Chapter 9 Assesment
of 4
-
Upload
yiannis-neocleous -
Category
Documents
-
view
219 -
download
0
Transcript of Chapter 9 Assesment
-
8/13/2019 Chapter 9 Assesment
1/4
1 What is a design feature of a secure network life cycle management process?
Security is considered once the network is fully operational.
Security is purposefully included in every phase of the system development life cycle.
Security requirements are assessed and fully implemented in the initiation phase of the system development life cycle.
Security cost and reporting considerations are determined in the operations and maintenance phase of the systemdevelopment life cycle.
2 Which term describes a completely redundant backup facility, with almost identical equipment to the operational facility, that ismaintained in the event of a disaster?
backup site
cold site
hot site
reserve site
3 Which security document includes implementation details, usually with step-by-step instructions and graphics?
guideline document
standard document
procedure document
overview document
4Which component of the security policy lists specific websites, newsgroups, or bandwidth-intensive applications that are notallowed on the company network?
remote access policies
acceptable use policies
incident handling procedures
identification and authentication policies
5 Which three documents comprise the hierarchical structure of a comprehensive security policy for an organization? !hoosethree."
backup policy
server policy
incident policy
governing policy
end-user policy
technical policy
6 What are three key principles of a !isco Self-#efending $etwork? !hoose three."
adaptability
authentication
collaboration
confidentiality
integration
integrity
7 When an organization implements the two-person control principle, how are tasks handled?
% task requires two individuals who review and approve the work of each other.
% task is broken down into two parts, and each part is assigned to a different individual.
% task must be completed twice by two operators who must achieve the same results.
% task is rotated among individuals within a team, each completing the entire task for a specific amount of time.
8 Which principle of the !isco Self-#efending $etwork emphasizes that security should be built in?
adapt
collaborate
integrate
simplify
http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23 -
8/13/2019 Chapter 9 Assesment
2/4
9 Which security services, available through the !isco Self-#efending $etwork, include &'$ access?
secure communications
threat control and containment
operational control and policy management
application control for infrastructure
10 What are the two ma(or elements of the !isco Secure !ommunications solution? !hoose two."
secure communications for e)tranets
secure communications for intranets
secure communications for management
secure communications for remote access
secure communications for site-to-site connections
11 Which type of analysis uses a mathematical model that assigns a monetary figure to the value of assets, the cost of threatsbeing realized, and the cost of security implementations?
*ualitative +isk %nalysis
*uantitative +isk %nalysis
*ualitative %sset %nalysis
*uantitative !ontinuity %nalysis12
+efer to the e)hibit. When implementing the !isco Self-#efending $etwork, which two technologies ensure confidentialitywhen referring to secure communications? !hoose two."
!isco $%! appliances and !isco Security %gent
!isco Security anager
!isco Security onitoring, %nalysis, and +esponse System
ntrusion 'revention System
'sec &'$
SS &'$
13 Which network security test requires a network administrator to launch an attack within the network?
network scan
password crack
penetration test
vulnerability scan
14 Which statement could be e)pected to be included in a !ode of /thics that is related to 0 and network security?
/mployees breaching the !ode of /thics will be prosecuted to the full e)tent of the law.
http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23 -
8/13/2019 Chapter 9 Assesment
3/4
%pplication of the !ode of /thics to use of the network is at the discretion of the employee.
/mployees with greater than 1 years of service can claim e)emption from provisions of the !ode of /thics.
0he network is to be used by employees to provide diligent and competent services to the organization.
15 What are the two components in the !isco Security anagement Suite? !hoose two."
!isco ntrusion 'revention
!isco $etwork %dmission !ontrol
!isco Security %gent
!isco Security anager
!isco Security %+S
16 Which three detailed documents are used by security staff for an organization to implement the security policies? !hoosethree."
asset inventory
best practices
guidelines
procedures
risk assessment
standards
17 What are the two ma(or components of a security awareness program? !hoose two."
awareness campaign
security policy development
security solution development
self-defending network implementation
training and education
18 Which three statements describe ethics in network security? !hoose three."
principles put into action in place of laws
foundations for current laws
set of moral principles that govern civil behavior
standard that is higher than the law
set of regulations established by the (udiciary system
set of legal standards that specify enforceable actions when the law is broken
19 What three areas should be considered when designing a network security policy? !hoose three."
remote access
network maintenance
service level agreement
network quality of service
network equipment provider
identification and authentication
20 Which two !isco 0hreat !ontrol and !ontainment technologies address endpoint security? !hoose two."
!isco %pplication !ontrol /ngine
!isco $etwork %dmission !ontrol
!isco Security %gent
!isco Security onitoring, %nalysis, and +esponse System
virtual private network21 What is a feature of an effective network security training program?
'articipation in the network security training is voluntary.
/mployee groups are identified and the training is customized to their needs.
http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23 -
8/13/2019 Chapter 9 Assesment
4/4
%ll employees become trained in the design and implementation of secure networks.
0raining for all employees covers the full scope of security issues related to the organization.
22 What is the primary focus of network operations security?
to design and develop secure application code
to support deployment and periodic maintenance of secure systems
to conduct regular employee background checks
to reprimand personnel who do not adhere to security policies
http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23http://assessment.netacad.net/virtuoso/delivery/pub-doc/exam.shtml#%23
