Answers to 2011 Gov't IT Security Quiz

See How You Did on Our Test
Answers to 2011 Gov't IT Security Quiz

Here are the answers to the GovInfoSecurity quiz on government IT security in 2011.

See Also: Live Webinar | Navigating Identity Threats: Detection & Response Strategies for Modern Security Challenges

1. A: 0 percent. The same survey that determines the nation's unemployment rate showed no jobless among IT security professionals during the first three quarters of 2011. To be fair, the sample size is too small to be statistically reliable, but does indicate the demand for people with IT security skills. (See Women, Minorities Scared in IT Security Field)

2. C: 52 percent. IT security was the only skill a majority of state IT officials said presented the greatest challenge in attracting and retaining IT employees. (See States Struggle to Find IT Security Personnel)

3. E: 79,434. But, fewer than 2 percent of government IT security personnel fall into a category labeled by SANS Institute Research Director Alan Paller as hunters and toolmakers: experts who have deep knowledge and can, for instance, look inside an iPhone and know where to find its vulnerabilities. (See Infosec Personnel Shortage? It's All Relative)

4. C: 7 consecutive times. The controls Delaware state employees agree to have put on their personal mobile devices to access state networks include strong password, password history, password that expires, inactivity time out, lockout after seven failed attempts to log on, remote wipe if device is compromised or failure to log on after seven failed tries and encryption if device is capable of employing it. (See 7 Steps to Secure Mobile Devices)

5. C: Insider threats. 51 percent chose insider threats followed by poor practices, exploitable software vulnerabilities, configuration errors and malware. (See 2011 Survey Results: The State of Government Information Security Today)

6. D: Poorly trained/careless users, followed by insider employees, insider contractors, foreign nations and terrorists. (See 2011 Survey Results: The State of Government Information Security Today)

7. C: Enforcing security policy, followed by data loss prevention, mixing data with other users, continuity of operations planning and Homeland Security/Presidential Directive. (See 2011 Survey Results: The State of Government Information Security Today)

8. B: Al Franken. The Minnesota Democrat and onetime Saturday Night Live writer is the only non-lawyer on the Senate Judiciary Committee. (See Senate Forms Privacy Subcommittee)

9. A: True. Known as the Cloud First policy, Federal CIO Vivek Kundra in February outlined a new policy in which one-quarter of the $80 billion the federal government spends on information technology would employ cloud computing solutions. (See Kundra Eyes 25% of Fed IT Spend on Cloud Services)

10. E: White House Cybersecurity Coordinator Howard Schmidt's principal adviser. Chris Painter served as acting cybersecurity coordinator as President Obama searched for a permanent infosec adviser in 2009 and the first few weeks of 2010. (See Schmidt Aide Moves to State as Cyber Chief)

11. D: Navy. Cyber 1, offered in the freshman year, will focus on recognition of risks and threats. Cyber 2, offered to juniors, will have a technical emphasis on network defense. The requirements went into effect this past summer with the incoming freshmen class. (See Naval Academy to Require Infosec Courses)

12. C: 1 year. Personal information of some 3.5 million people was left exposed on a Texas state server for about one year before being detected. The breach cost taxpayers at least $1.8 million and four employees their jobs. (See Texas Comptroller Apologizes for Breaches)

13. C: 36 percent. The Justice Department inspector general recommended that the FBI should rethink its step-by-step approach in training agents on how to investigate national security intrusion cases to ensure its field offices have qualified investigators. (See Rethinking How FBI Trains Cyber Agents)

14. C: Justice. Among Van Hitch's achievements during his 9-year tenure is the creation of an IT security operations center that continuously examines network traffic. (See Van Hitch to Retire as Justice CIO)

15. E: Pacific Northwest. The Pacific Northwest National Laboratory shuttered its website and blocked incoming e-mail after discovering on July 1 that it was targeted in a highly sophisticated cyberattack. (See Cyberattack Shutters Energy Department Lab)

16. B: False. Federal CIO Steven VonRoekel never worked for Steve Jobs but once served as a speech and strategy assistant to then Microsoft CEO and founder Bill Gates. (See Former Bill Gates' Aide New Federal CIO)

17. E: Sony. Sony named Philip Reitinger chief information security officer in the months following a massive breach. Reitinger, a former Homeland Security cybersecurity leader, is Sony's first CISO. (See Ex-DHS Official Becomes Sony's CISO)

18. C: 14 percent. The Government Accountability Office survey of 30 federal CIOs revealed that they spent 14 percent of their time on IT security matters, more than any other function. (See What Keeps Fed CIOs Busy? Infosec)

19. C: 650 percent. The five-year increase in security incidents places the confidentiality, integrity and availability of sensitive government information and information systems at risk, a GAO audit said. (See Gov't Infosec Incidents Soar by 650% in 5 Years )

20. D: North American Electric Reliability Corp. chief security officer. Mark Weatherford, the new DHS deputy undersecretary for cybersecurity, held every job listed in the quiz's question. (See Weatherford Named DHS Cybersec Leader)

21. B: False. In 2010, a McAfee survey designated the United States the most feared nation in cyberspace. This year, another survey from the security company said China gave the world more jitters than any other nation. (See U.S. Threat as Cybervillain Diminishes)

Matching the Quotes

22. E: William Lynn III, then Defense deputy secretary.

23. A: Keith Alexander, National Security Agency director.

24. C: Melissa Hathaway, who conducted President Obama's 60-day cyberspace policy review in 2009.

25. B: Tom Carper, the Delaware Democrat who chairs a Senate panel with government IT security oversight.

26. H: Philip Reitinger, in an interview with GovInfoSecurity when he was Homeland Security deputy undersecretary.

27. G: Janet Napolitano, Homeland Security secretary.

28. F: Barack Obama, in declaring a national emergency to battle the extraordinary threat transnational criminal organizations pose to the nation's security, foreign policy and economy.

29. D: Vivek Kundra, reflecting on his 2½-year tenure as federal chief information officer.

30. J: Steven VanRoekel in his first speech as federal CIO.

Scoring

26-30 right: Cybersecurity Coordinator
21-25 right: Majority Leader
16-20 right: Committee Chair
15 or fewer right: Back Bencher

How's your memory? Check out our 2010 quiz on government IT security.


About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.