Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : CCSP-Cisco Certified Security Professional : Network Security Threats Questions and Answers

Network Security Threats Questions and Answers

Jul 06,2009 by alperen

small font medium font large font
image

Questions

1. 

Which of the following is not a common cause of network security problems?

  1. Technology weakness

  2. Configuration weakness

  3. Planning weakness

  4. Policy weakness

2. 

Which four of the following are primary types of network threats?

  1. Planned threats

  2. Unstructured threats

  3. External threats

  4. Structured threats

  5. Internal threats

3. 

A virus is an example of which of the types of network threats?

  1. Planned threats

  2. Unstructured threats

  3. External threats

  4. Structured threats

  5. Internal threats

4. 

Which of the following is not one of the four primary types of network attack?

  1. Access attacks

  2. Data manipulation attacks

  3. Reconnaissance attacks

  4. Programmed attacks

  5. Denial of service attacks


5. 

In a reconnaissance attack, which one of the following is not a part of target discovery?

  1. Ping sweeps

  2. Ping of Death

  3. Port scans

  4. DNS queries


6. 

Which one of the following is an example of social engineering relative to security?

  1. Guessing a password based on a person’s vanity license plate

  2. All users in a department using the same user name and password

  3. Giving your password to the home office technician, so they can test your account

  4. Using a password of eight characters, uppercase and lowercase, plus numbers


7. 

A standard DoS attack typically includes which one of the following?

  1. An attacker, a series of Zombies, and the target

  2. An attacker, a war dialer, and the target

  3. An attacker, a series of Zombies, and the target

  4. An attacker and the target

8. 

Which of the following is not a well-known DoS attack?

  1. Ping of Death

  2. Tribe Flood Network

  3. Trinoo

  4. TCP SYN Flood

  5. Script kiddy

9. 

IP spoofing is an example of which of the following?

  1. DoS attack

  2. Reconnaissance attacks

  3. Data manipulation attacks

  4. Brute force attack

10. 

RFC 2827 filtering refers to which of the following?

  1. Filtering private IP addresses

  2. Filtering based on trusted external addresses

  3. Filtering based on source addresses that belong on a network segment

  4. Filtering based on destination addresses that belong on a network segment


11. 

Which of the following involves denying responsibility for a transaction?

  1. Session replay

  2. Rerouting

  3. Repudiation

  4. Session hijacking


12. 

Which of the following provides a standards-based network architecture and comprehensive set of best practices that allow businesses to develop business and technology strategies, which scale to meet the changing demands of e-business?

  1. SAFE

  2. DrDos

  3. AVVID

  4. Digital signatures


13. 

RFC 1918 filtering refers to which of the following?

  1. Filtering private IP addresses

  2. Filtering based on trusted external addresses

  3. Filtering based on source addresses that belong on a network segment

  4. Filtering based on destination addresses that belong on a network segment


14. 

Which of the following best describes a good security plan for an organization?

  1. Set it and forget it

  2. Ad hoc

  3. Evolutionary

  4. Rigid

15. 

Which one of the following is not a part of the Cisco Security Wheel?

  1. Monitor

  2. Administer

  3. Test

  4. Secure

16. 

What is at the center of the Cisco Security Wheel?

  1. Strong network support staff

  2. Improvement

  3. Network security policy

  4. Flexibility

17. 

According to the “Site Security Handbook” (RFC 2196) a security policy is

  1. An informal set of suggestions by which people who are given access to an organization’s technology and information assets should abidB.

  2. A formal statement of the rules by which people who are given access to an organization’s technology and information assets must abidC.

  3. A formal statement of the rules by which network administrators can control access to an organization’s technology and information assets.

  4. RFC 2196 doesn’t deal with this issue.


18. 

Which of the following is not a reason to create a network security policy?

  1. It provides a blueprint for security purchases and implementations.

  2. It defines technologies that can and cannot be added to the network.

  3. It provides the procedures to follow in case of a security incident.

  4. It frees up network security personnel to work on other projects.

  5. It provides a process and targets to audit existing security.


19. 

Developing a security policy is often described as a balancing act. Which three of the following are common compromises that need to be made?

  1. Security cost versus risk of loss

  2. Security cost versus local or federal regulations

  3. Security versus ease of use

  4. Security versus services provided

  5. Local or federal regulations versus ease of use

20. 

When evaluating risk associated with a security breach, which three of the following might result from someone accessing the companies sales order entry system?

