cyops quiz1
The first telephone exchange was invented in __________ and the first commercial exchange was constructed in _______.
1877, 1878
Approximately what percent of the content on the Web is estimated to be contained in the Deep AND Dark Webs?
96%
How does the famous SYN attack that utilizes the three-way handshake work? In other words, what does the attack do in order to conduct the denial of service attack?
A SYN packet is sent to the target with a bogus "from" address. The target sends a response and waits for the final ACK but never receives it. It continues to wait and if enough other similar packets are sent the target gets "tied up" waiting for responses and no more connection requests can be accepted.
Which of the following statements is true in reference to Voice over IP (VoIP)?
A VoIP device is just another device connected to the IP network and as such it can be the target of an attacker.
According to the lesson, what was Eligible Receiver?
A cybersecurity exercise initiated by the DoD to see if systems in the Pentagon could be infiltrated.
When determining attribution for the famous Sony Pictures Entertainment breach, which of the following is a correct assessment of the situation?
A short time after the breach occurred, the U.S. Government blamed the North Koreans and the FBI later released some of the evidence they say shows that it was North Korea. There are, however, some significant security professionals that do not believe that it was a North Korea government orchestrated operation and have proposed some other possibilities. A government official has changed the response to blaming North Korea for hiring some outsiders to accomplish the hack instead of doing it themselves.
In the lesson, GhostNet was discussed. What is it?
A vast electronic spying operation that infiltrated computers and stole documents from hundreds of government computers.
Which of the following was offered in the lesson as a reason why defense-in-depth strategies can fail?
A, B, and C but not D
There are four basic means by which compromising emanations can be propagated. They are electromagnetic radiation, conduction, modulation of an intended signal, and which of the following?
Acoustics
Which of the following are parts of anonymity?
All of the above Of unknown authorship or origin Not named or identified Lacking individuality, distinction, or recognizability
In 1976, President Gerald Ford signed into law the document governing the Voice of America (VOA). The stated principal of VOA is which of the following?
All of the above VOA will serve as a consistently reliable and authoritative source of news. VOA news will be accurate, objective, and comprehensive. VOA will represent America, not any single segment of American society, and will therefore present a balanced and comprehensive projection of significant American thought and institutions. VOA will present the policies of the United States clearly and effectively, and will also present responsible discussions and opinions on these policies.
Which of the following would NOT be considered a non-state actor?
All of the above are considered non-state actors Corporations Religious Groups Paramilitary Forces
Which of the following was NOT one of the parts of Rule 2 of the Tallinn Manual governing Sovereignty in which it stated that a nation-state may exercise control over cyber infrastructure and activities within its sovereign territory? The state may exercise its jurisdiction
All of the above were allowed according to Rule 2 of the Tallinn Manual. Over persons engaged in cyber activities on its territory Over cyber infrastructure located on its territory Extraterritorially, in accordance with international law
Which of the following was NOT one of the categories of attacks (or incidents) shown in the lesson?
All of the above were categories shown in the lesson
President Harry Truman announced in 1950 that the United States would launch an information program known as the "Campaign of Truth". Which of the following was the goal of the campaign?
All of the above were goals of the campaign. Establish a "healthy international community" with confidence in American leadership. Present America fairly and counter "all the misrepresentations" Help "to roll back Soviet influence" by all means short of force.
Which of the following was NOT listed in the OSINT Framework?
All of the above were part of the Framework
The lesson included some advice on how to not "be a victim to Social Engineering." Which of the following was NOT one of the suggestions provided?
All of the above were suggestions provided in the lesson.
Which of the following is (are) true about anonymity on the Internet?
Anonymity allows a person to express his or her views freely without the fear of repercussions. Anonymity allows a person to be controversial, to take unpopular positions on volatile issues. A and B but not C
In which component of the risk management process are threats to the organization identified?
Assess
Over the last few decades, what have we seen in terms of the average intruder knowledge and required attack sophistication necessary to successfully conduct a cyber attack?
Attack Sophistication has increased while the average intruder knowledge has decreased..
According to the lesson, which of the following was NOT described as a type of Malware?
Backdoor
A specially 'armored' and protected host that may run a special secure or reduced version of the OS, that only runs essential services, and that may employ proxy applications for things such as DNS, FTP, HTTP, and SMTP is known as which of the following?
