Quiz-summary
0 of 20 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
Information
Premium Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 20 questions answered correctly
Your time:
Time has elapsed
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- Answered
- Review
-
Question 1 of 20
1. Question
A United States intelligence analyst identifies a pattern of procurement involving high-strength aluminum tubes and specialized vacuum pumps by a shell company in a third-party jurisdiction. The analyst must determine if these activities indicate a clandestine nuclear enrichment program. Which analytical methodology is most appropriate for validating this threat while adhering to United States intelligence standards?
Correct
Correct: Utilizing an all-source intelligence approach ensures that technical, financial, and human intelligence are synthesized to provide a comprehensive assessment. This method aligns with United States Intelligence Community Directive 203 standards by reducing the risk of analytical bias and ensuring that dual-use items are evaluated within the context of the actor’s broader strategic intent.
Incorrect
Correct: Utilizing an all-source intelligence approach ensures that technical, financial, and human intelligence are synthesized to provide a comprehensive assessment. This method aligns with United States Intelligence Community Directive 203 standards by reducing the risk of analytical bias and ensuring that dual-use items are evaluated within the context of the actor’s broader strategic intent.
-
Question 2 of 20
2. Question
A senior security analyst at a major United States financial institution is reviewing the organization’s alignment with the Cybersecurity and Infrastructure Security Agency (CISA) guidelines for critical infrastructure protection. Following a recent alert regarding sophisticated persistent threats targeting the financial services sector, the analyst must prioritize a strategy that addresses both systemic resilience and inter-sector dependencies. Which approach best reflects the integration of threat intelligence into a comprehensive critical infrastructure protection strategy for this institution?
Correct
Correct: The correct approach involves leveraging Automated Indicator Sharing (AIS) and cross-sector collaboration because United States critical infrastructure is highly interdependent. By correlating threats across the energy and telecommunications sectors, a financial institution can anticipate cascading failures and multi-vector attacks that might originate outside their immediate network but impact their operational viability.
Incorrect: Focusing only on internal perimeters fails to address the interconnected nature of modern infrastructure and the risks posed by third-party service providers. The strategy of encrypting data without considering operational impact can lead to significant availability issues, which undermines the resilience requirements of critical systems. Opting for annual penetration testing is insufficient because it provides only a static, point-in-time view of security, failing to account for the rapidly evolving tactics of advanced persistent threats.
Takeaway: Effective infrastructure protection requires proactive, cross-sector intelligence sharing to mitigate cascading risks from interdependent systems.
Incorrect
Correct: The correct approach involves leveraging Automated Indicator Sharing (AIS) and cross-sector collaboration because United States critical infrastructure is highly interdependent. By correlating threats across the energy and telecommunications sectors, a financial institution can anticipate cascading failures and multi-vector attacks that might originate outside their immediate network but impact their operational viability.
Incorrect: Focusing only on internal perimeters fails to address the interconnected nature of modern infrastructure and the risks posed by third-party service providers. The strategy of encrypting data without considering operational impact can lead to significant availability issues, which undermines the resilience requirements of critical systems. Opting for annual penetration testing is insufficient because it provides only a static, point-in-time view of security, failing to account for the rapidly evolving tactics of advanced persistent threats.
Takeaway: Effective infrastructure protection requires proactive, cross-sector intelligence sharing to mitigate cascading risks from interdependent systems.
-
Question 3 of 20
3. Question
A compliance officer at a United States intelligence agency is conducting a periodic review of electronic surveillance records. The audit focuses on activities conducted under Section 702 of the Foreign Intelligence Surveillance Act (FISA) to ensure adherence to statutory targeting limitations. The officer identifies a case where a target’s location became uncertain during the collection period. According to the legal framework established by FISA Section 702, which requirement must the agency satisfy regarding the location of the target?
Correct
Correct: Section 702 of the Foreign Intelligence Surveillance Act (FISA) authorizes the targeting of non-U.S. persons reasonably believed to be located outside the U.S. to acquire foreign intelligence information.
