CCNA Security Part 1

118 Questions | Total Attempts: 315

SettingsSettingsSettings
CCNA Security Quizzes & Trivia

CCNA Security for certification practice. Take this quiz and learn more about ​CCNA routing and switching.


Questions and Answers
  • 1. 
    What are the three primary goals of network security?
    • A. 

      Confidentiality

    • B. 

      Redundancy

    • C. 

      Integrity

    • D. 

      Availability

  • 2. 
    Where do most attacks on an organization's computer resources originate?
    • A. 

      From the Internet

    • B. 

      From the inside network

    • C. 

      From universities

    • D. 

      From intruders who gain physical access to the computer resources

  • 3. 
    The U.S government places classified data into which classes?
    • A. 

      SBU

    • B. 

      Confidentual

    • C. 

      Secret

    • D. 

      Top Secret

  • 4. 
    Cisco defines 3 catagories of security controls: administrative, physical and technical.  Individual controls within these catagories can be further classifies as what 3 specific types of controls?
    • A. 

      Preventive

    • B. 

      Deterrent

    • C. 

      Detective

    • D. 

      Reactive

  • 5. 
    Litigators typicall require 3 of the following elements to present an effective argument when prosecuting information security violations?
    • A. 

      Audit trail

    • B. 

      Motive

    • C. 

      Means

    • D. 

      Opportunity

  • 6. 
    Which type of law typically involves the enforcement of regulations by government agencies?
    • A. 

      Criminal law

    • B. 

      Tort Law

    • C. 

      Administrative law

    • D. 

      Civil law

  • 7. 
    Which of the following is a weakness in an information system that an attacker might leverage to gain unauthorized access to the system or data on the system?
    • A. 

      Risk

    • B. 

      Exploit

    • C. 

      Mitigation

    • D. 

      Vulnerability

  • 8. 
    What type of hacker attempts to hack telephony systems?
    • A. 

      Script kiddy

    • B. 

      Hacktivist

    • C. 

      Phreaker

    • D. 

      White hat hacker

  • 9. 
    Which of the following is a method of gaining access to a system that bypasses normal security measures?
    • A. 

      Creating a back door

    • B. 

      Launching a DOS attack

    • C. 

      Starting a Smurf attack

    • D. 

      Conducting social engineering

  • 10. 
    What security design philosophy uses a layered approach to eliminate single points of failure and provide overlapping protection?
    • A. 

      AVVID

    • B. 

      Defense in Depth

    • C. 

      SONA

    • D. 

      IINS

  • 11. 
    What are 2 types of IP spoffing attacks?
    • A. 

      Nonblind spoofing

    • B. 

      Promiscuous spoofing

    • C. 

      Autonomous spoofing

    • D. 

      Blind spoofing

  • 12. 
    What term refers to the electromagnetic interference (EMI) that can radiate from network cables?
    • A. 

      Doppler waves

    • B. 

      Emanations

    • C. 

      Gaussian distributions

    • D. 

      Multimode distortion

  • 13. 
    What kind of intergrity attack is a collection of small attacks the result in a larger attack when combined?
    • A. 

      Data diddling

    • B. 

      Botnet attack

    • C. 

      Hijacking a session

    • D. 

      Salami attack

  • 14. 
    Which of the following best describes a smurf attack?
    • A. 

      It sends a ping request to a subnet, requesting that devices on that subnet send ping replies to a target system.

    • B. 

      It sends ping requests in segments of an invalid size.

    • C. 

      It intercepts the third step in a TCP three-way handshake to hijack a session

    • D. 

      It uses aTrojan horse applications to create a distributed collection of zombie computers, which can be used to launch a coordinated DDoS attack.

  • 15. 
    Which of the following are Cisco best practice recommendations for securing a network?
    • A. 

      Deploy HIPS software on all enduser workstations.

    • B. 

      Routinely apply patches to operating systems and applications.

    • C. 

      Disable unneeded services and ports on hosts.

    • D. 

      Require strong passwords, and enable password expiration.

  • 16. 
    What are the 5 phases of the system development life cycle (SDLC)?  choose 5
    • A. 

      Operations and Maintenance

    • B. 

      Acquisition and development

    • C. 

      Initiation and implementation

    • D. 

      Execution and termination

    • E. 

      Disposition

  • 17. 
    Which of the following attemps to ensure that no one employee becomes a pervasive security threat, that data can be recovered from backups and the information system changes do not compromise a sytem's security?
    • A. 

      Strategic security planning

    • B. 

      Implementation seccurity

    • C. 

      Disaster recovery

    • D. 

      Operations security

  • 18. 
    Which of the following are network evaluation techniques?
    • A. 

      Using Cisco SDM to perform a network posture validation

    • B. 

      Scanning a network for active IP addresses and open ports on those IP addresses

    • C. 

      Performing end-user training on the use of antispyware software

    • D. 

      Using password-cracking untilities

    • E. 

      Performing virus scans

  • 19. 
    What are 3 phases of disaster recovery?
    • A. 

      Emergency response phase

    • B. 

      Return to normal operations phase

    • C. 

      Threat isolation phase

    • D. 

      Recovery phase

  • 20. 
    Which of the following is a continually changing document that dictates a set of guidelines for network use?
    • A. 

      Security policy

    • B. 

      Best-practice recommendations

    • C. 

      Identity-based networking policy

    • D. 

      Acceptable-use executive summary

  • 21. 
    Which security policy component contains mandatory practices ( as opposed to recommendations or step-by-step instructions)?
    • A. 

      Guidelines

    • B. 

      Standards

    • C. 

      Procedures

    • D. 

      Tenets

  • 22. 
    Which 3 individuals are most likely to be intimately involved with the creation of a security policy?
    • A. 

      Chief Security Officer (CSO)

    • B. 

      Chief Executive Officer (CEO)

    • C. 

      Chief Information Officer (CIO)

    • D. 

      Chief Information Security Officer (CISO)

  • 23. 
    The following formula can be used to calculate annualized loss expectancy:ALE= AV*EF*AROWhich componenet of the formula represents the percentage of loss of an asset that is experience if an anticipated threat occurs?
    • A. 

      ALE

    • B. 

      AV

    • C. 

      EF

    • D. 

      ARO

  • 24. 
    All of the following are common elements of a network design.  Which one is the most important?
    • A. 

      Business needs

    • B. 

      Risk analysis

    • C. 

      Security policy

    • D. 

      Security operations

    • E. 

      They are all equally important

  • 25. 
    Which of the following makes the end-user community concious of security issues without necessarily giving any in-depth procedural instruction?
    • A. 

      Education

    • B. 

      Training

    • C. 

      Awareness

    • D. 

      Remediation

Related Topics
Back to Top Back to top