Bastion Host
Which of the following is the name of the malware identified by DHS deep within the industrial control systems that operate critical infrastructures? It appears to originally only be targeting the theft of information but officials fear it could be modified for sabotage purposes.
BlackEnergy
There were a number of images from tobacco advertisements from decades ago shown in the lesson. Which of the following was one of the major thrusts used by the industry (and specifically Lucky as shown in the ads) to convince individuals that they should smoke.
By smoking a cigarette instead of reaching for "a sweet", they could ensure that they would not become obese.
Which of the following is the term used for actions taken via computer networks to disrupt, deny, degrade, or destroy the information within computers and computer networks and/or the computer networks themselves?
Computer Network Attack
The "CIA of Security" refers to which three elements?
Confidentiality, Integrity, and Availability
What were the three factors presented that are used to determine a nation's cyber war strength?
Cyber Offense, Cyber Dependence, and Cyber Defense
According to the table in the lesson, which type of attacker might be conducting a cyber attack for ideological reasons?
Cyber terrorists/Individual Hackers Hacktivists Both C and D
According to the Joint Force Commander's Guide to Cyberspace Operations, which of the following consists of non-intelligence actions that set the stage for follow-on operations?
Cyberspace Operational Preparation of the Environment
Encryption of data on a disk is an example of a defense mechanism used in which of the following layers of a defense-in-depth strategy?
Data Defenses
Which of the following is NOT one of the 4 categories of offensive information operations discussed in the lesson?
Deceive
There were a number of Defensible Actions in the cyber kill chain mentioned in the lesson. Which of the following actions prevents information disclosure and unauthorized access?
Deny
Which of the following lists the 4 principles of jus in bello?
Distinction, Necessity, Humanity, Proportionality
Which of the following is true in regards to the effectiveness of DoS attacks between 2011 and 2013 (as discussed in the lesson)?
DoS attacks have increased in effectiveness in terms of both bandwidth and packet count.
Which of the following was provided as one of the 3 main advantages that an active cyber defense system leverages?
Earlier and more effective cyber kill chain disruption
Which of the following deals with economic espionage and theft of trade secrets?
Economic Espionage Act (ECPA).
What is the term used to refer to news reporters being attached to military units involved in armed conflicts?
Embedded Journalism
In which step of the Lockheed Martin Cyber Kill Chain is malware code triggered which then takes action on the target network to exploit vulnerabilities?
Exploitation
According to the Law of War Manual, Cyber Operations generally include activities that merely use computers or cyberspace without a primary purpose of achieving objectives or effects in or through cyberspace. For example, operations that use computer networks to facilitate command and control, operations that use air traffic control systems, and operations to distribute information broadly using computers would generally be considered cyber operations because the impact military units.
False
In all incidents, being able to determine attribution quickly and correctly is actually more important than simply determining that an attack is occurring. Obviously it is important to determine an incident is underway, but once an attack is discovered, attribution becomes the most important element of the entire incident.
False
Once an EXORD has been issued, the Operations Planning process is over. Up to the moment of the EXORD being implemented, the plan may be modified as required by changing situations. This is especially true for Cyber Operations.
False
Perception Management is found in a variety of arenas and is generally considered limited to the following: the military, politics, foreign relations, and the media.
False
Radio Propaganda, which was used extensively by all sides during WW II, has been replaced by other, more modern, means of communication. Since the Korean Conflict came to a close, neither the U.S. nor any of its adversaries (or potential adversaries) have utilized radio as a means of propaganda.
False
The concept of Propaganda is well known and generally understood. It consists of one nation attempting to influence an opposing nation's citizens, military, or political establishment by publishing deliberately false reports that seek to put the opposing nation in poor light while making the nation creating the propaganda be seen favorably.
False
Today, since the original development of onion routing was in the United States, and since the U.S. has long had a significant portion of its citizens concerned with personal privacy, the U.S. has the highest concentration of anonymous users of the Internet as measured by daily TOR users per 100,000 Internet users.
False
While we can read a lot about "hackers" in the media, in truth the damage that can be caused by an individual or small group (referred to as non-state actors) is very limited and is not something that is of concern to the government.
False
Which of the following is a "data-vacuuming" malware that targeted a number of Middle Eastern countries including Israel and Iran?
Flame
Which of the five cyber strategies presented in the lesson has as a key to the strategy having all assets disconnected from any kind of outside network?
