as a Service and Infrastructure as a Service
Interoperability is a weakness in Cloud Computing
TRUE
Encryptions is a way to send a message in ____________
code
What is a Distributed Denial-of-Service attack?
,It occurs when multiple machines are operating together to attack one target
What are the four objectives of planning for security
Identify , design, test and monitor
What is a Virtual Private Network used for
Allows employees to connect securely to their network when away from the office
A precursor is a sign that an incident may occur in the future
True
The two common denial-of-service attacks are
rootkits and botnets
An indication is a sign that an incident may never occur
FALSE
SSID stands for
Service Set Identifier
What does LAMP stands for
Linux, Apache, My SQL and PHP
Viruses, Worms and Trojan horses are types of malicious code
True
What are rootkits
A piece of software that can be installed and hidden on your computer without your
knowledge
How often do all cybersecurity workforce personnel take the Cybersecurity
Fundamental training IAW DA PAM 25-2-6
Every year
How can I protect myself against fake antiviruses
All
What does an Incident Response Plans allows for
A timely and controlled response to security incidents, and attempts to mitigate any
damage or lose
What is Website security
Both A&B
, According to DoD 8570.01-M, the IA technical category consists of how many
levels?
I, II, & III
Individual networks may be affected by DoS attacks without being directly
targeted
True
_____________your wireless data prevents anyone who might be able to access
your network from viewing it
Encrypting
What does LAMP stands for
Linux , Apache, My SQL and PHP
Cybersecurity is not a holistic program to manage Information Technology
related security risk
False
What is a hash function
A fixed-length string of numbers and letters generated from a mathematical algorithm
and an arbitrarily sized message such as an email, document, picture or other type of
data.
How can I protect myself against fake antiviruses
All
A Botnet is a term derived from the idea of bot networks In its most basic form, a
bot is simply an automated computer program, or robot
True
How often do all cybersecurity workforce personnel take the Cybersecurity
Fundamental training IAW DA PAM 25-2-6
Every 3 years
In accordance with AR 25-2, whose responsibility is it to ensure all users receive
initial and annual IA awareness training?
IASO
