3D1X2 Air Force

From what career field skill sets was the Cyber Transport (3D1X2) career field derived?

Which AFSC installs, supports, and maintains servers or other computer systems and plans for responding to service outages and interruptions to network operation?

Which AFSC monitors and analyzes performance of underground, buried, and aerial cable, and antenna networks?

What two documents provide a specialty summary and define the broad duties and responsibilities for the 3D1X2 Cyber Transport Systems career field?

What systems and equipment do Cyber Transport Systems specialists deploy, sustain, troubleshoot, and repair?

Cyber Transport Systems specialists install, upgrade, replace, configure, and maintain systems/circuits/IP-based intrusion detection systems that access what type of networks?

A duty and responsibility of a Cyber Transport Systems specialists is to apply communications security programs that include what four types of security?

During what meeting does the Cyber Transport Systems specialists serve as an adviser on information systems?

A duty and responsibility of Cyber Transport Systems is to evaluate contracts, wartime, support, contingency, and exercise plans to determine impact on what?

What is an integrated bundle of expert knowledge and organizational skills inherent to a particular career field(s) which makes a disproportionate contribution to the success of providing the right skills needed for military operations, anywhere, anytime?

The Cyber Transport Systems core competencies include what four areas of responsibility?

Where does the Air Force publish industrial and general safety guidance?

Which Air Force instruction consolidates material in the 91-series of the AFOSH standards as they relate to general Air Force operations?

What guidance should you use when there is conflicting safety guidance?

What should you do if you encounter a hazardous situation not covered by existing directives?

What is the purpose of Air Force Instructions 91-202?

What is JSTO?

What does the JSTG identify?

What is the most common method of documenting the completion of mandatory employee safety training?

You should report a personal injury; property damage; or any suspected exposure to biological, chemical, or nuclear hazardous materials to your supervisor within how many hours?

What are two of the most common causes for accidents and fires?

What should you do if you notice a spill?

A situation that poses a level of threat to life, health, property, or environmental is defined as what?

The primary responsibility for identifying workplace hazards rests with whom?

What program permits all Air Force personnel to alert supervisors and other appropriate officials of hazardous conditions that require prompt corrective action?

The USAF Hazard Reporting Program authorizes the use of what form to identify and report hazards?

What are the four major types of hazards that can put both your health and safety at risk?

Can lead to long-term health problems. Early signs include headaches, anxiety and impatience.

Contributing factors include fatigue, inattention, worry, anger, distraction, urgency, and lack of job knowledge

Exists when there is a risk of direct skin contact, inhalation, accidental ingestion or absorption of hazardous chemicals.

Includes any virus, bacteria, fungus, protozoan, insect,or other living organisms that can cause a disease in healthy humans.

Includes insufficient lighting, excessive levels of noise and vibration, pressure, temperature extremes, oxygen deficiency, and non-ionizing radiation

In general, the degree of risk associated with handling a specific chemical depends on what?

What are the most common work center accidents?

What are the primary reasons for walking surface mishaps?

What are the most common physical acts responsible for manual handling injuries?

What factors influence the ability to manually lift an object?

What is the preferred method to minimize the risks associated with manual lifting?

What determines the severity of an electric shock?

A voltage that is capable of producing a current flow of how many milliamps can cause a shock that may result in cardiac arrests and be lethal?

Most electrical accidents occur as a result of what?

What AFI directs specific LOTO requirements?

Why should you not rely on safety devices such as interlocks, high voltage disconnect relays, or automatic circuit grounds?

What is required when installing or repairing C&I systems, communication cables and antenna systems that may expose you to energized equipment, high voltage circuits (600 volts or above) or low voltage power if it is has a high current flow?

If your equipment has a defective interlock, what should you do?

Where are the requirements for Risk Management (RM) outlined?

Where and when does the continuous Risk Management (RM) process apply?

What is a decision-making process used to systematically evaluate possible courses of action, identify risks and benefits, and determine the best course of action for any given situation?

The appropriate use of RM increases an organization's and individual's ability to do what?

What four principles govern all actions associated with the management of risk?

What are the five steps in the RM process?

What is the fundamental objective of risk management?

What does boundary protection provide?

What is an enclave?

When an enclave does not have a firewall and IDS, what vulnerability category is it?

What is a Category II vulnerability?

Where are the two INOSCs located?

What is a firewall?

What term describes the technology for transmitting voice communication over a data network using open-standards-based IP?

What are the three reasons to consider using IP telephony in a network versus not using IP telephony?

What does the VoIP telephone system provide?

Which publications will assist you in implementing IP telephony firewall security?

What are the four categories of IP firewalls?

What is the major benefit of a personal/SOHO firewall?

Name the two categories of network firewalls?

In which layer does a packet filter gateway work?

When are network-level firewalls normally used?

What does an ACL (Access Control List) verify?

How must INOSC-managed firewalls be configured?

What is an adverse event that threatens some element of computer security, such as loss of data?

What results from a denial of service security incident?

What is the primary intrusion detection tool deployed across the AFEN?

What is an IDS?

What does an IDS monitor?

Which type of IDS monitors traffic and alerts administrators about suspicious traffic?

What does a network-based IDS examine?

What are three of the key points to remember when using an IDS?

What are the three types of intrusion detection methods?

What is a HIDS?

What is the advantage of HIDS?

What is a major drawback of NIDS?

HIDS relies on the host for this, but NIDS relies on the network

Findings would be hard to use in court for NIDS

HIDS monitors files for policy violations; NIDS monitors packets for anomalies and viruses

May be present due to service agreements and policy restrictions of HIDS; not so for NIDS

The ability of HIDS to secure a specific resource

HIDS has a narrow and very specific scope while NIDS has a very broad and general scope

HIDS primarily uses software sensors, but NIDS primarily uses hardware sensors

HIDS can be both, but NIDS can only be one

Both HIDS and NIDS tell administrators of trouble conditions via management console or email mesages

May happen with HIDS, but probably not with NIDS

The ability of NIDS to secure a large area with non-critical data

HIDS monitors traffic on the installed host, while NIDS monitors traffic on specific network segment only

Findings may be admissible as court evidence for HIDS

HIDS can analyze the encrypted data if decryption occurs before reaching the target host, but NIDS cannot analyze encrypted data

When will wired systems detect a wireless threat?

Who is responsible for incorporating intrusion detection methodologies into wireless systems?

What are the two possible security postures that you can adopt as part of your general policy on internal control, and what is the difference between these two postures?

There are many ways to classify network security threats, such as internal or external or as intentional or unintentional. What are three other ways in which to classify network threats?

What form do technological threats come in?

What do the letters CCR stand for?

What is one of the most important tools used to maintain internal control?

What is the purpose of access control systems and practices?

What are the two categories into which information security-related access controls fall? What are some examples of each?

How do you control access to desktop systems connected to critical networks?

What is the first line of defense to protect a laptop computer?

Define war-dialing?

Having information ready when needed

Assurance that no one has changed or destroyed information

Inability to deny who performed network actions

Protection of the network from those not authorized access

Use of remote access for changing passwords must be severely restricted unless what capability is in place?

What organization approves the high-robust encryption for all classified traffic transmitted across unsecured channels?

What are certificates?

What are the two primary forms of encryption?

Air Force Information Assurance Program applies to what?

What three core disciplines does IA cover?

What AFSSI series cover EMSEC?

What is TEMPEST?

What is the definition of inspectable space?

What is the primary objective of EMSEC?