Going Dark
Individuals who may feel that they are promoting security by helping to expose flaws in organizations or specific technology, but that don't have permission of the vendor or organization to do so are known as which of the following?
Gray Hat Hackers
The source and destination IP addresses are contained in the header of which of the following protocols?
IP
Which of the following is true about ISAOs as discussed in the lesson?
ISAOs do not need a 24/7 security operation center (SOC) to be considered an ISAO.
What was described in the lesson as the most important consequence of combatant status being assigned to an individual?
Immunity from prosecution for lawful warlike acts.
According to the lesson, in general, how does most of industry feel about government regulation on cybersecurity?
In general, most of industry does not want the government stepping in with regulations.
In which step of the cyber operations planning process do planners participate in the commander's initial assessment actions and gather the resources required for mission analysis?
Initiation
Which of the following is the "I" of the original "CIA of security"?
Integrity
Which of the following techniques of information operations is only partially contained in the Cyberwarfare sphere?
Intelligence Gathering
Which of the following is true about Intelligence in Cyberspace?
Intelligence is increasingly facilitating information superiority through an understanding of the cyber domain.
The Shodan tool was discussed in the lesson. What is this tool designed to do?
It is a tool that can be used to find ICS targets connected to the Internet.
Which of the following might be a valid criticism of the Lockheed Martin Cyber Kill chain?
It only addresses the use of malware as a weapon in a cyber conflict
Defense-in-depth seems like a natural and obvious approach to security. In the case of cybersecurity, however, the lesson pointed out that the concept is easy to aspire to in theory but difficult to implement in practice. Which of the following was one of the reasons given in the lesson as to why this is the case?
It only works if all the layers work together as one, so that there is a cohesive view across all attack vectors.
Which of the following cyberspace operation techniques presented in the lesson is a software program or hardware device that is used to monitor and log the activities of users?
Keylogger
Propaganda leaflets have been distributed through a variety of means to populations and soldiers in conflicts for decades. Which of the following is a correct statement regarding the more recent conflicts and the use of leaflets?
Leaflets have continued to be used in all conflicts the U.S. has been involved in since WW II up to and including the conflicts in Iraq and Afghanistan.
Which of the following types of MALWARE is a program that is set to execute its payload upon a certain condition being met?
Logic (time) bomb
What was the pseudonym for William Joyce, German radio's most prominent English-language speaker who hosted a propaganda radio program called "Germany Calling"?
Lord Haw-Haw
Which of the following is the name given to intelligence detected and classified from targets that identify or describe signatures (distinctive characteristics) of fixed or dynamic target sources?
MASINT
In comparing the two terms Anonymity and Privacy, which of the following is true?
Many privacy grievances stem from the frequent conflation of privacy with anonymity. The two are qualitatively and legally different, but confusion about this likely comes from the Internet's original architecture which placed great value on the reliability and robustness of communications, but less emphasis on identity management and security.
Which of the following tools has been described as the world's most used penetration testing framework?
Metasploit
Which of the following Cyber Threat Actors was listed in the lesson as potentially the most dangerous?
Nation State
According to the lesson, is cyberspace a law-free zone where anything goes?
No
Which of the following was NOT one of the countries that was listed in the lesson as having conducted Cyber Operations against the United States?
North Vietnam
What is the name given to intelligence that is gathered from publically available information?
OSINT
Which of the following principals of war discussed in the lesson states that military commanders must seize, retain, and exploit the initiative and by seizing the initiative, a military may compel its opponent to react?
Offensive
In which of the following types of attacks might an attacker develop an attack technique and then use a brute-force attack against thousands or millions of targets in an attempt to find a handful of vulnerable systems?
Opportunistic Attack
Which of the following types of network security devices detects and reports unwanted activity so an administrator can determine what action to take?
Passive Device
Which layer in a defense-in-depth strategy encompasses every point at which the internal network connects to external networks and hosts?
Perimeter Defenses
It is important to understand that the effects of both conventional and cyber attacks will last for a certain amount of time which is important for meeting the objectives of an operation. What are the three degrees of persistence of effects?
Permanent, Temporary, Transient
Which of the following lists the three layers of Cyberspace as discussed in the lesson?
Physical network, Logical network, Cyber-persona
In the model of Defense-in-depth that the lesson concentrated on, what is the outermost layer of security?
Policies, procedures, and awareness
What was the term that the lesson used to describe the measure of how much data loss, in hours or days, is acceptable to an organization?
