1. The AIAP is designed to achieve the most effective and economical policy possible by using which of the following? a)Using the bottom up approach for implementing security safeguards b)Using the risk management approach for implementing security safeguards c)Using a reactionary approach for implementing security safeguards d)None of the above 2. Which backup site would require frequent testing to ensure a smooth switchover in the event of an emergency? a)Cold site b)Hot site c)Warm site d)Transitional site 3. DIACAP requires you to review your IA posture _____________. a)every year b)every two years c)every three years d)every four years 4. Our source for DIACAP resources and knowledge services can be discovered through our relationship and support from ___________. a)IEEE b)IETF c)NSA d)DISA 5. Megan is considering the implementation of PEDs in their shipping and supply area. She should review Army Regulation _____________ to identify areas where PEDs may be utilized. a)25-1 b)25-2 c)380-53 d)380-19 6 The following are wireless deployment mistakes to avoid, except for ___________________________. a)Failure to configure adequate authentication AND encryption (per Army and DOD Policy) b)Failure to physically secure the access point (and access point controllers) c)Failure to monitor the wireless network, or configure monitoring, to identify rogue access points and other wireless clients d)Failure to use a base64 password, allowing the admin to seamlessly integrate authentication protocols 7.Having reviewed DoD Wireless STIG (Ver6, Release 1), Sarah learns she may only utilize SecNet 54 and ______________ for transmitting classified information up to Top Secret. a)SecNet 11 b)KOV-26 Talon c)AirFortress d)WPA2 8.Jack's network intrusion detection system has alerted him to a buffer overflow attack against his web server. After further review of the alert log, Jack realizes his intrusion detection system is detecting normal, expected web activity as a buffer overflow. Jack will need to modify his detection signature to prevent future ________________________. a)False positives b)false negatives c)true positives d)true negatives 9.Norman is looking into an IDS/IPS solution for his command. The network engineers recommended he select a solution that requires packets to pass in and out of the device, and that it be connected in series with the outbound traffic flow. Norman should tell the sales engineer that he is interested in a __________________ IDS/IPS solution. a)Pass-by b)pass-on c)pass-through d)pass-across 10. Gary needs a specialized IPS to limit his exposure to SQL injection attacks against his web server exposed to the public network. He should consider purchasing an ____________ a)SQL Intrusion Detection System (SIDS) bWeb-based Intrusion Detection System (WIDS) c)Web-based Intrusion Prevention System (WIPS) d)Application Protocol IDS (APIDS) 11. Using MRTG, Ntop, and SNMPC to collect flow data from your routers and switches to identify traffic/packet anomalies is an example of a _____________, ____________-based IDS/IPS. a)Anomaly, network b)Anomaly, host c)Signature, network d)Signature, host 12. A great advantage of a VPN is that it provides ____________ communications over _____________ networks. a)Fast, private b)Public, private c)Private, secret d)Private, public 13.Identify the primary cryptographical techniques employed when producing ciphertext. a)Hashing & Symmetric encryption b)Hashing, Symmetric encryption, & Asymmetric encryption c)Symmetric encryption & Asymmetric encryption d)Hashing, Symmetric encryption, & Differential encryption 14.Which is not a disadvantage of symmetric cryptography? a)speed b)No true means to authenticate the sender c)Breaking one key compromises multiple parties d)Math algorithms are complex and can easily be broken 15.Identify the true statement concerning the public key on your CAC. a)It is used to sign messages b)It is used to decrypt messages c)Always kept in the physical possession of the owner d)Should be distributed freely and openly