  1. Loss of reputation

  2. Loss of company data or intellectual property

  3. Loss of temper

  4. Loss of service

  5. Loss of privacy

21. 

Which of the following might be included in an acceptable use policy (AUP)?

  1. Acceptable and unacceptable Internet activities

  2. Penalties or sanctions for violating the policy

  3. Acceptable and unacceptable e-mail activities

  4. Acceptable and unacceptable telephone use

  5. Acceptable and unacceptable copier or fax use

  6. All of the above


22. 

Which of the following is likely to result in a security policy that will meet the needs of an organization?

  1. The network security staff develops the policy.

  2. The network security staff and network operations staff develop the policy.

  3. Representatives of all major groups that use and manage the networks, plus representatives of management develop the policD.

  4. The network security staff and company management develop the polic


23. 

In developing a security policy, as in any risk analysis, the first two things you must identify are the

  1. Opportunities

  2. Assets

  3. Hardships

  4. Threats

24. 

According to the RFC, which of the following is not a characteristic required of a good security policy?

  1. It must be implementable through network administration technologies, by publishing rules and acceptable use policies, or other appropriate methodB.

  2. It must clearly define the areas of responsibility for the users, administrators, and management. Maybe as important, it should clearly identify the limits of authority for each group under predictable circumstances.

  3. It must be state of the art, implementing all the latest, most advanced technologies and procedures to protect the company resources.

  4. It must be enforceable with security tools, where appropriate, and with sanctions, where actual prevention isn’t technically or financially feasible.


25. 

When a group of sales reps plug a wireless access point into a network jack so they can use wireless NICs on their laptop, they

  1. Greatly increase their mobility and freedom

  2. Increase the number of usable connections to the network

  3. Probably violate the wireless access policy of the security policy

  4. Add a hub that will reduce the bandwidth to each user

26. 

Which of the following statements best describes monitoring and auditing?

  1. They are two terms for the same process.

  2. Auditing is routine scheduled reviewing of security, while monitoring is random and unpredictable reviewing of securitC.

  3. Monitoring catches bad guys outside the network, while auditing catches bad guys inside the networD.

  4. Monitoring is routine scheduled reviewing of security, while auditing is a random and unpredictable reviewing of securit

Answers

1. 

C. Planning weakness

2. 

B. Unstructured threats; C. External threats; D. Structured threats; and E. Internal threats

3. 

B. Unstructured threats

4. 

D. Programmed attacks

5. 

B. Ping of Death

6. 

C. Giving your password to the home office technician so they can test your account. There is never a reason to give someone your password, or for a legitimate tech to ask for it.

7. 

D. An attacker and the target

8. 

E. Script kiddy

9. 

C. Data manipulation attacks

10. 

C. Filtering based on source addresses that belong on a network segment

11. 

C. Repudiation

12. 

C. AVVID

13. 

A. Filtering private IP addresses

14. 

C. Evolutionary

15. 

B. Administer

16. 

C. Network security policy

17. 

B. A formal statement of the rules by which people who are given access to an organization’s technology and information assets must abide

18. 

D. It frees up network security personnel to work on other projects.

19. 

A. Security cost versus risk of loss; C. Security versus ease of use; and D. Security versus services provided

20. 

A. Loss of reputation B. Loss of company data or intellectual property; and E. Loss of privacy; (While loss of temper might occur, this isn’t one of the risk criteria.)

21. 

F. All of the above

22. 

C. Representatives of all major groups that use and manage the networks, plus representatives of management develop the policy.

23. 

B. Assets and D. Threats

24. 

C. It must be state of the art implementing all of the latest and most advanced technologies and procedures to protect the company resources. (While a good idea, this might be far from cost-effective for many organizations.)

25. 

C. Probably violate the wireless access policy of the security policy (While all the statements are true, within the context of this course, this is the important issue.)

26. 

D. Monitoring is routine scheduled reviewing of security, while auditing is a random and unpredictable reviewing of security.


412 times read

Related news
» Evaluating a Network Security Policy
by alperen posted on Jul 04,2009
» Network Security Policy
by alperen posted on Jul 04,2009
» Identifying the Threats
by alperen posted on Jul 04,2009
» Deploying Cisco IDS Sensors
by admin posted on Nov 24,2008
» Unstructured Threats
by admin posted on Nov 24,2008
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

alperen

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.