RPO (recovery point objective)
The process of understanding the existing system and environment, and identifying risks through analysis of the information/data collected is known as which of the following?
Risk Assessment
Which of the following types is the name given to the discipline of gathering information exclusively from social media sites. It is a subset of OSINT and the terms are not synonymous.?
SOCMINT
Which of the following was listed in the lesson as information that an ISAO could/should share?
Security relevant indicators Training programs Trends that might impact the members of the ISAO All of the above
Which approach to calculating risk utilizes a set method, principle, or set of rules for assessing risk that uses bins, scales, or representative numbers whose values and meanings ae not maintained in other contexts?
Semi-Quantitative Assessment
Who was "Mrs. Silence Dogood" and what was her significance?
She was a pen name used by Benjamin Franklin so that he could get his work published in his brother's paper. The articles poked fun at various aspects of life in colonial America. It was an example of how anonymity allowed somebody to get their thoughts published. It is also an example of how long this has been an issue.
Which of the following is the name given to an encryption algorithm that uses the same key for both encryption and decryption?
Symmetric Encryption
The famous SYN flooding attack takes advantage of the 3-way handshake which is part of which protocol?
TCP
Which level of warfare discussed in the lesson has activities that include the specific use of military units that engage each other in battles and small-unit actions? Commanders at this level are concerned with the 'nuts and bolts' of warfare.
Tactical
Which of the criteria defining combatants was included to perform an important reinforcing function by excluding from the combatant class groups of fighters unwilling to adhere to traditional and recognized limits on the conduct of hostilities?
That they conduct their operations in accordance with the laws and customs of war
Which of the following is described as an invisible web, or hidden web, and is part of the World-Wide Web whose contents are not indexed by standard search engines for any reason?
The Deep Web
What is important about the Peace of Westphalia in terms of cyber conflicts?
The Peace of Westphalia introduced the concept of sovereignty which basically at the time introduced the concept of borders and the right of rulers to dictate what goes on within those borders. The question is how that applies to the cyber realm since attack packets may travel through a nation's cyberspace.
According to the discussion of Cyber War Strength, why was the U.S. ranked lower than North Korea?
The U.S. had a lower Cyber Dependence value (i.e. is more dependent on cyber) The U.S. had a lower Cyber Defense value. Both B and C
lkWhich of the following was NOT one of the Principles listed in the description of the "Defender's Dilemma"?
The defender must implement a defense-in-depth strategy in case one level is breached. The attacker then only has to find an area not defended in depth and find a hole in it.
When comparing CNA and CNE, which of the following statements is true?
The first steps in both are basically the same but once access is obtained in a target system, the activities from then on may differ significantly.
Which of the following is a description of Softwar as defined by Chuck de Caro in the lesson?
The hostile use of global television to shape another nation's will by changing its view of reality.
According to our lesson, which of the following is true in regards to social media's ability to incite revolution?
The impact of social media to incite and conduct a revolution is overstated. It is best used to enhance awareness of protests to outsiders in order to gain support on a more global scale.
According to the TEDx talk on cyberwar, why is the most powerful cyber state also most likely the most vulnerable?
The nation that is the most powerful from a cyber perspective will also have a large reliance on cyber themselves and will therefor also be vulnerable to cyber attacks.
The term "Yellow Journalism" is often used to refer to journalism that presents little to no well-researched news but instead attempts to use headlines to sell more newspapers. From where did this term originate?
The term was coined in the mid-1890s to characterize the sensational journalism that used some yellow ink in the circulation war between Joseph Pulitzer and William Randolph Hearst in New York. Both papers were accused by critics of sensationalizing the news in order to drive up circulation.
In warfare, what does jus in bello address?
The way in which warfare is conducted; what you can do in war.
Since Cuba was then under the control of Spain, what have the Cubans publicly stated about the explosion of the USS Maine and the U.S. involvement in their being freed from Spanish Control?
They have accused the U.S. of deliberately sinking the ship to create a pretext for military action against Spain as part of their ongoing "imperialist greed"
Which of the following are conditions discussed in the lesson for an individual to be considered a combatant?
They must be commanded by a person responsible for their subordinates. They must have a fixed distinctive emblem recognizable at a distance. They must carry arms openly. They must conduct their operations in accordance with the laws and customs of war. All of the above.
