Air Force Mentor Logo


Exams (Home) | AFMentor | AFWriting | Bookmark | E-Mail Page | Search

3C051 EOC Exam

Volume 5

1.  What is the last step in file management?

     a.  Deleting records
     b.  Archiving files.
     c.  Cleaning records
     d.  Periodically scanning user time.

2.  Within the 3 tiers of the DoD CERT, what is generated when new vulnerabilities exist but are generally categorized as low risk?

     a.  IAVA
     b.  DCTA
     c.  IAVB
     d.  TCNO

3.  What action represents one of the greatest vulnerabilities to internal networks?

     a.  Network-connected desktop systems with modems that make calls to the public-switched network
     b.  Personnel that continue to misuse the network by surfing the web.
     c.  Access to the network through backdoors left by system administrators.
     d.  Network-connected desktop systems with modems that make calls to and accept calls from the public-switched network

4.  When a trigger point in HP Open View is reached, what is generated?

     a.  Fault
     b.  Event
     c.  Error
     d.  Report

5.  What do we call the core set of software instructions contained in operating systems on which the higher-level functions are based?

     a.  BOOT.IOS.
     b.  ROOT.SYS.
     c.  System Kernel.
     d.  Boot Kernel.

6.  Recertification/Accreditation on systems with no changes to the baseline are accomplished at a maximum of

     a.  36 months.
     b.  24 months
     c.  60 months
     d.  48 months

7.  What is the first logical step in network troubleshooting?

     a.  Create a plan of action
     b.  Consider the possibilities
     c.  Define the main problem.
     d.  Gather facts.

8.  When a volume is formatted with NTFS, what group is automatically assigned full control permission to the volume?

     a.  Local group
     b.  Everyone group.
     c.  Built-in group.
     d.  Global group.

9.  How many seconds is the default time set to for the BOOT.INI file to wait before loading the default operating system?

     a.  40
     b.  10
     c.  20
     d.  30

10.  What provides information concerning the network utilization and frame errors that are related to a specific protocol?

       a.  Protocol statistics.
       b.  Connection statistics
       c.  Node discovery.
       d.  MAC node statistics.

11.  What area of the simple network management protocol (SNMP) tree structure is reserved for vendors-related label and leaf objects associated with specific manufactured equipment?

       a.  Mgmt
       b.  Private
       c.  Directory
       d.  Experimental

12.  What automatically runs in the background when the protocol analyzer application is activated?

       a.  MAC node statistics
       b.  Protocol statistics.
       c.  Node discovery.
       d.  Connection statistics

13.  An administrator would normally allocate more file space to users maintaining

       a.  Excel spreadsheets
       b.  Word templates
       c.  PowerPoint files.
       d.  Databases

14.  What provides information concerning the bandwidth utilization and the number of connections that are related to specific nodes?

       a.  Node discovery.
       b.  MAC node statistics
       c.  Protocol statistics
       d.  Connection statistics.

15.  What troubleshooting device physically connects the transmit pins to the receive pins to test a network device?

       a.  Bit error rate tester.
       b.  Network Sniffer.
       c.  Protocol analyzer
       d.  Loopback plug

16.  Areas of consideration for network planning include the

       a.  licensing mode
       b.  frequency of message traffic.
       c.  TCNO
       d.  computer Security Assistance Program

17.  What SNMP node is responsible for monitoring, collecting and reporting management data to the management system?

       a.  Primary domain Controller
       b.  Agent
       c.  Backup Domain Controller
       d.  Manager

18.  What protocol's primary use is to obtain connectivity to the large base of Novell NetWare clients

       a.  Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX)
       b.  Data Link Control (DLC) Protocol
       c.  Transfer Control Protocol/Internet Protocol (TCP/IP)
       d.  NetBIOS Extended User Interface (NetBEUI)

19.  What Unix line command is used to manually collect interface statistics on a particular network node?

       a.  rnetstat
       b.  ping
       c.  netstat
       d.  Sniff

20.  What diagnostic command shows if it connected to the distant end?

       a.  Ping
       b.  TRACERT
       c.  ipconfg.
       d.  winipcfg.

