Chapter 10 - CCNAS

1.

1 point

In quantitative risk analysis, what term is used to represent the degree of destruction that would occur if an event took place?

single loss expectancy

exposure factor

annualized loss expectancy

annualized rate of occurrence

2.

1 point

What security task is relevant in the disposition phase of the SDLC?

defining the levels of potential impact on an organization from a security breach

identifying the protection requirements for systems through a formal risk assessment process

ensuring that security plans are designed, developed, and implemented

ensuring that data is deleted, erased, or overwritten

3.

1 point

Which two security features must be implemented when SCP is a part of a company security plan? (Choose two.)

AAA authorization

AES

encrypted Cisco IOS File System

SSH

4.

1 point

What situations are addressed by a business continuity plan?

the continued operations of an organization in the event of a disaster or service interruption

the roles and responsibilities of personnel responding to security breaches

the threats that corporate systems are subjected to in a particular environment

the day-to-day operations necessary to deploy and maintain secure systems

5.

1 point

What component of the Cisco SecureX architecture automatically deploys security rules to Cisco devices?

policy management console

SIO

delivery mechanism

scanning engine

6.

1 point

Using quantitative risk analysis, what is the annualized loss expectancy to an organization of an event that has single loss expectancy of $500,000 and a annualized rate of occurrence of .03?

$1500

$1,500,000

$15,000

$6000

7.

1 point

The following order:
applies policy-based access control
enforces security policies by updating noncompliant machines
provides access in accordance with rule-based policies
delivers network services to remote employees

True

False

8.

1 point

What is the main purpose of the Cisco SIO?

to guarantee every connection coming on or off the endpoint

to provide a method of introducing scanning elements into the network

to enable a single point of policy definition that spans multiple enforcement points

to identify malicious traffic and develop rules to stop it

9.

1 point

A new person has joined the security operations team for a manufacturing plant. What is a common scope of responsibility for this person?

physical and logical security of all business personnel

managing redundancy operations for all systems

day-to-day maintenance of network security

data security on host devices

10.

1 point

How does network scanning help assess operations security?

It can simulate attacks from malicious sources.

It can log abnormal activity.

It can detect open TCP ports on network systems.

It can detect weak or blank passwords.

11.

1 point

Which security policy component defines what users are allowed and not allowed to do on company systems?

authentication policy

governing policy

acceptable use policy

application policy

12.

1 point

Why would an organization perform a quantitative risk analysis for network security threats?

so that management can determine the number of network devices needed to inspect, analyze, and protect the corporate resources

so that management has documentation about the number of security attacks that have occurred within a particular time period

so that the organization can focus resources where they are most needed

so that the organization knows the top areas where network security holes exist

13.

1 point

Which type of security policy document is it that includes implementation details that usually contain step-by-step instructions and graphics?

standards document

procedure document

best practices document

guideline document

14.

1 point

What are two attributes of a qualitative risk analysis? (Choose two.) It is measurable.

It assigns values to assets.

It is exploratory.

It is descriptive

It uses a mathematical model

15.

1 point

What is the purpose of the Tripwire network testing tool?

to perform vulnerability scanning

to assess configuration against established policies, recommended best practices, and compliance standards

to detect unauthorized wired network access

to provide password auditing and recovery

16.

1 point

What is the objective of the governing policy in the security policy hierarchy structure?

It defines system and issue-specific policies that describe what the technical staff does

It outlines the company’s overall security goals for managers and technical staff

It covers all rules pertaining to information security that end users should know about and follow.

It provides general policies on how the technical staff should perform security functions.

17.

1 point

What are the three security tasks related to the disposition phase of the system development life cycle? (Choose three.)

media sanitation

preliminary risk assessment

hardware and software disposal

information preservation

security cost considerations

18.

1 point

Fill in the blank. ____ analysis is used to estimate the probability and severity of threats to a system.

19.

1 point

Which security test is appropriate for detecting system weaknesses such as misconfiguration, default passwords, and potential DoS targets?

integrity checkers

penetration testing

vulnerability scanning

network scanning

20.

1 point

A network manager has presented to upper management that the threat of fire in the data center has an exposure factor of 70 percent. What does this mean?

70 percent of the devices in the data center do not have fire resistance coverage.

70 percent of the data center area has a high risk of fire.

There is a 70 percent chance of a fire in the data center.

70 percent of all data center equipment would be destroyed if there were a fire

21.

1 point

What operations security principle is intended to ensure that a single individual does not control two or more phases of an operation?

change control

separation of duties

rotation of duties

trusted recovery

22.

1 point

A new network manager at a small company is presented with a list from the technician who is responsible for server backups. The technician provides the following list of current practices.

More people should have rights to perform the backups.

Only one person is needed to store the off-site copy.

Two people should securely store the on-site backup media.

Media can be rotated.

23.

1 point

What is the purpose of a security awareness campaign?

to integrate all the security skills and competencies into a single body of knowledge

to teach skills so employees can perform security tasks

to focus the attention of employees on security issues

to provide users with a training curriculum that can ultimately lead to a formal degree

24.

1 point

A network security manager has been tasked with supporting some staff to work from home on a part time basis. What Cisco Secure access product will allow this manager to provide secure, manageable voice and video services to this group of personnel?

Cisco Secure Access Control System

Cisco AnyConnect

Cisco NAC Appliance

Cisco Virtual Office

25.

1 point

What should be the primary objective of a contingency and disaster recovery plan?

implement protection mechanisms in an attempt to reduce risks to acceptable levels

address every possible disaster scenario and assumption

identify acceptable methods of recovery on events most likely to happen

eliminate risk by avoiding threats to the network altogether