Annex E UPDATED Exam Questions and
CORRECT Answers
The protection of information and information systems from unauthorized access, use,
disclosure, disruption, modification, or destruction in order to ensure confidentiality,
integrity, and availability. Is the definition of?
a. Information Security
b. Cyberspace
c. Information Operations
d. Cyberspace Operations - CORRECT ANSWER- a. Information Security
The process of tracking and approving changes to the system.
a. Documentation
b. Media Control
c. Backups
d. Configuration Management - CORRECT ANSWER- d. Configuration Management
A unit policy on "Bring your own device to work" is an example of a:
a. System Specific Policy
b. Program Policy
c. Guideline
d. Issue Specific Policy - CORRECT ANSWER- d. Issue Specific Policy
_____________ are network focused and threat-agnostic while _____________ are threat-
specific and frequently support mission assurance objectives.
a. DCO, OCO
b. DCO, DoDIN Ops
, c. DoDIN Ops, DCO
d. DoDIN Ops, OCO - CORRECT ANSWER- c. DoDIN Ops, DCO
Identifies a set of cybersecurity activities that are required for to protect the DoDIN.
a. JP 3-12
b. DODI 8500.1
c. DODI 8530.01
d. NIST SP 800-12R2 - CORRECT ANSWER- c. DODI 8530.01
5.02 - CORRECT ANSWER- 5.02
Establishes and manages the cybersecurity program within a command, site, system, or
enclave in accordance with DoD, DON, and Marine Corps cybersecurity guidance and
policies
a. System Administrator
b. Network Administrator
c. Information System Security Manager
d. Information System Security Officer - CORRECT ANSWER- c. Information System
Security Manager
A common security strategy used to provide a protective multilayer barrier against various
forms of attack.
a. Access Control
b. Packet Filtering
c. Vulnerability Scan
d. Defense-in-Depth - CORRECT ANSWER- d. Defense-in-Depth
Any vulnerability, the exploitation of which will directly and immediately result in loss of
Confidentiality, Availability, or Integrity.
CORRECT Answers
The protection of information and information systems from unauthorized access, use,
disclosure, disruption, modification, or destruction in order to ensure confidentiality,
integrity, and availability. Is the definition of?
a. Information Security
b. Cyberspace
c. Information Operations
d. Cyberspace Operations - CORRECT ANSWER- a. Information Security
The process of tracking and approving changes to the system.
a. Documentation
b. Media Control
c. Backups
d. Configuration Management - CORRECT ANSWER- d. Configuration Management
A unit policy on "Bring your own device to work" is an example of a:
a. System Specific Policy
b. Program Policy
c. Guideline
d. Issue Specific Policy - CORRECT ANSWER- d. Issue Specific Policy
_____________ are network focused and threat-agnostic while _____________ are threat-
specific and frequently support mission assurance objectives.
a. DCO, OCO
b. DCO, DoDIN Ops
, c. DoDIN Ops, DCO
d. DoDIN Ops, OCO - CORRECT ANSWER- c. DoDIN Ops, DCO
Identifies a set of cybersecurity activities that are required for to protect the DoDIN.
a. JP 3-12
b. DODI 8500.1
c. DODI 8530.01
d. NIST SP 800-12R2 - CORRECT ANSWER- c. DODI 8530.01
5.02 - CORRECT ANSWER- 5.02
Establishes and manages the cybersecurity program within a command, site, system, or
enclave in accordance with DoD, DON, and Marine Corps cybersecurity guidance and
policies
a. System Administrator
b. Network Administrator
c. Information System Security Manager
d. Information System Security Officer - CORRECT ANSWER- c. Information System
Security Manager
A common security strategy used to provide a protective multilayer barrier against various
forms of attack.
a. Access Control
b. Packet Filtering
c. Vulnerability Scan
d. Defense-in-Depth - CORRECT ANSWER- d. Defense-in-Depth
Any vulnerability, the exploitation of which will directly and immediately result in loss of
Confidentiality, Availability, or Integrity.