21.  What type of network server is dedicated to an intensive application or database

       a.  Member servers
       b.  Primary domain controller
       c.  Stand-alone servers
       d.  Backup domain controller

22.  Who is responsible for disseminating computer threat advisories in the form of TCNOs to Air Force units worldwide?

       a.  HQ AFCA.
       b.  AFCERT
       c.  HQ AIA.
       d.  HQ AIA.

23.  What is the first function that initiates when a machine is turned on?

       a.  BOOT.INI file
       b.  Micro-diagnostics check
       c.  Driver diagnostics check
       d.  Power-on self test.

24.  What is one of the most common types of hardware devices used for network troubleshooting?

       a.  Network Sniffer
       b.  Loopback plug.
       c.  Protocol analyzer.
       d.  Bit error rate tester.

25.  Who must approve all information protection tools prior to their use?

       a.  AFCERT
       b.  DISA
       c.  AFCA
       d.  HQ USAF

26.  What type of group has a wide set of predetermined functions plus rights and permissions already assigned to support those functions?

       a.  Built-in groups
       b.  Local groups
       c.  System groups
       d.  Global groups

27.  Where are global group profiles maintained?

       a.  Primary domain controller
       b.  Backup domain controller
       c.  Member servers
       d.  Stand-alone servers

28.  What device provides a capability for digital network diagnostics and developing communications software?

       a.  Protocol analyzer.
       b.  Network Root router.
       c.  Windows NT Advanced server.
       d.  Hewlett Packard OpenView.

29.  What function checks for damaged frames by recalculating the 32-bit Cyclic Redundancy Check of the received frame and comparing it to the received 32-bit Cyclic Redundancy Check in the Frame Check Sequence field?

       a.  Media access control frame.
       b.  Network interface card.
       c.  Transport layer of the OSI reference model
       d.  Session layer of the OSI reference model

30.  What network function identifies the security events that administrators may want to track on a server?

       a.  Audit policies
       b.  System policies.
       c.  User rights policies
       d.  Account policies

31.  What guides the creation of a new user account on a base network?

       a.  Local unit instructions
       b.  Air Force instructions.
       c.  Base operating instructions.
       d.  MAJCOM network instructions

32.  What is used to verify the level of availability an individual has to the resource

       a.  Rights.
       b.  Access control lists.
       c.  Permissions
       d.  Hardware configuration.

33.  What network policy is a combination of user and computer settings that control a user's working environment?

       a.  User rights policies
       b.  Audit policies
       c.  Account policies
       d.  System policies

34.  What is one of the most important parts of security in DMS?

       a.  User-ID & passwords.
       b.  Private keys.
       c.  Fortezza card
       d.  Specific Algorithm encryption.

35.  What are the two basic ways network faults can be detected?

       a.  Reactively and proactively
       b.  Automatically and proactively
       c.  Reactively and manually
       d.  Manually and automatically

36.  After the system completes the Power-on self-test, what happens next?

       a.  A micro-diagnostics check.
       b.  The driver.sys file is read and loaded into the WINNT_ROOT directory
       c.  The operating system is loaded
       d.  The Master Boot Record is loaded and executed

37.  What protocol enables virtual private networks to exist over the Internet?

       a.  Point-to-Point Tunneling Protocol (PPTP)
       b.  NetBIOS Extended User Interface (NetBEUI)
       c.  Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX).
       d.  Transfer Control Protocol/Internet Protocol (TCP/IP).

38.  What are the most common, immediate, and service-affecting types of faults?

       a.  Failed services and broken network connection
       b.  Broken network connections and used up bandwidth.
       c.  Used up bandwidth and devices that have lost power
       d.  Devices that have lost power and broken network connections.

39.  In what step of the Barrier Reef process do you map your network topology (both the physical and the logical)?

       a.  Determine requirements.
       b.  Know thyself
       c.  Network monitoring.
       d.  Policy formation.

