ASVAB Practice

Cyber Test

The Cyber Test (CT), formerly the ICTL (Information/Communications Technology Literacy) test, is a separate ASVAB technical subtest used to qualify for cyber MOSs — Army 17C and 25D, Navy CTN/CTT/IT, Air Force cyber. It is acronym-heavy. Most items are short multiple-choice questions on hardware, operating systems (Windows and Linux), office productivity software, networking, security, and basic programming logic. Memorize the acronyms; recognize the commands.

Hardware Fundamentals

Know what each piece does, and know its acronym.

Component What it does
CPU (Central Processing Unit) The processor. Executes instructions. Measured in GHz and core count.
GPU (Graphics Processing Unit) Renders graphics; also used for parallel math (AI, crypto).
RAM (Random Access Memory) Volatile working memory. Erased when power is cut.
ROM (Read-Only Memory) Non-volatile firmware storage.
HDD (Hard Disk Drive) Spinning magnetic storage. Cheap, slow, mechanical.
SSD (Solid State Drive) Flash storage. Much faster than HDD, no moving parts.
NVMe High-speed SSD that connects to the PCIe bus, not SATA.
Motherboard Main circuit board hosting CPU, RAM, and expansion slots.
PSU (Power Supply Unit) Converts wall AC to low-voltage DC.
NIC (Network Interface Card) Connects to a network (wired or wireless).
BIOS / UEFI Firmware that runs at power-on and starts the OS. UEFI is modern.
Cache Very fast CPU-local memory (L1/L2/L3).

Volatile vs. non-volatile. Volatile memory (RAM, cache) loses contents on power loss. Non-volatile (SSD, HDD, ROM, USB flash) keeps them.

Memory hierarchy (fastest/smallest → slowest/largest): registers → cache → RAM → SSD → HDD → network/cloud.

Common ports and connectors: - USB-A / USB-C — general-purpose peripherals. USB-C is reversible. - HDMI / DisplayPort — digital video + audio. - Ethernet (RJ-45) — wired networking. - 3.5 mm — analog audio. - SATA — connects HDDs/SSDs to the motherboard.

Input vs. output devices. Keyboard, mouse, scanner, microphone = input. Monitor, speakers, printer = output. Touchscreen and multifunction printer = both.

RAID (Redundant Array of Independent Disks) — combines multiple drives. - RAID 0 — striping. Two drives appear as one larger, faster drive. No redundancy — losing either drive loses everything. - RAID 1 — mirroring. Two drives hold identical copies. Survives one drive failure. - RAID 5 — striping with parity across three or more drives. Survives one drive failure. - RAID 10 — mirror of stripes. Speed + redundancy. Needs four drives.

Operating System Basics

An operating system (OS) is the software between the hardware and your applications. It manages CPU time, memory, storage, devices, and user accounts.

Major families: - Windows — Microsoft. File system: NTFS. Paths use backslashes: C:\Users\jane\file.txt. - macOS — Apple, Unix-based. File system: APFS. - Linux — open-source, Unix-like. File system: ext4 (most common). Paths use forward slashes: /home/jane/file.txt. Distributions include Ubuntu, Red Hat, Debian, Kali. - Mobile — Android (Linux-based), iOS (Unix-based).

Absolute vs. relative path. Absolute starts at the root (C:\…, /…). Relative starts at the current working directory (./reports/q3.txt).

Linux command line

The CT often gives a task ("list files in the current directory", "change permissions") and asks for the right command.

Command What it does
ls List files in current directory
cd <dir> Change directory
pwd Print working directory
cp <src> <dst> Copy a file
mv <src> <dst> Move or rename
rm <file> Delete a file (rm -r for directories)
mkdir <dir> Make directory
rmdir <dir> Remove empty directory
cat <file> Show file contents
grep <pattern> <file> Search inside a file
find <path> -name <pat> Search for files by name
chmod <mode> <file> Change permissions
chown <user> <file> Change owner
ps List running processes
kill <pid> Terminate a process
man <cmd> Show the manual page
sudo <cmd> Run a command as root (administrator)

Linux file permissions. Each file has three permission groups — owner, group, others — and three permissions — read (r), write (w), execute (x). ls -l displays them as rwxr-xr--. Numerically: r=4, w=2, x=1. chmod 755 file = owner rwx (7), group rx (5), others rx (5).