Incorrect
Correct: Section 702 of the Foreign Intelligence Surveillance Act (FISA) authorizes the targeting of non-U.S. persons reasonably believed to be located outside the U.S. to acquire foreign intelligence information.
-
Question 4 of 20
4. Question
A senior intelligence analyst at a U.S. federal intelligence agency is investigating a suspected foreign influence operation targeting the U.S. financial sector. The campaign utilizes gray propaganda, where legitimate news stories are stripped of context and amplified by automated accounts to create a false sense of consensus. To provide a high-confidence attribution to a specific foreign intelligence service, which methodology should the analyst prioritize?
Correct
Correct: Attribution in the U.S. intelligence community relies on all-source analysis, combining technical indicators like infrastructure signatures with behavioral analysis of narrative synchronization to link activities to known foreign threat actor tactics.
Incorrect
Correct: Attribution in the U.S. intelligence community relies on all-source analysis, combining technical indicators like infrastructure signatures with behavioral analysis of narrative synchronization to link activities to known foreign threat actor tactics.
-
Question 5 of 20
5. Question
As a senior analyst within the United States intelligence community, you are evaluating a sudden shift in a foreign nation’s policy regarding the export of high-capacity semiconductors. This policy change coincides with a 15% increase in intercepted communications suggesting a realignment of that nation’s military procurement strategy. You must determine the national security implications of this shift for US defense supply chains. Which analytical approach provides the most comprehensive assessment of this foreign policy change?
Correct
Correct: In the context of US national security, effective analysis requires integrating high-level foreign policy shifts with tactical data points. This holistic approach allows analysts to identify ‘economic statecraft,’ where a foreign power uses trade policy as a tool to achieve strategic military or political objectives. By correlating the semiconductor policy with military procurement trends, the analyst can provide actionable intelligence on how these actions specifically threaten the US defense industrial base and technological edge.
Incorrect: The strategy of focusing only on economic impacts for consumer markets fails to address the primary national security concern regarding defense supply chains. Simply conducting a legal verification of the foreign nation’s internal processes provides information on the ‘how’ but neglects the ‘why’ and the resulting threat to US interests. Opting for a reliance on historical trade cycles is insufficient because it ignores the unique geopolitical drivers and the specific increase in military-related indicators that suggest this is not a routine market fluctuation.
Takeaway: National security analysis must integrate foreign policy shifts with tactical indicators to identify strategic threats like economic statecraft against the United States.
Incorrect
Correct: In the context of US national security, effective analysis requires integrating high-level foreign policy shifts with tactical data points. This holistic approach allows analysts to identify ‘economic statecraft,’ where a foreign power uses trade policy as a tool to achieve strategic military or political objectives. By correlating the semiconductor policy with military procurement trends, the analyst can provide actionable intelligence on how these actions specifically threaten the US defense industrial base and technological edge.
Incorrect: The strategy of focusing only on economic impacts for consumer markets fails to address the primary national security concern regarding defense supply chains. Simply conducting a legal verification of the foreign nation’s internal processes provides information on the ‘how’ but neglects the ‘why’ and the resulting threat to US interests. Opting for a reliance on historical trade cycles is insufficient because it ignores the unique geopolitical drivers and the specific increase in military-related indicators that suggest this is not a routine market fluctuation.
Takeaway: National security analysis must integrate foreign policy shifts with tactical indicators to identify strategic threats like economic statecraft against the United States.
-
Question 6 of 20
6. Question
A federal investigator in the United States recovers a mobile device during a counterintelligence operation involving a suspected breach of sensitive government data. The device is placed in a Faraday bag and transported to a secure facility for digital forensic analysis. To ensure the evidence is admissible under the Federal Rules of Evidence, the investigator must initiate a formal chain of custody process. Which procedure is essential for maintaining the integrity of the chain of custody during the transfer of this evidence to the forensic laboratory?