What was the name given to a series of coordinated attacks on American computer systems in 2005 but which had been ongoing for at least 3 years? The attacks were labeled as Chinese in origin, although their precise nature, e.g. state-sponsored espionage, corporate espionage, or random hacker attacks, and their real identities remain unknown.
Titan Rain
Which of the following Titles role in cyberspace is crime prevention, apprehension and prosecution of criminals operating in cyberspace?
Title 18
Which of the following Titles from the U.S. Code is concerned with Domestic Security and has a role in cyberspace specifically aimed at security of U.S. cyberspace?
Title 6
What was the major lesson learned from the UTSA Honey Community research effort?
To be able to spot all attacks on a community, multiple sectors need to share information and work together
A cyber strategy can be thought of as an umbrella for various individual cyber operations with the ultimate aim of achieving a strategic or political goal.
True
A small state wielding cyber weapons might have a greater degree of relative power than a large state if it has significant theoretical and demonstrated capabilities but few vulnerabilities.
True
According to the American Press Institute's web site, The job of journalists is not to stamp out bias but rather they should learn how to manage it.
True
According to the American Press Institutes web site, the purpose of journalism is to provide citizens with the information they need to make the best possible decisions about their lives, their communities, their societies, and their government.
True
According to the lesson, cyberwar is asymmetric, which means it benefits lesser military powers as much as military goliaths.
True
After much research, it has been finally generally accepted that the Iraqi incubator story was fabricated and that the events never actually happened.
True
Commanders must be aware that U.S. military forces are critically dependent on networks and information systems to conduct operations. Nearly every conceivable component within the DoD is networked. These networked systems and components are inextricably linked to the Department's ability to project military force and the associated mission assurance.
True
Computer Network Attack (CNA) entails the scanning and exploiting of computer systems and networks. Conducting this type of activity on systems you don't own or have the permission to assess is illegal.
True
Defense-in-depth is not a product, like a firewall. Instead, it is a security architecture that calls for the network to be aware and self-protective.
True
Even though PPPs are beneficial for both sectors, some private companies are reluctant to establish cybersecurity PPPs. One of the key hesitations in the private sector to form a public-private partnership concerns issues of trust, control, and disclosure.
True
Human resource departments are not the only group using OSINT. Many Fortune 500 companies now have their own "Corporate Intelligence Departments". These are not solely focused on digging up information on employees, they can be used to keep tabs on what the competition is doing.
True
Humans function more efficiently in small clusters of 150 people or less.
True
In 2013, the part of the Smith-Mundt Act of 1948 that forbade the Voice of America from broadcasting directly to American citizens (in order to protect the American public from propaganda actions by its own government) was repealed.
True
In the United States, only the President or Secretary of Defense (SecDef) can authorize the Chairman of the Joint Chiefs of Staff (CJCS) to issue an execute order (EXORD).
True
Information Superiority is the operational advantage derived from the ability to collect, process, and disseminate an uninterrupted flow of information while exploiting or denying an adversary's ability to do the same.
True
Military power is one facet of national power which also includes the economy as well as political and national will.
True
Operations described as "cyber attacks" or "computer network attacks" are not necessarily "armed attacks" for the purposes of triggering a nation=state's inherent right of self \-defense under jus ad bellum.
True
PDD-63 stated that National Coordinator, working with Sector Coordinators, Sector Liaison officials, and the National Economic Council, shall consult with owners and operators of the critical infrastructures to strongly encourage the creation of a private sector information sharing and analysis organization (ISAO). The actual design and functions of the organization will be standardized based on the model developed by the National Communications and Computer Intelligence Center (NCCIC) of the Department of Homeland Security (DHS).
True
PRISM was a highly classified government-sponsored data collection program which used other service providers to aid in the collection of the data.
True
Potential adversaries have invested significantly in cyber as it provides them with a viable, plausibly deniable capability to target the U.S. homeland and damage U.S. interests.
True
Stuxnet specifically targeted PLCs which allow the automation of electromechanical processes such as those used to control machinery on factory assembly lines. In this case, it targeted the PLCs used by centrifuges for separating nuclear material.
True
The Bitcoin is a decentralized electronic currency that was created in 2009 by someone under the alias Satoshi Nakamoto. The currency and the transaction methods eliminate the middleman by getting rid of traditional institutions like banks and creates a borderless world where transactions can occur instantaneously.
