CCNA Cyber Ops FAQ: Introduction to Security Operations Management
Q1. In which phase of the identity and account life cycle are the access rights assigned?
B. Access review
C. Privileges provisioning
D. Identity validation
Q2. What is an advantage of a system-generated password?
A. It is easy to remember.
B. It complies with the organization’s password policy.
C. It is very long.
D. It includes numbers and letters
Q3. Which of the following is a password system that’s based on tokens and uses a challengeresponse mechanism?
A. Synchronous token system
B. Asynchronous token system
C. One-time token system
D. Time-base token system
Q4. In the context of the X.500 standard, how is an entity uniquely identified within a directory information tree?
A. By its distinguish name (DN)
B. By its relative distinguish name (RDN)
C. By its FQDN
D. By its DNS name
Q5. What is the main advantage of single sign-on?
A. The user authenticates with SSO and is authorized to access resources on multiple systems.
B. The SSO server will automatically update the password on all systems.
C. The SSO server is a single point of failure.
D. SSO is an open source protocol.
Q6. What is the main advantage of an SIEM compared to a normal log collector?
A. It provides log storage.
B. It provides log correlation.
C. It provides a GUI.
D. It provides a log search functionality.
Q7. In asset management, what is used to create a list of assets owned by the organization?
A. Asset inventory
B. Asset acceptable use
C. Asset disposal
D. Asset category
Q8. Which of the following are advantages of a cloud-based mobile device manager compared to an on-premises model? (Select all that apply.)
A. Higher control
D. Easier maintenance
Q9. Which of the following is a typical feature of a Mobile Device Management solution?
A. Device jailbreak
B. PIN lock enforcement
C. Call forwarding
D. Speed dial
Q10. In the context of configuration management, which of the following best defines a security baseline configuration?
A. A configuration that has been formally reviewed and approved
B. The default configuration from the device vendor
C. A configuration that can be changed without a formal approval
D. The initial server configuration
Q11. A change that is low risk and might not need to follow the full change management process is classified as which of the following?
Q12. In which type of penetration assessment is all information about the systems and network known?
A. White box approach
B. Black box approach
C. Gray box approach
D. Silver box approach
Q13. In which type of vulnerability disclosure approach is the vulnerability exploit not disclosed?
A. Partial disclosure
B. Full disclosure
C. Responsible disclosure
D. Initial disclosure
Q14. Which of the following are required before a patch can be applied? (Select all that apply.)
A. Formally start a request for change.
B. Perform a security assessment.
C. Verify that the patch works correctly.
D. Test the patch in the lab.
Q15. Which of the following are properties of a secure digital identity? (Select all that apply.)
Q16. Why is a periodic access rights and privileges review important?
A. To avoid privilege creep
B. To verify a user’s security clearance
C. To ensure credentials are encrypted
D. To assign a security label
Q17. In which cases can access be revoked? (Select all that apply.)
A. After job termination
B. When a user moves to another job
C. When creating an administrative user
D. Due to a security violation
Q18. Which of the following are responsibilities of an asset owner? (Mark all that apply)
A. Implementation of security controls
B. Asset security classification
C. Asset disposal
D. Analysis of the access logs
Q19. What is the relative distinguished name at the organizational unit level of the following entity? C=US, O=Cisco, OU=CCNA Learning, CN=Jones?
A. OU=CCNA Learning
B. C=US, O=Cisco, OU=CCNA Learning
D. OU=CCNA Learning, CN=Jones
Q20. In which case should an employee return his laptop to the organization?
A. When moving to a different role
B. Upon termination of the employment
C. As described in the asset return policy
D. When the laptop is end of lease
Q21. Where are configuration records stored?
A. In a CMDB
B. In a MySQL DB
C. In a XLS file
D. There is no need to store them
Q22. Which type of vulnerability scanner probes the target system to get information?
Q23. In which enterprise patch management model can the system can install a patch automatically?
C. Agent based
D. Install based
Q24. What is the syslog priority (PRI) of a message from facility 20 with a severity of 4?
Q25. What is the log normalization functionality used for?
A. It provides a way to archive logs.
B. It aggregates information based on common information and reduces duplicates.
C. It provides reporting capabilities.
D. It extracts relevant attributes from logs received in different formats and stores them in a common data model or template.
Q26. Which of the following functions are typically provided by an SIEM? (Select all that apply.)
A. Log correlation
B. Log archiving
C. Log normalization
D. Log correction
Q27. Which elements are found in a typical Cisco BYOD architecture? (Select all that apply.)
A. Mobile device management (MDM) server
B. Cisco ISE
C. Cisco MARS
D. Cisco ASR5000
Q28. At which step of the change process is the configuration database updated?
A. In the review and close change record
B. When the request for change is created
C. During the change implementation
D. During the request for change review
Q29. Which of the following are true statements regarding vulnerability scanners and penetration assessments? (Select all that apply.)
A. Vulnerability scanners can crash a device; penetration assessments do not.
B. Vulnerability scanners usually work with known vulnerabilities.
C. Penetration assessment is typically fully automated.
D. Vulnerability scanners can work in active mode and passive mode.
Q30. What is an OVAL definition?
A. An XML file that contains information about how to check a system for the presence of vulnerabilities.
B. It is synonymous with the OVAL language.
C. An XML file used to represent reporting on the vulnerability assessment.
D. A database schema.