Correct
Correct: In the United States, the Federal Rules of Evidence require a clear, documented trail to prove that evidence has not been tampered with or altered. A proper log must include the identity of every person who handled the evidence and the specific timing of those interactions to ensure the integrity of the evidence from the point of seizure to the courtroom.
Incorrect
Correct: In the United States, the Federal Rules of Evidence require a clear, documented trail to prove that evidence has not been tampered with or altered. A proper log must include the identity of every person who handled the evidence and the specific timing of those interactions to ensure the integrity of the evidence from the point of seizure to the courtroom.
-
Question 7 of 20
7. Question
While serving as a lead intelligence analyst at a federal agency in the United States, you are reviewing a proposal for a long-term electronic surveillance operation targeting a suspected foreign operative residing in Virginia. The operation involves intercepting communications that may include those of United States persons. To ensure the operation adheres to the Foreign Intelligence Surveillance Act (FISA) and constitutional requirements, which step is mandatory before commencing the collection?
Correct
Correct: The Foreign Intelligence Surveillance Act (FISA) mandates that electronic surveillance for foreign intelligence purposes must be authorized by the Foreign Intelligence Surveillance Court (FISC) upon showing probable cause that the target is a foreign power or an agent of a foreign power. This judicial oversight ensures that intelligence activities within the United States comply with Fourth Amendment protections against unreasonable search and seizure.
Incorrect
Correct: The Foreign Intelligence Surveillance Act (FISA) mandates that electronic surveillance for foreign intelligence purposes must be authorized by the Foreign Intelligence Surveillance Court (FISC) upon showing probable cause that the target is a foreign power or an agent of a foreign power. This judicial oversight ensures that intelligence activities within the United States comply with Fourth Amendment protections against unreasonable search and seizure.
-
Question 8 of 20
8. Question
While conducting an analysis of intercepted communications between a foreign intelligence target and an unidentified individual, a United States intelligence analyst determines the individual is a United States person. The communication involves the individual expressing strong political disagreement with current government policies but contains no evidence of criminal intent. What is the most appropriate ethical and legal action for the analyst to take regarding this information?
Correct
Correct: Executive Order 12333 and the Foreign Intelligence Surveillance Act (FISA) require the implementation of minimization procedures to protect the privacy of United States persons. These procedures mandate that information not necessary for foreign intelligence purposes be redacted or masked to prevent the unauthorized collection or dissemination of personal data, especially when it involves protected First Amendment activities like political dissent.
Incorrect: Relying on the retention of full unmasked communications fails to meet the legal requirement for minimization and violates privacy standards for United States persons. The strategy of sharing unredacted transcripts concerning political dissent with domestic law enforcement risks violating First Amendment protections and exceeds the scope of foreign intelligence collection. Choosing to delete the entire communication thread is an inappropriate response that may lead to the loss of valid foreign intelligence data that is otherwise legally obtainable.
Takeaway: Intelligence analysts must use minimization procedures to protect the privacy and constitutional rights of United States persons during foreign intelligence collection.
Incorrect
Correct: Executive Order 12333 and the Foreign Intelligence Surveillance Act (FISA) require the implementation of minimization procedures to protect the privacy of United States persons. These procedures mandate that information not necessary for foreign intelligence purposes be redacted or masked to prevent the unauthorized collection or dissemination of personal data, especially when it involves protected First Amendment activities like political dissent.
Incorrect: Relying on the retention of full unmasked communications fails to meet the legal requirement for minimization and violates privacy standards for United States persons. The strategy of sharing unredacted transcripts concerning political dissent with domestic law enforcement risks violating First Amendment protections and exceeds the scope of foreign intelligence collection. Choosing to delete the entire communication thread is an inappropriate response that may lead to the loss of valid foreign intelligence data that is otherwise legally obtainable.
Takeaway: Intelligence analysts must use minimization procedures to protect the privacy and constitutional rights of United States persons during foreign intelligence collection.