Windows command line and shell

Windows Linux equivalent
dir ls
cd cd
copy cp
move mv
del rm
md / mkdir mkdir
type cat
findstr grep
tasklist ps
taskkill kill

Windows ships with both Command Prompt (cmd) and PowerShell (newer, scriptable). Task Manager shows processes and CPU/memory use.

Processes and services

  • Process — a running program with its own memory space and PID (process ID).
  • Thread — a unit of execution inside a process. Threads share their process's memory.
  • Service (Windows) / daemon (Linux) — a long-running background program (web server, print spooler, antivirus).
  • Booting: power on → firmware (BIOS/UEFI) runs POST (Power-On Self-Test) → bootloader → kernel → init → login.

Networking

LAN / WAN / WLAN / PAN. - LAN — devices in one location (home, office). - WAN — connects LANs across distance; the internet is the largest WAN. - WLAN — wireless LAN (Wi-Fi). - PAN — Personal Area Network (Bluetooth).

Network devices. - Modem — converts the ISP signal (cable/fiber/DSL) into Ethernet. - Router — forwards traffic between networks. Assigns local IPs via DHCP. - Switch — forwards traffic within a LAN, between Ethernet ports. - Access point (AP) — bridges Wi-Fi clients onto a wired LAN. - Firewall — filters traffic by rule. - Hub — older device; broadcasts traffic to every port. Largely obsolete.

IP addresses. - IPv4 — 32-bit, written as four decimal octets: 192.168.1.10. - IPv6 — 128-bit, written in hex with colons: 2001:db8::1. Created because IPv4 ran out. - Private ranges (used inside LANs, not routed on the internet): 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16. - NAT (Network Address Translation) — router shares one public IP across many private clients. - Static IP — manually configured. Dynamic IP — assigned by a DHCP server. - Loopback address127.0.0.1 (IPv4) / ::1 (IPv6) refers to the local machine itself.

MAC address. 48-bit hardware ID burned into each NIC, six hex pairs (AA:BB:CC:11:22:33). Used inside a single network segment; IP is used between networks.

DNS (Domain Name System) — translates names (example.com) into IP addresses. DHCP (Dynamic Host Configuration Protocol) — hands out IP addresses on a LAN.

Common ports and protocols.

Protocol Port Purpose
HTTP 80 Web (unencrypted)
HTTPS 443 Web (TLS encrypted)
FTP 21 File transfer
SSH 22 Encrypted remote shell
Telnet 23 Remote shell (unencrypted — obsolete)
SMTP 25 Sending email
DNS 53 Name resolution
DHCP 67 / 68 IP assignment
POP3 / IMAP 110 / 143 Receiving email
RDP 3389 Windows remote desktop

TCP vs. UDP. - TCP — connection-oriented, reliable. Handshake, retransmits, in-order delivery. Used by HTTP, SSH, email. - UDP — connectionless, best-effort. Faster, no retransmits. Used by DNS lookups, voice/video streaming, online gaming.

OSI model — the seven-layer reference model: Physical, Data Link, Network, Transport, Session, Presentation, Application. You usually only need to know it exists, that lower layers handle bits/frames and higher layers handle data/applications, and that TCP/UDP live at Transport (layer 4) and IP lives at Network (layer 3).

Diagnostic commands. - ping <host> — tests reachability via ICMP echo. - traceroute <host> / tracert <host> — shows the path packets take. - ipconfig (Windows) / ifconfig or ip addr (Linux) — shows local IP settings. - nslookup <host> — DNS lookup.

Cybersecurity Concepts

The CIA triad — the three pillars of information security. - Confidentiality — info disclosed only to authorized parties (encryption, access control). - Integrity — info not altered without authorization (hashes, digital signatures). - Availability — authorized users can access the system when needed (backups, redundancy, DDoS protection).

Authentication vs. authorization vs. accounting (AAA). - Authentication — proving who you are. - Authorization — what you may do once authenticated. - Accounting / Auditing — recording what you did.