True
The Smurf attack is a distributed denial-of-service attack in which large numbers of Internet Control Message protocol (ICMP) packets with the intended victim's spoofed source IP are broadcast to a computer network using an IP broadcast address. If a number of machines on the network that receive and respond to these packets is very large, the victim's computer will be flooded with traffic. This can slow down the victim's computer to the point where it becomes impossible to work on.
True
The appeal of social media and the observed clustering effect is based on three key reasons: a) on the most fundamental heuristic level, humans function more efficiently in small clusters of 150 people or less, b) humans have a large number of biases and associated effects when sharing and evaluating data, and c) social media is compelling because it requires less effort to interact with people virtually.
True
The first stage of an ICS cyber attack is best categorized as the type of activity that would traditionally be classified as espionage or an intelligence operation.
True
The first step in the "intelligence cycle" is the decision-maker information requirements being levied on intelligence collection capabilities.
True
The term "Spam" as applied to email means "unsolicited bulk email" (UBE). Unsolicited means that the recipient has not granted verifiable permission for the message to be sent. Bulk means that the message is sent as part of a larger collection of messages, all having substantively identical content.
True
The term "kill chain" was originally used as a military concept related to the structure of an attack; consisting of: Target Identification; Force dispatch to target; Decision and order to attack the target; and The destruction of the target.
True
To implement a security program successfully, an organization must define processes and activities for staff and systems. These policies and procedures define security controls and usage of the controls. An awareness program enhances staff understanding of the security controls. The policies and procedures define and describe all the controls at the other layers.
True
Which of the following unique cyber weapon/attack characteristics was described as being unlike munitions, which are normally destroyed upon use, and can include code that can be saved, analyzed, and recoded for use against allies or friendly nations?
Unintentional cascading effects
Which of the following principals of war discussed in the lesson states a single commander should be responsible for achieving each military objective?
Unity of Command
Disgruntled employees are part of which level of threat as discussed in the lesson?
Unstructured Threats
In which phase of the ICS Kill Chain does the attacker test his/her capability on a similar or identically configured system to ensure the capability will have a meaningful and reliable impact?
Validation
In the TEDx Talk on Cyberwar, the speaker listed 5 differences between cyber threats and conventional threats. One of these was Warning and Decision. What was the issue here?
We get no warning time for a cyber attack and because of the attribution issue a response is often not possible for a possibly considerable period of time.
Which of the following statements is NOT true about the Stuxnet malware attack?
While disrupting operations for a significant period of time, the Stuxnet attack did not cause any physical or permanent damage and operations began again several months after the attack.
Which of the following was described in the lesson as "the world's foremost and widely-used network protocol analyzer? It lets you see what's happening on your network at a microscopic level and is the de facto standard across many commercial and non-profit enterprises, government agencies, and educational institutions.
Wireshark
Considering the U.N. Charter was established before the use of computers was common, do cyber activities ever constitutes a use of force AS DEFINED IN ARTICLE 2 OF THE UN CHARTER?
Yes
Do jus in bello rules apply to computer network attacks?
Yes
Based on the discussion of what a threat is, which of the following would be considered a "threat"?
a hacker
In which step of the Risk Management Framework would you find the task to determine if the risk to organizational operations, organizational assets, individuals, other organizations, or the nation is acceptable?
authorize
What is the name given to the social engineering attack in which something of interest is offered on a site like a movie or music but when somebody downloads the item they become infected with malware or have some other nefarious activity conducted against them?
baiting
According to our lesson, in the encryption process, what is the name given to an encrypted message?
ciphertext
On the Cyber Threat Spectrum, which of the following was considered to be the most Complex type of attack?
compromised hardware systems
Which of the following was NOT one of the elements the lesson stated that Information Superiority is built on?
cyber power, robustness of defense, systemic vulnerabilities and dependencies, and actor anonymity and attribution issues ALL OF THE ABOVE
Which of the following was NOT one of the three categories of defensive teams the DoD is fielding to facilitate DoD network protection?
defensive cyber operations - Counter-attack response teams (DCO-CART)
Which of the five cyber strategies presented in the lesson has as one of its precepts the strategy of preventing aggression by threatening greater aggression in the form of painful and perhaps fatal retaliation?
deterrence
Which of the following was listed as a cyberspace operation technique consisting of a method of sending e-mail to a user that appears to have originated from on source when it actually was sent from another source?