-
Question 9 of 20
9. Question
During a counterintelligence review at a United States federal agency, an analyst notes that a foreign national contacted a known intelligence officer just two days before a sensitive data leak occurred. The analyst concludes that the contact was the primary cause of the leak without further corroborating evidence. Which logical fallacy is the analyst demonstrating?
Correct
Correct: Post hoc ergo propter hoc is the fallacy of assuming that because one event followed another, the first event caused the second. In intelligence and security analysis, temporal sequence is a starting point for investigation but does not constitute proof of causation without further evidence.
Incorrect: The strategy of attacking the character of the foreign national instead of the evidence describes a different analytical failure. Choosing to assume the conclusion is true within the premises of the argument represents a circular logic error. Relying solely on the status of the intelligence officer to validate the claim constitutes an improper appeal to authority.
Takeaway: Professional analysts must distinguish between temporal correlation and actual causation to ensure accurate threat assessments.
Incorrect
Correct: Post hoc ergo propter hoc is the fallacy of assuming that because one event followed another, the first event caused the second. In intelligence and security analysis, temporal sequence is a starting point for investigation but does not constitute proof of causation without further evidence.
Incorrect: The strategy of attacking the character of the foreign national instead of the evidence describes a different analytical failure. Choosing to assume the conclusion is true within the premises of the argument represents a circular logic error. Relying solely on the status of the intelligence officer to validate the claim constitutes an improper appeal to authority.
Takeaway: Professional analysts must distinguish between temporal correlation and actual causation to ensure accurate threat assessments.
-
Question 10 of 20
10. Question
An intelligence analyst at a federal agency in the United States is developing a protocol for using automated data mining tools to monitor public social media platforms for potential domestic threats over a 90-day operational window. The project involves scraping large volumes of publicly accessible user data and associated metadata to identify patterns of radicalization. To ensure the operation remains within the legal boundaries established by the Computer Fraud and Abuse Act (CFAA), the analyst must evaluate the technical implementation of the scraping tool.
Correct
Correct: The Computer Fraud and Abuse Act (CFAA) prohibits unauthorized access to protected computers. Scraping publicly available data is generally legal in the United States. This is true as long as the tool does not bypass technical barriers or authentication gates.
Incorrect
Correct: The Computer Fraud and Abuse Act (CFAA) prohibits unauthorized access to protected computers. Scraping publicly available data is generally legal in the United States. This is true as long as the tool does not bypass technical barriers or authentication gates.
-
Question 11 of 20
11. Question
A specialized unit within a United States federal agency is investigating a potential breach of the Economic Espionage Act involving a defense contractor. The team must monitor a subject suspected of transferring sensitive satellite data to a foreign entity in a high-density urban environment. During the operational briefing, the lead investigator emphasizes the need to detect if the subject is practicing cleansing maneuvers while ensuring the surveillance team remains undetected. Which surveillance configuration is most effective for identifying a subject’s counter-surveillance efforts while minimizing the risk of the operation being compromised?
Correct
Correct: The floating box method is a standard United States intelligence practice that allows for discreet observation from multiple angles. By rotating the lead vehicle and using parallel streets, the team can observe if the subject is performing heat runs or cleansing maneuvers—such as sudden U-turns or circling blocks—without revealing the surveillance operation. This technique provides the flexibility needed in urban environments to maintain coverage while identifying sophisticated counter-surveillance tactics.
Incorrect
Correct: The floating box method is a standard United States intelligence practice that allows for discreet observation from multiple angles. By rotating the lead vehicle and using parallel streets, the team can observe if the subject is performing heat runs or cleansing maneuvers—such as sudden U-turns or circling blocks—without revealing the surveillance operation. This technique provides the flexibility needed in urban environments to maintain coverage while identifying sophisticated counter-surveillance tactics.
-
Question 12 of 20
12. Question
A United States intelligence officer is tasked with assessing the likelihood of a foreign adversary’s intervention in a regional conflict. The available intelligence is a mix of high-confidence satellite imagery showing troop movements and low-confidence human intelligence suggesting those movements are a feint. To adhere to United States analytic standards for decision-making under uncertainty, what is the most appropriate course of action?
