CCNA Security Chapter 11

1.

1 point

What step should be taken after data is collected, but before equipment is disconnected, if a security breach is found on a system?

Create a drive image of the system.

Photograph the system.

Isolate the infected system.

Determine if data tampering has occurred.

2.

1 point

Which security program is aimed at all levels of an organization, including end users and executive staff?

firewall implementation training courses

awareness campaigns

educational degree programs

certificate programs

3.

1 point

How does network scanning help assess operations security?

It can detect open TCP ports on network systems.

It can log abnormal activity.

It can detect weak or blank passwords.

It can simulate attacks from malicious sources.

4.

1 point

What network testing tool can be used to identify network layer protocols running on a host?

Nmap

L0phtcrack

Tripwire

SIEM

5.

1 point

Which type of documents include implementation details that usually contain step-by-step instructions and graphics?

end-user policy documents

guideline documents

procedure documents

standards documents

6.

1 point

What are two major components of a security awareness program? (Choose two.)

technical policy

education and training

guideline documents

procedure documents

awareness campaigns

7.

1 point

Match the network security testing tool with the correct function. (Not all options are used.)

Tripwire

Nessus

Nmap

8.

1 point

What type of network security test would be used by network administrators for detection and reporting of changes to network systems?

penetration testing

integrity checking

vulnerability scanning

network scanning

9.

1 point

Which policy outlines the overall security goals for managers and technical staff within a company?

governing policy

acceptable use policy

technical policy

end-user policy

10.

1 point

What is the goal of network penetration testing?

detecting configuration changes on network systems

detecting weak passwords

determining the feasibility and the potential consequences of a successful attack

detecting potential weaknesses in systems

11.

1 point

Which type of security policy includes network access standards and server security policies?

technical policy

end user policy

acceptable use policy

governing policy

12.

1 point

Which type of security policy document is it that includes implementation details that usually contain step-by-step instructions and graphics?

best practices document

guideline document

procedure document

standards document

13.

1 point

Which type of security policy includes acceptable encryption methods?

end-user policy

governing policy

acceptable use policy

technical policy

14.

1 point

What is the objective of the governing policy in the security policy hierarchy structure?

It provides general policies on how the technical staff should perform security functions.

It defines system and issue-specific policies that describe what the technical staff does.

It covers all rules pertaining to information security that end users should know about and follow.

It outlines the company’s overall security goals for managers and technical staff.

15.

1 point

What is the purpose of a security awareness campaign?

to provide users with a training curriculum that can ultimately lead to a formal degree

to integrate all the security skills and competencies into a single body of knowledge

to teach skills so employees can perform security tasks

to focus the attention of employees on security issues

16.

1 point

What testing tool is available for network administrators who need a GUI version of Nmap?

Zenmap

SIEM

Nessus

SuperScan

17.

1 point

What is the determining factor in the content of a security policy within an organization?

the best practices

the audience

the security staff

the chief executive officer

18.

1 point

Which executive position is ultimately responsible for the success of an organization?

Chief Security Officer

Chief Technology Officer

Chief Information Officer

Chief Executive Officer

19.

1 point

Which initial step should be followed when a security breach is found on a corporate system?

Isolate the infected system.

Create a drive image of the system.

Photograph the system.

Establish a chain of custody.

20.

1 point

What network security testing tool has the ability to provide details on the source of suspicious network activity?

Tripwire

SIEM

Zenmap

SuperScan

21.

1 point

What network scanning tool has advanced features that allows it to use decoy hosts to mask the source of the scan?

Metasploit

Nessus

Tripwire

Nmap

22.

1 point

Which type of documents help an organization establish consistency in the operations of the network by specifying criteria that must be followed?

guidelines

procedures

standards

end user policies

23.

1 point

Which security test is appropriate for detecting system weaknesses such as misconfiguration, default passwords, and potential DoS targets?

integrity checkers

penetration testing

vulnerability scanning

network scanning

24.

1 point

What is implemented by administration to instruct end users in how to effectively conduct business safely within an organization?

governing policy

noncompliance consequences

technical policy

security awareness program