40.  What is a hierarchical, structured format that defines the network management information available from network devices?

       a.  Object identifier
       b.  Management Information Base
       c.  Network device map
       d.  Network protocol list

41.  What action does an administrator accomplish to create a new network policy?

       a.  Creates a new policy using the create.exe command
       b.  Saves the changes to a default policy under a different name
       c.  Saves the changes to a default policy then renames it.
       d.  Copies the default policy to a new name and then makes changes to it

42.  What type of TCNO requires immediate attention from all agencies and identifies vulnerabilities being actively used to gain unauthorized access to DoD systems?

       a.  Emergency.
       b.  Urgent
       c.  Immediate
       d.  Routine

43.  What network architecture uses multiple systems for network management, with one system acting as a central server and the others working as clients?

       a.  Hierarchical
       b.  Centralized
       c.  Hybrid
       d.  Distributed

44.  Within the 3 tiers of the DoD CERT, what tier addresses new vulnerabilities that do not pose an immediate threat to DoD systems, but are significant enough that noncompliance with the corrective action could escalate the threat

       a.  IAVA
       b.  IAVB
       c.  DCTA
       d.  TCNO

45.  In what Windows NT System directory is the profiles directory located?

       a.  MS_ROOT.
       b.  WINNT_ROOT
       c.  MS_ADMIN
       d.  WTNNT_ADMIN.

46.  What operational SNMP message is an unsolicited message from an agent to the manager?

       a.  Trap
       b.  Get
       c.  GetNext
       d.  Set

47.  Most bases require a network password to be at least how many characters long?

       a.  9
       b.  6
       c.  7
       d.  8

48.  What are network attacks that bypass the firewall?

       a.  Identification spoofing and tunneling.
       b.  Tunneling and application-based attacks.
       c.  Second message encryption and identification spoofing
       d.  Application-based attacks and second message encryption

49.  What do we call frames that consist of garbled bits of data that are transmitted continuously on the network?

       a.  Dribbles
       b.  Jabbers
       c.  Collision
       d.  network storm

50.  What alarm browser category indicates if an alarm is related to other alarms?

       a.  Cor
       b.  Ack.
       c.  Severity
       d.  Source

51.  What is the only approved method for sanitizing magnetic media?

       a.  Overwriting.
       b.  Degaussing.
       c.  Formatting.
       d.  Deleting.

52.  What type of user profile is specified within the User Manager for Domains environment profile settings and is downloaded from the server every time the user logs in?

       a.  Local profiles
       b.  User profiles
       c.  Roaming profiles
       d.  Default profiles

53.  When accessing devices through the Network Management System, what community string gives you the ability to change the device settings?

       a.  read-write
       b.  Get
       c.  read-only
       d.  Set

54.  What is an indication that a noteworthy event has occurred on the network?

       a.  Fault
       b.  Alarm.
       c.  Event
       d.  Notification

55.  Network management protocols are designed (in most cases) to reside above what layer of the OSI model?

       a.  Transport
       b.  Session
       c.  Presentation
       d.  Application

56.  What network protocol is typically used in small local area network (LAN) implementations of 50 nodes or less

       a.  Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX)
       b.  Data Link Control (DLC) Protocol
       c.  Transfer Control Protocol/Internet Protocol (TCP/IP)
       d.  NetBIOS Extended User Interface (NetBEUI)

57.  How many bytes does the minimum packet size for the IP protocol contain

       a.  64
       b.  28
       c.  128
       d.  256

58.  We can break performance management into what two separate functional categories?

       a.  Analyzing and tuning
       b.  Monitoring and analyzing
       c.  Monitoring and replacing.
       d.  Monitoring and tuning

59.  In the Windows NT server operating system, what function controls features such as desktop colors and settings, program group, start menu settings, and network connections?

       a.  Local profiles
       b.  User profiles
       c.  Default profiles
       d.  Roaming profiles

60.  How many different categories of information does the performance monitor provide you about your network?

       a.  21
       b.  7
       c.  19
       d.  14

61.  What network protocol is used for network connection to Hewlett Packard network printers

       a.  Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX)
       b.  NetBIOS Extended User Interface (NetBEUI)
       c.  Transfer Control Protocol/Internet Protocol (TCP/IP)
       d.  Data Link Control (DLC) Protocol

62.  What IP address is used to Ping a computer's own NIC?


63.  What type of firewall consists of a screening router and a set of rules that accept or reject a message based on information in the message's header (a packet): the source address, the destination address, and the port?

       a.  Bastion host.
       b.  Proxy.
       c.  Packet filtering.
       d.  Intrusion detection

64.  Ideally, the average network utilization value should be less than

       a.  25 percent
       b.  20 percent
       c.  30 percent
       d.  40 percent

65.  The simplest and least expensive way to stop inappropriate network addresses we call

       a.  packet filtering.
       b.  proxy.
       c.  intrusion detection.
       d.  bastion host.