Correct
Correct: The Analysis of Competing Hypotheses is a standard technique in the United States Intelligence Community designed to mitigate cognitive biases by systematically weighing all evidence against multiple possible outcomes.
Incorrect
Correct: The Analysis of Competing Hypotheses is a standard technique in the United States Intelligence Community designed to mitigate cognitive biases by systematically weighing all evidence against multiple possible outcomes.
-
Question 13 of 20
13. Question
While serving as a senior analyst within the Office of the Director of National Intelligence (ODNI), you are tasked with evaluating a burgeoning ideological movement in a strategic ally that emphasizes sovereign traditionalism. Over a 24-month period, this movement has increasingly influenced the ally’s stance on multilateral treaties and regional security cooperation. To provide a comprehensive assessment for the President’s Daily Brief (PDB), how should you evaluate the impact of these cultural and ideological factors?
Correct
Correct: Integrating socio-cultural analysis allows analysts to understand how ideological shifts redefine a nation’s perception of its interests. This is critical for predicting changes in strategic behavior that traditional models might miss.
Incorrect
Correct: Integrating socio-cultural analysis allows analysts to understand how ideological shifts redefine a nation’s perception of its interests. This is critical for predicting changes in strategic behavior that traditional models might miss.
-
Question 14 of 20
14. Question
During a strategic review at a federal intelligence fusion center in the United States, analysts identify a trend where radicalized individuals operate without a formal link to established foreign terrorist organizations. These actors utilize online manifestos to align their actions with a broader movement while maintaining operational autonomy. Which concept best characterizes this evolution in terrorist organizational structure?
Correct
Correct: Leaderless resistance is a strategy where small cells or individuals act independently of a central command, relying on a shared ideology to guide their actions. This evolution poses a significant challenge to U.S. domestic security because the lack of a formal hierarchy reduces the number of interceptable communications and organizational footprints.
Incorrect: Focusing on state-sponsored proxy warfare is incorrect because that model requires the backing and direction of a sovereign nation, which is absent in decentralized domestic radicalization. The strategy of hierarchical command-and-control is inaccurate as it describes the rigid, top-down structures of older groups that are increasingly being replaced by fluid networks. Opting for conventional paramilitary insurgency is misplaced because it refers to organized military-style operations aimed at territorial control rather than the clandestine, ideologically-driven acts of modern autonomous actors.
Takeaway: Modern terrorism has shifted toward leaderless resistance, where autonomous actors operate without central coordination, complicating detection and prevention efforts.
Incorrect
Correct: Leaderless resistance is a strategy where small cells or individuals act independently of a central command, relying on a shared ideology to guide their actions. This evolution poses a significant challenge to U.S. domestic security because the lack of a formal hierarchy reduces the number of interceptable communications and organizational footprints.
Incorrect: Focusing on state-sponsored proxy warfare is incorrect because that model requires the backing and direction of a sovereign nation, which is absent in decentralized domestic radicalization. The strategy of hierarchical command-and-control is inaccurate as it describes the rigid, top-down structures of older groups that are increasingly being replaced by fluid networks. Opting for conventional paramilitary insurgency is misplaced because it refers to organized military-style operations aimed at territorial control rather than the clandestine, ideologically-driven acts of modern autonomous actors.
Takeaway: Modern terrorism has shifted toward leaderless resistance, where autonomous actors operate without central coordination, complicating detection and prevention efforts.
-
Question 15 of 20
15. Question
An intelligence analyst is evaluating a domestic extremist group to determine the risk of members transitioning from radical rhetoric to kinetic action. Which analytical approach provides the most comprehensive assessment of the interaction between individual psychology and group dynamics in this context?
Correct
Correct: Evaluating the convergence of personal grievances and group social reinforcement is the most effective method for identifying the pathway to violence. This approach aligns with behavioral analysis standards used by United States federal agencies, which emphasize that radicalization is a dynamic process. By focusing on mobilizing indicators, such as the acquisition of tactical equipment or the sudden abandonment of social ties, analysts can distinguish between protected ideological speech and an actual intent to commit violence.