Authentication factors: 1. Something you know — password, PIN. 2. Something you have — phone, smart card, hardware token. 3. Something you are — fingerprint, face, iris.

MFA / 2FA combines two different factors. Two passwords is not MFA; password + phone code is.

Malware: what each one is and why an attacker uses it

Type What it is Why an attacker deploys it
Virus Attaches to a host file; spreads when the file runs To corrupt files or hand off a payload to many machines
Worm Self-replicates across a network without a host Fastest possible spread; consume resources or seed other malware
Trojan Disguised as legitimate software Sneak past user trust and install a backdoor
Ransomware Encrypts files and demands payment for the key Direct extortion
Spyware Secretly monitors activity Steal credentials, financial data, intellectual property
Keylogger Records every keystroke Capture passwords typed into login forms
Rootkit Hides itself and other malware deep in the OS Persist undetected to maintain long-term access
Adware Forces unwanted ads Generate ad revenue; sometimes carries spyware
Logic bomb Sits dormant; triggers on a condition (date, login, file change) Sabotage by an insider, delayed-detonation payload
Bot / botnet Compromised machine takes orders from a remote C2 server DDoS, spam, credential stuffing at scale

Common attacks

  • Phishing — fake email tricks user into giving credentials or running malware. Spear phishing targets a specific person; whaling targets executives; smishing uses text; vishing uses voice.
  • Social engineering — manipulating people instead of systems: pretexting, tailgating, shoulder surfing.
  • Brute force — try every possible password. Dictionary attack — try a list of likely passwords.
  • Man-in-the-middle (MITM) — attacker secretly relays/alters traffic between two parties.
  • DoS / DDoS — flood a target with traffic so legitimate users cannot reach it.
  • SQL injection — insert database commands into an input field the app passes unsafely to its database.
  • Cross-site scripting (XSS) — inject malicious JavaScript into a web page other users will load.
  • Zero-day — exploit for a vulnerability the vendor has not yet patched.

Encryption and hashing

  • Symmetric encryption — same key encrypts and decrypts. Fast. Example: AES.
  • Asymmetric (public-key) encryption — public key encrypts; matching private key decrypts. Examples: RSA, ECC. Slower; used to exchange a symmetric session key.
  • Hashing — one-way digest of any size input. Used to verify integrity and store passwords. Examples: SHA-256, SHA-3. MD5 and SHA-1 are obsolete (broken).
  • HTTPS / TLS — uses asymmetric crypto to exchange a symmetric key, then encrypts the rest of the session symmetrically. A certificate signed by a CA (Certificate Authority) binds a public key to a domain.

Common defenses

  • Antivirus / EDR — detects known malware and suspicious behavior.
  • Firewall — filters traffic by rule.
  • IDS / IPS — Intrusion Detection / Prevention. IDS alerts; IPS also blocks.
  • VPN (Virtual Private Network) — encrypted tunnel between client and network. Common for remote work and for privacy on public Wi-Fi.
  • Backups — kept offline or off-site so ransomware cannot reach them.
  • Patch management — keep OS and apps updated.
  • Principle of least privilege — give each user and process only the access it needs.

Digital Literacy

Microsoft Office and productivity software

Office basics show up regularly on the CT.

  • Word — word processor. Files end in .docx (modern) or .doc (legacy).
  • Excel — spreadsheet. Files end in .xlsx / .xls. Used for data, calculations, and charts.
  • PowerPoint — presentations. Files end in .pptx / .ppt.
  • Outlook — email and calendar.
  • OneDrive / SharePoint — cloud file storage and collaboration.

Excel cell references and formulas: - A spreadsheet is a grid of rows (numbered) and columns (lettered). A cell is one intersection (e.g., B7). - Formulas start with =. Examples: =A1+B1, =A1*2, =A1/B1. - Relative referenceA1. When copied to another cell, the reference shifts. - Absolute reference$A$1. When copied, the reference stays fixed. $A1 locks the column; A$1 locks the row. - RangeA1:A10 means "cells A1 through A10".