email spoofing or phishing
A qualitative assessment typically employs a set of methods, principles, or rules for assessing risk based on the use of numbers
false
According to the TEDx talk from the lesson, in the face of possible cyber warfare and cyberattacks, the government has to "step up its game" and become responsible for not just attacks on the federal government and critical infrastructures, it needs to become engaged in the defense of major industry organizations such as Sony.
false
Active Cyber Defense (ACD) is nothing more than a "fancy" name given to the strategy of defense-in-depth. It was first introduced as a marketing strategy by Network Data Defenses (NDD) a few years ago but has since been adopted by most of the rest of industry.
false
Because the nature of cyberspace is so different from the physical world and because it is hard to distinguish the use of a given computer on the network, the law of war that normally would require that civilian infrastructures not be used to seek to "immunize" military objectives from attack do not apply in cyberspace. For example, in the physical world the laws of war would prohibit the installation of an offensive missile site next to or on top of a hospital to prevent it from being targeted. In the cyber realm, it is impossible to determine what all of the systems connected to a network would be utilized for so these rules do not apply.
false
Business Continuity Planning (BCP) and Disaster Recovery (DR) are terms that are often used synonymously and actually do refer to the same plans. The difference is simply a preference by the individual discussing the topic.
false
In the lesson several cyber threat actors were mentioned including nation states, criminal organizations, and insiders but "natural threats" and physical threats were not listed because of the lack of interest in them by the other hostile actors.
false
Though everybody suspects it, and it is somewhat of an "open secret", the U.S. government, and the Department of Defense in particular, have never acknowledged that the U.S. has and is pursuing offensive cyber capabilities.
false
What was significant about the Nixon-Kennedy debate (besides it being the first televised one) is that after the debate those folks who LISTENED to the debate on the radio thought Kennedy had won the debate. Those who WATCHED the debate on TV thought that Nixon won the debate. This was blamed on the public seeing Kennedy as being too young for the responsibility of being president while Nixon looked older and more like a traditional "statesman".
false
When discussing the 3 additional Principles of Joint Operations that were added by the Joint Chiefs of Staff to the 9 Principles of War, there was a recognition that in warfare, especially cyberwar, that the actions of military commanders might frequently be inconsistent with national laws as well as international treaties and obligations?
false
While older CRT monitors and devices were VERY susceptible to electronic emanations issues, the modern LCD technology takes care of most of the emanations issue. It would require extremely expensive devices to capture the emanations from modern LCDs and is not considered a practical method of attack.
false
What is the name of the process (software, possibly hardware, or rarely human) that acts on behalf of a user or client? It receives the network traffic intended for or coming from a group of clients or servers it is acting on behalf of.
firewall
The Risk Management Process consists of 4 components as defined in the lesson. These are Assess, Respond, Monitor, and which of the following?
frame
What is the term used to describe a computer "hacker" or computer security expert who may sometimes violate laws or typical ethical standards but does not have any malicious intent?
grey hat hacker
What were the other two laws nations have agreed to that were presented in the lesson as possibly factoring into decisions about cyber conflicts?
maritime law and space law
Which of the following threat types is also known as a "man-in-the-middle" attack?
modification
In which component of the risk management process presented in the lesson do you verify that planned risk response measures are implemented and information security requirements derived from/traceable to organizational missions/business functions, federal legislation, directives, regulations, policies, and standards and guidelines are satisfied?
monitor
In which step of the Risk Management Framework (RMF) do you find the task to implement an informational system disposal strategy, when needed, which executes required actions when a system is removed from service?
monitor
In which stage of the Lockheed Martin Cyber Kill Chain is the target selected and vulnerabilities identified?
reconnaissance
Identification of risk assumptions, risk constraints, Risk tolerance and priorities and trade-offs is part of which component of the risk management process?
risk framing
As described in the lesson, the Risk Management Framework consists of 6 steps. In which step is an initial set of baseline security controls for the information system based on an organizational assessment of risk and local conditions?
select
Which of the following is the term used to describe the art of manipulating peoples so they give up confidential information?
social engineering
Which level of warfare discussed in the lesson has activities that include the specific use of military units that engage each other in battles and small-unit actions? Commanders at this level are concerned with the 'nuts and bolts' of warfare.
tactical
Which of the following is the name given to a computer programmed to return deceptive responses to initial contacts on services and protocols that the organization's network does not implement?
tarpit
Which of the following established the precedent of peace established by diplomatic congress, and a new system of political order based upon the concept of co-existing sovereign states?
