| 1. In which phase of the system development life cycle should security requirements be addressed? |
| | | Add security requirements during the initiation phase. |
| | >> | Include a minimum set of security requirements at each phase. |
| | | Apply critical security requirements during the implementation phase. |
| | | Implement the majority of the security requirements at the acquisition phase. |
| | | |
| 2. Which type of analysis uses a mathematical model that assigns a monetary figure to the value of assets, the cost of threats being realized, and the cost of security implementations? |
| | | Qualitative Risk Analysis |
| | >> | Quantitative Risk Analysis |
| | | Qualitative Asset Analysis |
| | | Quantitative Continuity Analysis |
|
| 3. Which term describes a completely redundant backup facility, with almost identical equipment to the operational facility, that is maintained in the event of a disaster? |
| | | backup site |
| | | cold site |
| | >> | hot site |
| | | reserve site |
| | | |
| 4. Which network security test requires a network administrator to launch an attack within the network? |
| | | network scan |
| | | password crack |
| | >> | penetration test |
| | | vulnerability scan |
| | | |
| 5. Which three documents comprise the hierarchical structure of a comprehensive security policy for an organization? (Choose three.) |
| | | backup policy |
| | | server policy |
| | | incident policy |
| | >> | governing policy |
| | >> | end-user policy |
| | >> | technical policy |
| | | |
| 6. Which three detailed documents are used by security staff for an organization to implement the security policies? (Choose three.) |
| | | asset inventory |
| | | best practices |
| | >> | guidelines |
| | >> | procedures |
| | | risk assessment |
| | >> | standards |
| | | |
| 7. What are the two major components of a security awareness program? (Choose two.) |
| | >> | awareness campaign |
| | | security policy development |
| | | security solution development |
| | | self-defending network implementation |
| | >> | training and education |
| | | |
| 8. When an organization implements the two-person control principle, how are tasks handled? |
| | >> | A task requires two individuals who review and approve the work of each other. |
| | | A task is broken down into two parts, and each part is assigned to a different individual. |
| | | A task must be completed twice by two operators who must achieve the same results. |
| | | A task is rotated among individuals within a team, each completing the entire task for a specific amount of time. |
| | | |
| 9. Which component of the security policy lists specific websites, newsgroups, or bandwidth-intensive applications that are not allowed on the company network? |
| | | remote access policies |
| | >> | acceptable use policies |
| | | incident handling procedures |
| | | identification and authentication policies |
| | | |
| 10. Which security document includes implementation details, usually with step-by-step instructions and graphics? |
| | | guideline document |
| | | standard document |
| | >> | procedure document |
| | | overview document |
| | | |
| 11. Which option describes ethics? |
| | >> | Ethics is a standard that is higher than the law. |
| | | Ethics involves government agencies enforcing regulations. |
| | | Ethics compliance is the basis for setting security policies. |
| | | Ethics deals with criminal law and monetary compensation. |
| | | |
| 12. In the Cisco SecureX architecture, which component is considered the workhorse of policy enforcement? |
| | | next-generation endpoint |
| | | policy management console |
| | >> | scanning engine |
| | | Security Intelligence Operations |
| | | |
| 13. Which development has contributed most to the growing demand for a borderless network? |
| | >> | consumer endpoints |
| | | DMZ services |
| | | corporate managed laptops |
| | | personal firewall software |
| | | |
| 14. Which aspect of a scanning element is able to determine a security policy to apply based on information such as the person using the device, the location of the device, and the application being used? |
| | >> | context awareness |
| | | perimeter awareness |
| | | centralized enforcement |
| | | perimeter deployment |
| | | |
| 15. A company is considering implementing the Cisco SecureX security architecture. What is the purpose of Cisco TrustSec? |
| | >> | It is a technology that implements packet tagging to allow security elements to share information from scanning elements. |
| | | It is a large cloud-based security ecosystem with global correlation. |
| | | It is a stand-alone appliance managed from a central policy console. |
| | | It is a perimeter-based, stand-alone network scanning device. |
| | | |
| 16. Which statement about network security within the SecureX architecture is true? |
| | >> | It is located closer to the end user. |
| | | It is implemented in the network core. |
| | | It is enforced in a highly centralized structure. |
| | | It is managed by a single policy. |
| | | |
| 17. Which Cisco SecureX product family would be primarily responsible for detecting and blocking attacks and exploits, while preventing intruder access? |
| | | secure e-mail and web |
| | | secure access |
| | | secure mobility |
| | | secure data center |
| | >> | secure network |
| | | |
| 18. Which SecureX product family would include Cisco AnyConnect? |
| | | secure network |
| | | secure e-mail and web |
| | | secure access |
| | >> | secure mobility |
| | | secure data center |
| | | |
| 19. If a web browser is to be used, and not a hardware or software-based client, which Cisco solution is best for establishing a secure VPN connection? |
| | >> | VPN Services for Cisco ASA Series |
| | | Cisco Adaptive Wireless IPS Software |
| | | Cisco AnyConnect Secure Mobility Solutions |
| | | Cisco Virtual Security Gateway |
| | | |
| 20. Which Cisco secure access solution can be used to determine if hosts are compliant with security policies? |
| | >> | Network Admission Control Appliance |
| | | Cisco Secure Access Control System |
| | | Cisco AnyConnect Secure Mobility Solutions |
| | | Cisco Adaptive Wireless IPS Software |
| | | |
| 21. What protocol is used by SCP for secure transport? |
| | | IPSec |
| | | HTTPS |
| | >> | SSH |
| | | Telnet |
| | | TFTP |