Incorrect: Relying solely on automated sentiment analysis often results in high false-positive rates because it fails to distinguish between venting and genuine operational intent. Simply conducting demographic profiling is an outdated strategy that ignores the diverse and unique personal paths individuals take toward radicalization. The strategy of focusing on formal hierarchies is frequently ineffective in a modern context where decentralized or leaderless resistance models make public manifestos and official structures unreliable indicators of actual threat levels.
Takeaway: Effective behavioral analysis requires integrating individual psychological drivers with group social dynamics and specific, observable indicators of mobilization toward action.
Incorrect
Correct: Evaluating the convergence of personal grievances and group social reinforcement is the most effective method for identifying the pathway to violence. This approach aligns with behavioral analysis standards used by United States federal agencies, which emphasize that radicalization is a dynamic process. By focusing on mobilizing indicators, such as the acquisition of tactical equipment or the sudden abandonment of social ties, analysts can distinguish between protected ideological speech and an actual intent to commit violence.
Incorrect: Relying solely on automated sentiment analysis often results in high false-positive rates because it fails to distinguish between venting and genuine operational intent. Simply conducting demographic profiling is an outdated strategy that ignores the diverse and unique personal paths individuals take toward radicalization. The strategy of focusing on formal hierarchies is frequently ineffective in a modern context where decentralized or leaderless resistance models make public manifestos and official structures unreliable indicators of actual threat levels.
Takeaway: Effective behavioral analysis requires integrating individual psychological drivers with group social dynamics and specific, observable indicators of mobilization toward action.
-
Question 16 of 20
16. Question
A security lead at a major telecommunications provider in the United States is coordinating with the Cybersecurity and Infrastructure Security Agency (CISA) to enhance sector resilience. Which directive serves as the primary framework for this coordination, establishing the 16 critical infrastructure sectors and designating Sector-Specific Agencies?
Correct
Correct: Presidential Policy Directive 21 (PPD-21) is the central US policy for critical infrastructure security and resilience, defining the 16 sectors and the roles of federal agencies in protecting them.
Incorrect: Relying on the Gramm-Leach-Bliley Act is incorrect because it focuses on financial privacy and data security within the financial services industry. Simply applying the Fair Credit Reporting Act is inappropriate as it regulates the collection and use of consumer credit information. The strategy of using Executive Order 12333 is misplaced because that order governs the conduct of United States intelligence activities rather than the protection of domestic critical infrastructure.
Takeaway: PPD-21 establishes the national framework for US critical infrastructure protection and the designation of Sector-Specific Agencies.
Incorrect
Correct: Presidential Policy Directive 21 (PPD-21) is the central US policy for critical infrastructure security and resilience, defining the 16 sectors and the roles of federal agencies in protecting them.
Incorrect: Relying on the Gramm-Leach-Bliley Act is incorrect because it focuses on financial privacy and data security within the financial services industry. Simply applying the Fair Credit Reporting Act is inappropriate as it regulates the collection and use of consumer credit information. The strategy of using Executive Order 12333 is misplaced because that order governs the conduct of United States intelligence activities rather than the protection of domestic critical infrastructure.
Takeaway: PPD-21 establishes the national framework for US critical infrastructure protection and the designation of Sector-Specific Agencies.
-
Question 17 of 20
17. Question
A forensic investigator at a United States federal agency is tasked with collecting digital evidence from a laptop suspected of containing records of insider trading. To comply with the Federal Rules of Evidence regarding the preservation of electronic information, the investigator must ensure the original data remains completely unaltered during the acquisition process. Which procedure best ensures the integrity and admissibility of this evidence in a federal court?
Correct
Correct: Using a hardware write-blocker prevents any modification to the source media during the imaging process. A bit-stream image captures all data, including unallocated space and deleted files. The SHA-256 hash serves as a unique digital fingerprint to verify that the copy is identical to the original, satisfying United States legal standards for evidence integrity under the Federal Rules of Evidence.
