CCNA security chapter 1 exam

What is the significant characteristic of worm malware?

A worm can execute independently of the host system.*

What is a characteristic of a Trojan horse as it relates to network security?

Malware is contained in a seemingly legitimate executable program.*

As a dedicated network security tool, an intrusion __________ system can provide detection and blocking of attacks in real time.

Prevention

What worm mitigation phase involves actively disinfecting infected systems?

Treatment*

What causes a buffer overflow?

attempting to write more data to a memory location than that location can hold*

What method can be used to mitigate ping sweeps?

blocking ICMP echo and echo-replies at the network edge*

What is the role of an IPS?

detecting and blocking of attacks in real time*

What commonly motivates cybercriminals to attack networks as compared to hactivists or state-sponsored hackers?

financial gain*

What is the primary method for mitigating malware?

installing antivirus software on all hosts*

What are the three components of information security ensured by cryptography? (Choose three.)

integrity* availability* confidentiality*

Which two network security solutions can be used to mitigate DoS attacks? (Choose two.)

intrusion protection systems* antispoofing technologies*

A disgruntled employee is using Wireshark to discover administrative Telnet usernames and passwords. What type of network attack does this describe?

reconnaissance*

What are the three core components of the Cisco Secure Data Center solution? (Choose three.)

secure segmentation* visibility* threat defense*

What is an objective of a state-sponsored attack?

to right a perceived wrong*

Which two statements describe access attacks? (Choose two.)

Buffer overflow attacks write data beyond the hallocated buffer memory to overwrite valid data or to exploit systems to execute malicious code.* Password attacks can be implemented by the use os brute-force attack methods, Trojan horse, or packet sniffers.*

What is the first step in the risk management process specified by the ISO/IEC?

Conduct a risk assessment.*

Which two statements characterize DoS attacks? (Choose two.)

Examples include smurf attacks and ping of death attacks.* They attempt to compromise the availability of a network, host, or application*

Which statement accurately characterizes the evolution of threats to network security?

Internal threats can cause even greater damage than external threats.*

What is a ping sweep?

a network scanning technique that indicates the live hosts in a range of IP addresses.

What are the three major components of a worm attack? (Choose three.)

a payload* an enabling vulnerability* a propagation mechanism*

How is a smurf attack conducted?

by sending a large number of ICMP requests to directed broadcast addresses from a spoofed source address on the same network*

What functional area of the Cisco Network Foundation Protection framework is responsible for device-generated packets required for network operation, such as ARP message exchanges and routing advertisements?

control plane*

What role does the Security Intelligence Operations (SIO) play in the Cisco SecureX architecture?

identifying and stopping malicious traffic*

An attacker is using a laptop as a rogue access point to capture all network traffic from a targeted user. Which type of attack is this?

man in the middle*

Which condition describes the potential threat created by Instant On in a data center?

when a VM that may have outdated security policies is brought online after a long period of inactivity.*