66.  When a new folder or file is created on an NTFS partition, what permissions are automatically assigned?

       a.  Inherited permissions of the folder in which it's contained
       b.  Global group permissions
       c.  No permissions are automatically assigned
       d.  Everyone group permission.

67.  During the initial logon, what type of profile does the Windows NT server operating system use to create the local profile for that machine

       a.  Local profiles
       b.  User profiles
       c.  Default profiles
       d.  Roaming profiles

68.  If a user has a password that is LMac15)) when logging into a Windows NT LAN, which of the following must that individual use?

       a.  lmAC15))
       b.  lmac15))
       c.  LMac15))
       d.  lMaC15))

69.  Who is the IAVA process manager?

       a.  AFCERT.
       b.  DoD CERT.
       c.  DISA
       d.  HQ AIA.

70.  What Windows NT line command is used to manually collect interface statistics on a particular network node?

       a.  Sniff
       b.  Ping
       c.  netstat.
       d.  metstat.

71.  What is the round-trip delay for each node usually indicated in?

       a.  Milliseconds.
       b.  Seconds.
       c.  Microseconds.
       d.  Picoseconds

72.  What type of network errors do jabbers usually cause?

       a.  High utilization and inability to transmit.
       b.  Collisions and inability to transmit.
       c.  High utilization and collisions
       d.  Repeat transmissions and inability to transmit

73.  What color does the Network Management System display when a network object may face A potential problem?

       a.  Blue
       b.  Yellow
       c.  Cyan
       d.  Red

74.  Why do you troubleshoot only one possibility of a problem at a time?

       a.  For better documentation development
       b.  Isolate a definite cause if the action fixes the problem
       c.  To effectively eliminate ideas not the problem.
       d.  To ensure all personnel are informed of the results

75.  What network architecture has a network management platform on one computer system at a location that is responsible for all network management duties?

       a.  Hybrid
       b.  Hierarchical
       c.  Distributed
       d.  Centralized

76.  In the event that the PDC is no longer functioning, what action is taken to make the BDC take over the responsibility

       a.  No action is required
       b.  The BDC is promoted to the PDC position
       c.  The IP address of the BDC is changed to the IP address of the PDC
       d.  The logical name of the BDC is changed to the logical name of the PDC

77.  What file system mandates the 8.3 (filename.ext) naming restriction be utilized when naming a file

       a.  Unix File System
       b.  File Allocation Table
       c.  File Technologies System
       d.  New Technologies File System

78.  What do we define as the capabilities, intentions, and attack methods of adversaries to exploit, or any circumstance or event with the potential to cause harm to information or an information system?

       a.  Event
       b.  Threat.
       c.  Intrusion
       d.  Suspected intrusion

79.  What standard is utilized by the DMS for directory services?

       a.  X.500.
       b.  TCP/IP
       c.  X.400.
       d.  SMTP.

80.  Within the 3 tiers of the DoD CERT, what tier documents a new vulnerability that poses an immediate, potentially severe threat to DoD systems

       a.  IAVB
       b.  IAVA
       c.  DCTA
       d.  TCNO

81.  What is the classification of sanitized storage media unless prohibited by other policies?

       a.  Sensitive
       b.  Unclassified.
       c.  Secret.
       d.  FOUO

82.  What operational SNMP message is used to modify the value of one or more instances of management information?

       a.  Set
       b.  Get
       c.  GetNext
       d.  Trap

83.  What action identifies options for minimizing the effects of detected or predicted faults?

       a.  Fault correction
       b.  Fault diagnosis.
       c.  Fault detection.
       d.  Documentation

84.  What standard is utilized by the DMS for messaging services?

       a.  X.500.
       b.  TCP/IP.
       c.  SMTP.
       d.  X.400

85.  Within how many bytes of transmission should a network interface card sense a collision and stop transmitting?

       a.  48
       b.  24
       c.  128
       d.  64

86.  What form do we use to annotate storage media has been sanitized?

       a.  Standard Form 712.
       b.  Standard Form 700.
       c.  Standard Form 701.
       d.  Standard Form 711.