Incorrect: Relying on logical backups fails to capture deleted files or metadata stored in unallocated clusters. Simply documenting system offsets is a secondary step that does not address the primary requirement of data preservation. Choosing to encrypt the original drive is a critical error because it modifies the source data, potentially rendering the evidence inadmissible. Focusing on logical copies rather than bit-level images prevents the recovery of hidden evidence.
Takeaway: Bit-stream imaging combined with cryptographic hashing is the standard for maintaining the integrity of digital evidence in United States legal proceedings.
Incorrect
Correct: Using a hardware write-blocker prevents any modification to the source media during the imaging process. A bit-stream image captures all data, including unallocated space and deleted files. The SHA-256 hash serves as a unique digital fingerprint to verify that the copy is identical to the original, satisfying United States legal standards for evidence integrity under the Federal Rules of Evidence.
Incorrect: Relying on logical backups fails to capture deleted files or metadata stored in unallocated clusters. Simply documenting system offsets is a secondary step that does not address the primary requirement of data preservation. Choosing to encrypt the original drive is a critical error because it modifies the source data, potentially rendering the evidence inadmissible. Focusing on logical copies rather than bit-level images prevents the recovery of hidden evidence.
Takeaway: Bit-stream imaging combined with cryptographic hashing is the standard for maintaining the integrity of digital evidence in United States legal proceedings.
-
Question 18 of 20
18. Question
An intelligence analyst is preparing a formal report for the Office of the Director of National Intelligence (ODNI). When documenting the assessment of a new human source, how should the analyst structure the documentation of source reliability versus information credibility to comply with Intelligence Community Directive (ICD) 203?
Correct
Correct: ICD 203 requires that intelligence products distinguish between the reliability of the source and the credibility of the information to ensure analytic rigor and transparency. This separation allows consumers to understand whether uncertainty arises from the source’s track record or the specific content of the report.
Incorrect
Correct: ICD 203 requires that intelligence products distinguish between the reliability of the source and the credibility of the information to ensure analytic rigor and transparency. This separation allows consumers to understand whether uncertainty arises from the source’s track record or the specific content of the report.
-
Question 19 of 20
19. Question
A senior intelligence analyst is overseeing the integration of a new data analytics platform designed to process signals intelligence (SIGINT) in accordance with United States federal oversight. Which action is most critical for ensuring the platform complies with the Foreign Intelligence Surveillance Act (FISA) and Section 702 requirements regarding information management?
Correct
Correct: Under FISA Section 702, agencies must follow court-approved minimization procedures. These procedures are designed to protect the privacy of U.S. persons by ensuring that information about them is not improperly collected, kept, or shared.
Incorrect
Correct: Under FISA Section 702, agencies must follow court-approved minimization procedures. These procedures are designed to protect the privacy of U.S. persons by ensuring that information about them is not improperly collected, kept, or shared.
-
Question 20 of 20
20. Question
A senior technical officer at a United States intelligence agency is tasked with hardening the network architecture against sophisticated man-in-the-middle attacks targeting DNS resolution. The agency must adhere to the Federal Information Security Modernization Act (FISMA) requirements for protecting high-impact systems. Which protocol implementation provides the most effective mechanism for ensuring that DNS responses are authentic and have not been modified by an unauthorized third party?
Correct
Correct: DNSSEC provides a suite of extensions that add security to the DNS protocol by enabling DNS responses to be cryptographically validated. By using digital signatures, the resolver can confirm that the data received is identical to the data published by the zone owner, effectively mitigating cache poisoning and redirection attacks.
Incorrect
Correct: DNSSEC provides a suite of extensions that add security to the DNS protocol by enabling DNS responses to be cryptographically validated. By using digital signatures, the resolver can confirm that the data received is identical to the data published by the zone owner, effectively mitigating cache poisoning and redirection attacks.
