CYBER SECURITY
FUNDAMENTALS 2026 WITH
CORRECT VERIFIED ANSWERS
ALREADY GRADED A+
What does LAMP stands for - ANSWER --Linux , Apache, My SQL and PHP
Cybersecurity is not a holistic program to manage Information Technology related security risk -
ANSWER --False
A security plan is to provide an overview of the security requirements of the system and
describe the controls in place or planned for meeting those requirements - ANSWER --
True
Access Control - ANSWER --controlling access to resources on a computer or network
system.
MAC - ANSWER --Mandatory Access Control (MAC) models, the administrator manages
access controls. The administrator defines a policy, which users cannot modify. For highest
confidentiality.
DAC - ANSWER --Discretionary Access Control (DAC). A subject has complete control over
the objects that it owns and the programs that it executes. Programs executed by a user will
have the same permissions as the user who is executing it.
,RBAC - ANSWER --In Role Based Access Control models, an administrator defines a series
of roles and assigns them to subjects. Different roles can exist for system processes and ordinary
users. Objects are set to be a certain type, to which subjects with a certain role have access.
RB-RBAC - ANSWER --Rule-Based Access Control. Dynamically assigns roles to subjects
based on their attributes and a set of rules defined by a security policy.
Identification - ANSWER --Telling the system who you are
What is a hash function - ANSWER --A fixed-length string of numbers and letters
generated from a mathematical algorithm and an arbitrarily sized message such as an email,
document, picture or other type of data.
How can I protect myself against fake antiviruses - ANSWER --All
A Botnet is a term derived from the idea of bot networks In its most basic form, a bot is simply
an automated computer program, or robot - ANSWER --True
How often do all cybersecurity workforce personnel take the Cybersecurity Fundamental
training IAW DA PAM 25-2-6 - ANSWER --Every 3 years
In accordance with AR 25-2, whose responsibility is it to ensure all users receive initial and
annual IA awareness training? - ANSWER --IASO
Authentication - ANSWER --Process of proving to a system that you are who you say you
are.
Something you know (i.e. a username and password).
, Something you have (i.e. a smartcard)
Something you are (i.e. your finger print, hand writing, voice pattern)
Multi-factor authentication = two or more authentication methods used in conjunction
Password guessing/Brute-force attacks - ANSWER --Password checker tries the password
until it succeeds.
Password aging - ANSWER --As a password gets older there's an increased chance of it
getting disclosed.
Cognitive passwords - ANSWER --Your mother's last name, 'matrix' or 'qwerty'. When a
person or password checker tries to guess the password, it will typically start with common
words.
Mutual authentication - ANSWER --A client authenticates to a service, and the service
authenticates to the client, before any application traffic is exchanged. Can be implemented
using simple authentication protocols or more advanced solutions such as Kerberos, commonly
found in SSL (Secure Socket Layer) connections.
Biometrics - ANSWER --Very secure type of authentication that uses anatomical and
physiological characteristics to authenticate a user, "something you are." Requires a lot of
storage, processing power, and appropriate conditions.
Ex: Finger print, voice, palm, retina, iris, facial, etc.
Tokens - ANSWER --Software tokens are generated by the authenticating system when a
user logs on successfully, provide access to resources.
Hardware tokens, magnetic-strip cards and USB devices, contain a symmetric key that is used
for one-way hashing of a pin code or time stamp.
FUNDAMENTALS 2026 WITH
CORRECT VERIFIED ANSWERS
ALREADY GRADED A+
What does LAMP stands for - ANSWER --Linux , Apache, My SQL and PHP
Cybersecurity is not a holistic program to manage Information Technology related security risk -
ANSWER --False
A security plan is to provide an overview of the security requirements of the system and
describe the controls in place or planned for meeting those requirements - ANSWER --
True
Access Control - ANSWER --controlling access to resources on a computer or network
system.
MAC - ANSWER --Mandatory Access Control (MAC) models, the administrator manages
access controls. The administrator defines a policy, which users cannot modify. For highest
confidentiality.
DAC - ANSWER --Discretionary Access Control (DAC). A subject has complete control over
the objects that it owns and the programs that it executes. Programs executed by a user will
have the same permissions as the user who is executing it.
,RBAC - ANSWER --In Role Based Access Control models, an administrator defines a series
of roles and assigns them to subjects. Different roles can exist for system processes and ordinary
users. Objects are set to be a certain type, to which subjects with a certain role have access.
RB-RBAC - ANSWER --Rule-Based Access Control. Dynamically assigns roles to subjects
based on their attributes and a set of rules defined by a security policy.
Identification - ANSWER --Telling the system who you are
What is a hash function - ANSWER --A fixed-length string of numbers and letters
generated from a mathematical algorithm and an arbitrarily sized message such as an email,
document, picture or other type of data.
How can I protect myself against fake antiviruses - ANSWER --All
A Botnet is a term derived from the idea of bot networks In its most basic form, a bot is simply
an automated computer program, or robot - ANSWER --True
How often do all cybersecurity workforce personnel take the Cybersecurity Fundamental
training IAW DA PAM 25-2-6 - ANSWER --Every 3 years
In accordance with AR 25-2, whose responsibility is it to ensure all users receive initial and
annual IA awareness training? - ANSWER --IASO
Authentication - ANSWER --Process of proving to a system that you are who you say you
are.
Something you know (i.e. a username and password).
, Something you have (i.e. a smartcard)
Something you are (i.e. your finger print, hand writing, voice pattern)
Multi-factor authentication = two or more authentication methods used in conjunction
Password guessing/Brute-force attacks - ANSWER --Password checker tries the password
until it succeeds.
Password aging - ANSWER --As a password gets older there's an increased chance of it
getting disclosed.
Cognitive passwords - ANSWER --Your mother's last name, 'matrix' or 'qwerty'. When a
person or password checker tries to guess the password, it will typically start with common
words.
Mutual authentication - ANSWER --A client authenticates to a service, and the service
authenticates to the client, before any application traffic is exchanged. Can be implemented
using simple authentication protocols or more advanced solutions such as Kerberos, commonly
found in SSL (Secure Socket Layer) connections.
Biometrics - ANSWER --Very secure type of authentication that uses anatomical and
physiological characteristics to authenticate a user, "something you are." Requires a lot of
storage, processing power, and appropriate conditions.
Ex: Finger print, voice, palm, retina, iris, facial, etc.
Tokens - ANSWER --Software tokens are generated by the authenticating system when a
user logs on successfully, provide access to resources.
Hardware tokens, magnetic-strip cards and USB devices, contain a symmetric key that is used
for one-way hashing of a pin code or time stamp.
