CCNA Security v2.0 Chapter 11 Exam Answers

• vulnerability scanning*
• network scanning
• integrity checkers
• penetration testing

2. How does network scanning help assess operations security?

• It can simulate attacks from malicious sources.
• It can log abnormal activity.
• It can detect open TCP ports on network systems.*
• It can detect weak or blank passwords.

3. What is the objective of the governing policy in the security policy hierarchy structure?

• It covers all rules pertaining to information security that end users should know about and follow.
• It outlines the company’s overall security goals for managers and technical staff.*
• It provides general policies on how the technical staff should perform security functions.
• It defines system and issue-specific policies that describe what the technical staff does.

4. Which type of security policy document is it that includes implementation details that usually contain step-by-step instructions and graphics?

• best practices document
• procedure document*
• standards document
• guideline document

5. What is the purpose of a security awareness campaign?

• to teach skills so employees can perform security tasks
• to focus the attention of employees on security issues*
• to provide users with a training curriculum that can ultimately lead to a formal degree
• to integrate all the security skills and competencies into a single body of knowledge

6. What is the goal of network penetration testing?

• detecting configuration changes on network systems
• detecting potential weaknesses in systems
• determining the feasibility and the potential consequences of a successful attack*
• detecting weak passwords

7. What network security testing tool has the ability to provide details on the source of suspicious network activity?

• SIEM*
• SuperScan
• Zenmap
• Tripwire

8. What network scanning tool has advanced features that allows it to use decoy hosts to mask the source of the scan?

• Nessus
• Metasploit
• Tripwire
• Nmap*

9. What network testing tool can be used to identify network layer protocols running on a host?

• SIEM
• Nmap*
• L0phtcrack
• Tripwire

10. What type of network security test would be used by network administrators for detection and reporting of changes to network systems?

• penetration testing
• vulnerability scanning
• integrity checking*
• network scanning

11. What testing tool is available for network administrators who need a GUI version of Nmap?

• Nessus
• SIEM
• Zenmap*
• SuperScan

12. Which initial step should be followed when a security breach is found on a corporate system?

• Create a drive image of the system.
• Isolate the infected system.*
• Establish a chain of custody.
• Photograph the system.

13. What step should be taken after data is collected, but before equipment is disconnected, if a security breach is found on a system?

• Create a drive image of the system.
• Isolate the infected system.
• Photograph the system.*
• Determine if data tampering has occurred.

14. Which security program is aimed at all levels of an organization, including end users and executive staff?

• educational degree programs
• certificate programs
• awareness campaigns*
• firewall implementation training courses

15. What is implemented by administration to instruct end users in how to effectively conduct business safely within an organization?

• security awareness program*
• governing policy
• noncompliance consequences
• technical policy

16. What are two major components of a security awareness program? (Choose two.)

• technical policy
• procedure documents
• awareness campaigns*
• guideline documents
• education and training*

17. Which type of documents include implementation details that usually contain step-by-step instructions and graphics?

• standards documents
• procedure documents*
• guideline documents
• end-user policy documents

18. Which type of documents help an organization establish consistency in the operations of the network by specifying criteria that must be followed?

• guidelines
• standards*
• procedures
• end user policies

19. Which policy outlines the overall security goals for managers and technical staff within a company?

• acceptable use policy
• technical policy
• governing policy*
• end-user policy

20. Which type of security policy includes network access standards and server security policies?

• end user policy
• technical policy*
• governing policy
• acceptable use policy

21. Which type of security policy includes acceptable encryption methods?

• governing policy
• acceptable use policy
• technical policy*
• end-user policy

22. What is the determining factor in the content of a security policy within an organization?

• the security staff
• the audience*
• the chief executive officer
• the best practices

23. Which executive position is ultimately responsible for the success of an organization?

• Chief Technology Officer
• Chief Executive Officer*
• Chief Security Officer
• Chief Information Officer

24. Match the network security testing tool with the correct function. (Not all options are used.)

Question

Answer