87.  What is the preferred method of sanitizing magnetic tapes?

       a.  Degaussing.
       b.  Overwriting
       c.  Deleting
       d.  Formatting

88.  What software program protects classified data by erasing it from the disk so that it is unrecoverable?

       a.  WIPEINFO
       b.  DELETEINFO.
       c.  DELETEDATA.
       d.  WIPEDATA.

89.  Over 60 percent of all network problems occur at what layers of the OSI reference model?

       a.  Data link and physical.
       b.  Data link and session.
       c.  Session and media access control.
       d.  Physical and transport

90.  What color does the Network Management System display when a network object is not functioning?

       a.  Red
       b.  Yellow
       c.  Blue
       d.  Cyan

91.  Gathering information about current network device settings is a step of what functional network management area?

       a.  Accounting management
       b.  Performance management
       c.  Configuration management
       d.  Security management

92.  When bits are missing in one or more octets in a frame, what type of error occurs?

       a.  Collisions.
       b.  Frame check sequence
       c.  Retransmission.
       d.  Alignment

93.  What is the process of analyzing threats against and vulnerabilities of an information system?

       a.  Authentication.
       b.  Risk analysis.
       c.  Accreditation
       d.  Certification.

94.  A feature of networking that enables individuals to designate resources they want other users to be able to access through the network we call

       a.  rights.
       b.  sharing.
       c.  permissions.
       d.  access control lists.

95.  In what step of the Barrier Reef process do you start a Base Network Steering Group?

       a.  Know thyself.
       b.  Network monitoring.
       c.  Policy formation.
       d.  Determine requirements

96.  Which function of performance management tracks historical data by tracking activities on the network?

       a.  Monitoring
       b.  Analyzing
       c.  Tuning
       d.  Gathering

97.  Why is a user required to change their password upon logging onto the network for the first time?

       a.  To ensure they understand how to create a password.
       b.  To make sure they understand how to create a password
       c.  To ensure they don't use the network default password
       d.  To ensure the integrity of their unique password

98.  What is one way to increase file server efficiency?

       a.  Reducing the file space per user
       b.  Reducing the hours of use of less important users
       c.  Reducing the available hours of use
       d.  Regularly running defragmentation software.

99.  What type of groups do not have any inherent permissions by default?

       a.  Global groups
       b.  Local groups.
       c.  Built-in groups
       d.  System groups

100.  What are three classic ways to authenticate oneself?

          a.  Something you know, have, or something you are.
          b.  Finger and voiceprints, or retinal scans
          c.  Passwords, Fortezza cards, identification cards.
          d.  Passwords, fingerprints, identification cards

101.  What network device performs rigorous examinations of systems to identify weaknesses that might allow security violations?

          a.  Firewalls
          b.  Network management software
          c.  Intrusion detection devices.
          d.  Vulnerability scanners

102.  What diagnostics command is used exclusively on Windows machines?

          a.  ipconfg.
          b.  TRACERT.
          c.  Tcpconfg.
          d.  winipcfg.

103.  What is at the very core of the Barrier Reef process?

          a.  Firewall configurations.
          b.  Access control lists.
          c.  Base network security policy.
          d.  Network security training and education.

104.  What do you do after you gather all the facts about a network problem?

          a.  Define the main problem.
          b.  Consider the possibilities
          c.  Create a plan of action
          d.  Implement the plan

105.  What type of firewall generates audit trails of all network-related activity for monitoring and intrusion detection purposes?

          a.  Bastion host
          b.  Intrusion detection
          c.  Proxy.
          d.  Packet filtering.

