CCNA Security FAQ: Understanding Network Security Principles
Question. Where do most attacks on an organization’s computer resources originate?
A. From the Internet
B. From the inside network
C. From universities
D. From intruders who gain physical access to the computer resources
Question. What are the three primary goals of network security? (Choose three.)
A. Confidentiality
B. Redundancy
C. Integrity
D. Availability
Question. The U.S. government places classified data into which classes? (Choose three.)
A. SBU
B. Confidential
C. Secret
D. Top-secret
Question. Cisco defines three categories of security controls: administrative, physical, and technical. Individual controls within these categories can be further classified as what three specific types of controls? (Choose three.)
A. Preventive
B. Deterrent
C. Detective
D. Reactive
Question. Litigators typically require which three of the following elements to present an effective argument when prosecuting information security violations? (Choose three.)
A. Audit trail
B. Motive
C. Means
D. Opportunity
Question. Which type of law typically involves the enforcement of regulations by government agencies?
A. Criminal law
B. Tort law
C. Administrative law
D. Civil law
Question. Which of the following is a weakness in an information system that an attacker might leverage to gain unauthorized access to the system or data on the system?
A. Risk
B. Exploit
C. Mitigation
D. Vulnerability
Question. What type of hacker attempts to hack telephony systems?
A. Script kiddy
B. Hacktivist
C. Phreaker
D. White hat hacker
Question. Which of the following is a method of gaining access to a system that bypasses normal security measures?
A. Creating a back door
B. Launching a DoS attack
C. Starting a Smurf attack
D. Conducting social engineering
Question. What security design philosophy uses a layered approach to eliminate single points of failure and provide overlapping protection?
A. AVVID
B. Defense in Depth
C. SONA
D. IINS
Question. What are two types of IP spoofing attacks? (Choose two.)
A. Nonblind spoofing
B. Promiscuous spoofing
C. Autonomous spoofing
D. Blind spoofing
Question. What term refers to the electromagnetic interference (EMI) that can radiate from network cables?
A. Doppler waves
B. Emanations
C. Gaussian distributions
D. Multimode distortion
Question. What kind of integrity attack is a collection of small attacks that result in a larger attack when combined?
A. Data diddling
B. Botnet attack
C. Hijacking a session
D. Salami attack
Question. Which of the following best describes a Smurf attack?
A. It sends ping requests to a subnet, requesting that devices on that subnet send ping replies to a target system.
B. It sends ping requests in segments of an invalid size.
C. It intercepts the third step in a TCP three-way handshake to hijack a session.
D. It uses Trojan horse applications to create a distributed collection of “zombie” computers, which can be used to launch a coordinated DDoS attack.
Question. Which of the following are Cisco best-practice recommendations for securing a network? (Choose three.)
A. Deploy HIPS software on all end-user workstations.
B. Routinely apply patches to operating systems and applications.
C. Disable unneeded services and ports on hosts.
D. Require strong passwords, and enable password expiration.