CCNA Security FAQ: Developing a Secure Network
Question. What are the five phases of the System Development Life Cycle (SDLC)? (Choose five.)
B. Operations and maintenance
C. Acquisition and development
Question. Which of the following attempts to ensure that no one employee becomes a pervasive security threat, that data can be recovered from backups, and that information system changes do not compromise a system’s security?
A. Strategic security planning
B. Implementation security
C. Disaster recovery
D. Operations security
Question. Which three of the following are network evaluation techniques? (Choose three.)
A. Using Cisco SDM to perform a network posture validation
B. Scanning a network for active IP addresses and open ports on those IP addresses
C. Performing end-user training on the use of antispyware software
D. Using password-cracking utilities
E. Performing virus scans
Question. What are three phases of disaster recovery? (Choose three.)
A. Emergency response phase
B. Return to normal operations phase
C. Threat isolation phase
D. Recovery phase
Question. Which of the following is a continually changing document that dictates a set of guidelines for network use?
A. Security policy
B. Best-practice recommendations
C. Identity-based networking policy
D. Acceptable-use executive summary
Question. Which security policy component contains mandatory practices (as opposed to recommendations or step-by-step instructions)?
Question. Which three individuals are the most likely to be intimately involved with the creation of a security policy? (Choose three.)
A. Chief Security Officer (CSO)
B. Chief Executive Officer (CEO)
C. Chief Information Officer (CIO)
D. Chief Information Security Officer (CISO)
Question. The following formula can be used to calculate annualized loss expectancy:
ALE = AV * EF * ARO
Which component of the formula represents the percentage of loss of an asset that is experienced if an anticipated threat occurs?
Question. All of the following are common elements of a network design. Which one is the most important?
A. Business needs
B. Risk analysis
C. Security policy
D. Best practices
E. Security operations
F. They are all equally important.
Question. Which of the following makes the end-user community conscious of security issues without necessarily giving any in-depth procedural instruction?
Question. What type of threat combines worm, virus, and Trojan horse characteristics?
A. Heuristic threat
B. Blended threat
C. Morphing threat
D. Integrated threat
Question. What are the three core characteristics of a Cisco Self-Defending Network? (Choose three.)
Question. Which of the following offers a variety of security solutions, including firewall, IPS, VPN, antispyware, antivirus, and antiphishing features?
A. Cisco IOS router
B. Cisco ASA 5500 series security appliance
C. Cisco PIX 500 series security appliance
D. Cisco 4200 series IPS appliance