CCNA Security FAQ: Understanding Network Security Principles

CCNA Security FAQ: Understanding Network Security Principles

Question. Where do most attacks on an organization’s computer resources originate?
A. From the Internet
B. From the inside network
C. From universities
D. From intruders who gain physical access to the computer resources

Answer: B

Question. What are the three primary goals of network security? (Choose three.)
A. Confidentiality
B. Redundancy
C. Integrity
D. Availability

Answer: A, C, and D

Question. The U.S. government places classified data into which classes? (Choose three.)
A. SBU
B. Confidential
C. Secret
D. Top-secret

Answer: B, C, and D

Question. Cisco defines three categories of security controls: administrative, physical, and technical. Individual controls within these categories can be further classified as what three specific types of controls? (Choose three.)
A. Preventive
B. Deterrent
C. Detective
D. Reactive

Answer: A, B, and C

Question. Litigators typically require which three of the following elements to present an effective argument when prosecuting information security violations? (Choose three.)
A. Audit trail
B. Motive
C. Means
D. Opportunity

Answer: B, C, and D

Question. Which type of law typically involves the enforcement of regulations by government agencies?
A. Criminal law
B. Tort law
C. Administrative law
D. Civil law

Answer: C

Question. Which of the following is a weakness in an information system that an attacker might leverage to gain unauthorized access to the system or data on the system?
A. Risk
B. Exploit
C. Mitigation
D. Vulnerability

Answer: D

Question. What type of hacker attempts to hack telephony systems?
A. Script kiddy
B. Hacktivist
C. Phreaker
D. White hat hacker

Answer: C

Question. Which of the following is a method of gaining access to a system that bypasses normal security measures?
A. Creating a back door
B. Launching a DoS attack
C. Starting a Smurf attack
D. Conducting social engineering

Answer: A

Question. What security design philosophy uses a layered approach to eliminate single points of failure and provide overlapping protection?
A. AVVID
B. Defense in Depth
C. SONA
D. IINS

Answer: B

Question. What are two types of IP spoofing attacks? (Choose two.)
A. Nonblind spoofing
B. Promiscuous spoofing
C. Autonomous spoofing
D. Blind spoofing

Answer: A and D

Question. What term refers to the electromagnetic interference (EMI) that can radiate from network cables?
A. Doppler waves
B. Emanations
C. Gaussian distributions
D. Multimode distortion

Answer: B

Question. What kind of integrity attack is a collection of small attacks that result in a larger attack when combined?
A. Data diddling
B. Botnet attack
C. Hijacking a session
D. Salami attack

Answer: D

Question. Which of the following best describes a Smurf attack?
A. It sends ping requests to a subnet, requesting that devices on that subnet send ping replies to a target system.

B. It sends ping requests in segments of an invalid size.

C. It intercepts the third step in a TCP three-way handshake to hijack a session.

D. It uses Trojan horse applications to create a distributed collection of “zombie” computers, which can be used to launch a coordinated DDoS attack.

Answer: A
TCP Three-Way Handshake
1-1

Question. Which of the following are Cisco best-practice recommendations for securing a network? (Choose three.)
A. Deploy HIPS software on all end-user workstations.
B. Routinely apply patches to operating systems and applications.
C. Disable unneeded services and ports on hosts.
D. Require strong passwords, and enable password expiration.

Answer: B, C, and D

About the author

Scott

Leave a Comment