Cisco CCNA Security, chapter 9 Exam.

Questions and answers 90% correct.

1. Which three statements describe ethics in network security? (Choose three.)
principles put into action in place of laws
foundations for current laws
set of moral principles that govern civil behavior
standard that is higher than the law
set of regulations established by the judiciary system
set of legal standards that specify enforceable actions when the law is broken
2. Which component of the security policy lists specific websites, newsgroups, or
bandwidth-intensive
intensive applications that are not allowed on the company network?
remote access policies
acceptable use policies
incidentt handling procedures
identification and authentication policies
3. What are the two components in the Cisco Security Management Suite? (Choose
two.)
Cisco Intrusion Prevention
Cisco Network Admission Control
Cisco Security Agent
Cisco Security Manager
Cisco Security MARS
4. Which statement could be expected to be included in a Code of Ethics that is related
to IT and network security?
Employees breaching the Code of Ethics will be prosecuted to the full extent of
the law.
Application of the Code of Ethics to use of the network is at the discretion of the
employee.
Employees with greater than 5 years of service can claim exemption from
provisions of the Code of Ethics.
The network is to be used by employees to provide diligent and competent
services to the organization.
5. Which two Cisco Threat Control and Containment technologies address endpoint
security? (Choose two.)
Cisco Application Control Engine
Cisco Network Admission Control

Cisco Security Agent

Cisco Security Monitoring, Analysis, and Response System
virtual private network
6. What are three key principles of a Cisco Self-Defending Network? (Choose three.)
adaptability
authentication
collaboration
confidentiality
integration
integrity
7. Which security services, available through the Cisco Self-Defending
Self Defending Network,
include VPN access?
secure communications
threat control
ntrol and containment
operational control and policy management
application control for infrastructure
8. What three areas should be considered when designing a network security policy?
(Choose three.)
remote access
network maintenance
service level agreement
network quality of service
network equipment provider
identification and authentication
9. What are the two major elements of the Cisco Secure Communications solution?
(Choose two.)
secure communications for extranets
secure communications for intranets
secure communications for management
secure communications for remote access
secure communications for site-to-site
site
connections
10. Which term describes a completely redundant backup facility, with almost identical
equipment to the operational facility, that is maintained in the event of a disaster?
backup site
cold site
hot site
reserve site

11. Which three detailed documents are used by security staff for an organization to
implement the security policies? (Choose three.)
asset inventory
best practices
guidelines
procedures
risk assessment
standards
12. What is a feature of an effective network security training program?
Participation in the network security training is voluntary.
Employee groups are identified and the training is customized to their needs.
All employees become trained in the design and implementation of secure
networks.
Training for all employees covers the full scope of security issues related to the
organization.
13. What is a design feature of a secure network life cycle management process?
Security is considered once the network is fully operational.
Security is purposefully included in every
every phase of the system development life
cycle.
Security requirements are assessed and fully implemented in the initiation phase
of the system development life cycle.
Security cost and reporting considerations are determined in the operations and
maintenance phase of the system development life cycle.
14. What are the two major components of a security awareness program? (Choose
two.)
awareness campaign
security policy development
security solution development
self-defending
defending network implementation
training and education
15. Which three documents comprise the hierarchical structure of a comprehensive
security policy for an organization? (Choose three.)
backup policy
backup policy
server policy
incident policy
governing policy
end-user policy

technical policy
16. When an organization implements the two-person
two person control principle, how are tasks
handled?
A task requires two individuals who review
review and approve the work of each other.
A task is broken down into two parts, and each part is assigned to a different
individual.
A task must be completed twice by two operators who must achieve the same
results.
A task is rotated among individuals within a team, each completing the entire
task for a specific amount of time.
17. Which network security test requires a network administrator to launch an attack
within the network?
network scan
password crack
penetration test
vulnerability scan
18. Which principle of the Cisco Self-Defending
Self Defending Network emphasizes that security
should be built in?
adapt
collaborate
integrate
simplify
19.

Refer to the exhibit. When implementing the Cisco Self-Defending

Self Defending Network, which
two technologies ensure confidentiality when referring to secure communications?
(Choose two.)
Cisco NAC appliances and Cisco Security Agent
Cisco Security Manager
Cisco Security Monitoring, Analysis, and Response System
Intrusion Prevention System
IPsec VPN
SSL VPN
20. Which security document includes implementation details, usually with step-by-step
step
instructions and graphics?
guideline document
standard document
procedure document
overview document
21. What is the primary focus of network operations security?
to design and develop secure application code
to support deployment and periodic maintenance of secure systems
to conduct regular employee background checks
to reprimand personnel who do not adhere to security policies
22. Which type of analysis uses a mathematical model that assigns a monetary figure to
the value of assets, the cost of threats being realized, and the cost of security
implementations?
Qualitative Risk Analysis
Quantitative Risk Analysis
Qualitative
itative Asset Analysis
Quantitative Continuity Analysis