106.  What policies allow administrators to control security settings for user accounts?

          a.  Account policies
          b.  Audit policies
          c.  User rights policies
          d.  System policies.

107.  What is defined as a bundle of application software designed to significantly improve network efficiency and productivity?

          a.  Network management server
          b.  Fault management server
          c.  Performance management server
          d.  Security management server

108.  What phase of the DoD Information Technology Scurity Certification & Accreditation Process process gathers data about the system to analyze?

          a.  Validation.
          b.  Definition
          c.  Verification.
          d.  Post accreditation.

109.  What diagnostics command is used exclusively on Windows NT machines?

          a.  Ping
          b.  TRACERT
          c.  Winipcfg
          d.  Ipconfg

110.  What type of network problem(s) is caused by collisions on the domain?

          a.  Jabbers only
          b.  High utilization or jabbers
          c.  Inability to transmit
          d.  High utilization only

111.  What is a measure used to verify the eligibility of a subject and the ability of the subject to access certain information?

          a.  Authentication
          b.  Recertification.
          c.  Identification
          d.  Accreditation

112.  What types of statistics does the HP Open View interface traffic graph display?

          a.  Packets and errors received only.
          b.  Packets transmitted and received only.
          c.  Errors transmitted and received only.
          d.  Packets and errors transmitted and received

113.  What is one of the greatest downfalls of personnel who must work together to troubleshoot a network problem?

          a.  Failure to interview the users
          b.  Lack of communication during the troubleshooting process
          c.  Troubleshooting multiple possibilities at one time.
          d.  Failure to accurately observe and thoroughly document the results of their individual efforts

114.  What usually has the most significance when determining the amount of space and access time user are given on a file server?

          a.  Rank only
          b.  Job position only
          c.  Rank and job position
          d.  Job position and duty hours.

115.  What is the correct makeup of an Air Force network password

          a.  Upper and lowercase letters and special characters
          b.  Upper and lowercase letters and numbers
          c.  Upper case letters, numbers and special characters.
          d.  Upper and lowercase letters, numbers and special characters

116.  What is a web-based process that incorporates identification and evaluation of new vulnerabilities disseminates technical responses and tracks compliance within the DoD community?

          a.  AFCERT.
          b.  DoD CERT.
          c.  IAVA
          d.  TCNO

117.  What diagnostics test is usually run on an NIC to ensure it is functional?

          a.  CTS/RTS
          b.  Loopback.
          c.  Transmission trace
          d.  Self test diagnostic

118.  What is required for Windows NT to run on most systems

          a.  BOOT.INI and NTBOTDD.SYS
          b.  NTBOOTDD.SYS, and BOOTSECT.DOS.
          d.  BOOT.INI and NTDETECT.COM.

119.  What network devices act as electronic "gate guards," inspecting traffic and allowing only authorized traffic to enter the base local area network?

          a.  Firewalls only.
          b.  Access control lists.
          c.  Proxy servers only.
          d.  Proxy servers and firewalls.

120.  What reports errors that occur at the physical layer such as bad FCS, short frames, and jabbers?

          a.  Node discovery
          b.  Connection statistics
          c.  Protocol statistics.
          d.  MAC node statistics

121.  What level of network management activity are you working at when, as the network manager, you are monitoring and troubleshooting components to eliminate the side-effect alarms and isolate problems to a root cause?

          a.  Reactive
          b.  Inactive
          c.  Interactive
          d.  Proactive

122.  You can find the round-trip delay between a source and target node by using the utilities

          a.  Send and Trace.
          b.  Ping and Echo.
          c.  Echo and Send
          d.  Ping and Trace.

123.  What operational SNMP message is used to retrieve multiple pieces of information with minimal overhead?

          a.  GetNext
          b.  Get
          c.  Trap
          d.  Set

124.  What is the first question "network experts" ask when they begin to troubleshoot a network problem?

          a.  What is the size of the network?
          b.  Where is the network map?
          c.  Who are the critical users?
          d.  What services are down?

Click here for Answers

Click here to submit your information.
  Send a Comment and/or Suggestion

Page Added on: 17 January 2006

Copyright 2005 AFMENTOR. All rights reserved.
Revised: 02/27/06.