Common Excel functions:

Function What it does
=SUM(A1:A10) Add the values in the range
=AVERAGE(A1:A10) Arithmetic mean
=MIN(A1:A10) / =MAX(A1:A10) Smallest / largest
=COUNT(A1:A10) Count cells containing numbers
=IF(A1>10, "big", "small") Conditional
=VLOOKUP(value, range, col) Look up a value in a table
=CONCAT(A1, B1) Join text
=ROUND(A1, 2) Round to 2 decimal places

Useful keyboard shortcuts:

Shortcut Action
Ctrl + C / Ctrl + V / Ctrl + X Copy / paste / cut
Ctrl + Z / Ctrl + Y Undo / redo
Ctrl + S Save
Ctrl + P Print
Ctrl + F Find
Ctrl + A Select all
Alt + Tab Switch windows
Ctrl + Alt + Del Security / task manager screen (Windows)

File types

Extension Type
.txt Plain text
.pdf Portable Document Format
.docx / .xlsx / .pptx Word / Excel / PowerPoint
.csv Comma-separated values
.jpg / .png / .gif Raster images
.mp3 / .wav Audio
.mp4 / .mov Video
.zip / .tar.gz Compressed archive
.exe / .msi Windows executable / installer
.iso Disk image

Web and units

  • URL structure: https://example.com/path?key=value — scheme, host, path, query.
  • HTTP status codes: 200 OK, 301 moved, 403 forbidden, 404 not found, 500 server error.
  • Cookies — small files a site stores in your browser to remember you.
  • Cloud service models: IaaS (rent virtual machines), PaaS (rent a managed app environment), SaaS (use software over the internet, e.g., Gmail).

Data units. 1 byte = 8 bits. 1 KB ≈ 1,000 bytes. 1 MB ≈ 1,000 KB. 1 GB ≈ 1,000 MB. 1 TB ≈ 1,000 GB.

Safe online behavior

  • Hover over links before clicking; look at the real URL.
  • Urgency and threats ("act now") are phishing red flags.
  • Verify unexpected attachments out-of-band (phone the sender).
  • Lock devices when leaving them.
  • On public Wi-Fi, use HTTPS or a VPN.

Basic Programming and Logic

You will not be asked to write code, but you will be asked to read it and predict what it does.

Building blocks

  • Variable — a named storage location holding a value. Types: integer, float, string, boolean.
  • Constant — a value that does not change.
  • Operator — arithmetic (+ - * /), comparison (== != < >), logical (AND OR NOT).
  • Function — a named block of code that takes inputs and returns output.

Control flow

  • Sequence — top to bottom.
  • Selectionif / else if / else branches based on a condition.
  • Iterationfor loops a known number of times; while loops until a condition becomes false.
  • Infinite loop — exit condition is never reached. The program hangs.

Boolean logic and truth tables

A B A AND B A OR B NOT A A XOR B
T T T T F F
T F F T F T
F T F T T T
F F F F T F

AND is true only when both inputs are true. OR is true when either is true. NOT flips. XOR (exclusive or) is true when exactly one input is true.

Number bases

  • Binary (base 2) — digits 0, 1. The native language of digital electronics.
  • Decimal (base 10) — digits 0–9. Human default.
  • Hexadecimal (base 16) — digits 0–9, A–F. Each hex digit = 4 bits. Used for memory addresses, MAC addresses, colors (#FF0000 = red).

Quick conversions to memorize:

Binary Decimal Hex
0000 0 0
0001 1 1
1000 8 8
1001 9 9
1010 10 A
1111 15 F
1111 1111 255 FF

Reading pseudocode

Pseudocode is plain-English code that captures logic without committing to a language. Walk it line by line; track variable values on scratch paper.

SET x = 5
SET y = 2
WHILE y < x
    SET y = y + 1
    PRINT y
END WHILE

Trace: y starts at 2. Loop checks y < 5. - Iter 1: y = 3, print 3. - Iter 2: y = 4, print 4. - Iter 3: y = 5, print 5. Now y < x is false. Loop exits.

Output: 3 4 5.

Algorithms

An algorithm is a step-by-step procedure for solving a problem. You may see one item asking what a short algorithm does — read it the same way as pseudocode and trace the output.

Debugging

Read the error message, reproduce the bug, narrow down the line that fails, fix it, retest.

Practice this section Try the AI Tutor

Concepts in this section