CCNA Security - Chapter 11

Ace your homework & exams now with Quizwiz!

- It can detect open TCP ports on network systems.

How does network scanning help assess operations security? - It can simulate attacks from malicious sources. - It can log abnormal activity. - It can detect open TCP ports on network systems. - It can detect weak or blank passwords.

- integrity checking

What type of network security test would be used by network administrators for detection and reporting of changes to network systems? - penetration testing - vulnerability scanning - integrity checking - network scanning

- governing policy

Which policy outlines the overall security goals for managers and technical staff within a company? - acceptable use policy - technical policy - governing policy - end-user policy

- awareness campaigns

Which security program is aimed at all levels of an organization, including end users and executive staff? - educational degree programs - certificate programs - awareness campaigns - firewall implementation training courses

- the audience

What is the determining factor in the content of a security policy within an organization? - the security staff - the audience - the chief executive officer - the best practices

- vulnerability scanning

Which security test is appropriate for detecting system weaknesses such as misconfiguration, default passwords, and potential DoS targets? - vulnerability scanning - network scanning - integrity checkers - penetration testing

- Nmap

What network scanning tool has advanced features that allows it to use decoy hosts to mask the source of the scan? - Nessus - Metasploit - Tripwire - Nmap

Tripwire => used to assess if network device are compliant with network security policies Nessus => used to scan systems for software vulnerabilities Nmap => used for Layer 3 port scanning

Match the network security testing tool with the correct function. (Not all options are used.) - Nmap - Nessus - Tripwire + used to assess if network device are compliant with network security policies + used to scan systems for software vulnerabilities + used for Layer 3 port scanning + used to provide real-time reporting of security events

- awareness campaigns - education and training

What are two major components of a security awareness program? (Choose two.) - technical policy - procedure documents - awareness campaigns - guideline documents - education and training

- security awareness program

What is implemented by administration to instruct end users in how to effectively conduct business safely within an organization? - security awareness program - governing policy - noncompliance consequences - technical policy

- determining the feasibility and the potential consequences of a successful attack

What is the goal of network penetration testing? - detecting configuration changes on network systems - detecting potential weaknesses in systems - determining the feasibility and the potential consequences of a successful attack - detecting weak passwords

- It outlines the company’s overall security goals for managers and technical staff.

What is the objective of the governing policy in the security policy hierarchy structure? - It covers all rules pertaining to information security that end users should know about and follow. - It outlines the company’s overall security goals for managers and technical staff. - It provides general policies on how the technical staff should perform security functions. - It defines system and issue-specific policies that describe what the technical staff does.

- to focus the attention of employees on security issues

What is the purpose of a security awareness campaign? - to teach skills so employees can perform security tasks - to focus the attention of employees on security issues - to provide users with a training curriculum that can ultimately lead to a formal degree - to integrate all the security skills and competencies into a single body of knowledge

- SIEM

What network security testing tool has the ability to provide details on the source of suspicious network activity? - SIEM - SuperScan - Zenmap - Tripwire

+ Nmap

What network testing tool can be used to identify network layer protocols running on a host? + SIEM + Nmap + L0phtcrack + Tripwire

- Photograph the system.

What step should be taken after data is collected, but before equipment is disconnected, if a security breach is found on a system? - Create a drive image of the system. - Isolate the infected system. - Photograph the system. - Determine if data tampering has occurred.

- Zenmap

What testing tool is available for network administrators who need a GUI version of Nmap? - Nessus - SIEM - Zenmap - SuperScan

- Chief Executive Officer

Which executive position is ultimately responsible for the success of an organization? - Chief Technology Officer - Chief Executive Officer - Chief Security Officer - Chief Information Officer

- Isolate the infected system.

Which initial step should be followed when a security breach is found on a corporate system? - Create a drive image of the system. - Isolate the infected system. - Establish a chain of custody. - Photograph the system.

- standards

Which type of documents help an organization establish consistency in the operations of the network by specifying criteria that must be followed? - guidelines - standards - procedures - end user policies

- procedure documents

Which type of documents include implementation details that usually contain step-by-step instructions and graphics? - standards documents - procedure documents - guideline documents - end-user policy documents

- procedure document

Which type of security policy document is it that includes implementation details that usually contain step-by-step instructions and graphics? - best practices document - procedure document - standards document - guideline document

+ technical policy

Which type of security policy includes acceptable encryption methods? + governing policy + acceptable use policy + technical policy + end-user policy

- technical policy

Which type of security policy includes network access standards and server security policies? - end user policy - technical policy - governing policy - acceptable use policy


Related study sets

Chapter 18 - Health Insurance Underwriting

View Set

Comptia A+ Practice Test 1 Mobile Devices

View Set

Chapter 9: Operating System, Managing Coordinating and Monitoring Resources

View Set

Lección 8 Contextos, Fotonovela, y Pronunciación

View Set

Sexuality Today 9th Ed. Chapter 1

View Set