the peace of westphalia
Which of the following was created in an effort to create "a Geneva Convention for Cyberwar"?
the talinn manual
Which of the following types of MALWARE is a program that appears to do one thing (and may indeed do it) but that hides something else?
trjoan horse
According to U.S. Doctrine, irregular warfare is defined as characterized as a violent struggle among state and non-state actors for legitimacy and influence over the relevant populations.
true
According to the lesson, the term kill chain was originally used as a military concept related to the structure of an attack. The original cyber kill chain reveals the stages of a cyberattack from early reconnaissance to the goal of data exfiltration.
true
According to the speaker in the TEDx talk from the lesson, victims of cyberattacks often don't realize that they ARE victims of a cyberattack.
true
After WW I, Marshal Paul von Hindenburg stated "This English propaganda was a new weapon, or rather a weapon which had never been employed on such a scale and so ruthlessly in the past." What he was acknowledging was that it was clear that large numbers of civilians could be mobilized for a massive war effort through persuasive techniques derived from the emerging disciplines of behavioral psychology and social sciences.
true
As discussed in an article in the lesson, the Internet has become a catalyst for radicalization, in reference to the recruiting of terrorists. Processes that previously might have taken a few months or even a year - to go from following a benign ideology to traveling abroad to become a foreign fighter - in some cases take only a few weeks.
true
Code Red was a worm with multiple variants that first appeared in July 2001 and ultimately affected nearly 300,000 computers in the U.S. It exploited a hole in Microsoft's IIS Web Servers.
true
Computer Network Attack (CNA) entails the scanning and exploiting of computer systems and networks. Conducting this type of activity on systems you don't own or have the permission to assess is illegal.
true
In 2008 malware known as Agent.btz was used in an attack on the Department of Defense. It spread extensively throughout DoD networks. The infection began when an infected USB flash drive was inserted into a U.S. military laptop at a base in the Middle East. As a result, the DoD suspended the use of USB drives (i.e. does not allow them) or other external media by service members.
true
In the 2008 Russia-Georgia conflict, Russian cyberspace forces attacked civilian sites near the action of kinetic operations with the goal of creating panic in the civilian population. For example, in the town of Gori, Russians disabled government and news websites with DDoS attacks just prior to an air attack. Russian forces also attacked Georgian hacker forums in order to pre-empt a retaliatory response against Russian cyberspace targets.
true
Merely relaying information through neutral communications infrastructure in neutral territories (provided that the facilities are made available impartially) generally would not constitute a violation of the law of neutrality that belligerent states would have an obligation to refrain from and that a neutral state would have an obligation to prevent.
true
Soft Power is the ability to attract and co-opt, rather than using coercion which is using force or money as a means of persuasion. A defining feature of Soft Power is that it is non-coercive; the currency of soft power is culture, political values, and foreign policies.
true
The Risk Management Framework (RMF) provides a disciplined and structured process that integrates information security and risk management activities into the system development life cycle. It operates primarily at Tier 3 of the 3-tiered approach presented in the lesson.
true
The U.S. Governments sees international laws not as a restraint or "straitjacket" preventing certain activities but rather as a body of "wise restraints that make us free." International law is not purely constraint, it frees us and empowers us to do things we could never do without law's legitimacy.
true
The lesson stated that the Office of Tailored Access Operations (TAO) is a cyber-warfare intelligence-gathering unit of the NSA. It has been active since at least 1998 and identifies, monitors, infiltrates and gathers intelligence on computer systems being used by entities foreign to the U.S
true
The security authorization package documents the results of the security control assessment and provides the authorizing official with essential information needed to make a risk-based decision on whether to authorize operation of an information system.
true
The term "kill chain" was originally used as a military concept related to the structure of an attack; consisting of: Target Identification; Force dispatch to target; Decision and order to attack the target; and The destruction of the target.
true
Trust is a belief that an entity will behave in a predictable manner in specified circumstances. The entity may be a person, process, object, or any combination of such components.
true
U.S. Intelligence officials speaking anonymously claimed that spies at Russia's GRU agency had compromised up to 300 2018 Winter Olympics-related PCs as of early February, hacked South Korean routers in January and launched new malware on February 9th, the day the Olympics began. They even tried to make it look like North Korea was responsible by using North Korean Internet addresses and 'other tactics'.
true
UDP has no handshaking like TCP does.
true
