| Question 1 | The Computer Security Institute (CSI) conducted a survey showing that what percentage of the organizations polled admitted to security breaches? -
A. 60% -
B. 50% -
C. 70% -
D. 7% |
| A1: | Answer C is correct. The CSI conducted surveys that found that 70% of the organizations polled had security breaches and that 60% of them came from within the organizations themselves . Therefore, answers A, B, and D are incorrect. |
| Question 2 | What is the primary goal of a DDoS attack? -
A. To gather secure information -
B. To use many networks against a single computer -
C. To stop a network from working -
D. To collect information about possible active ports |
| A2: | Answer C is correct. DDoS attacks are intended to disable or slow a network or network services. DDoS attacks combine the power of multiple attacking computers and focus their attacks on a single receiving network. Therefore, answers A, B, and D are incorrect. |
| Question 3 | Using the Cisco security wheel, what are the four main steps? -
A. Secure, security policy, monitor, test -
B. Secure, monitor, test, improve -
C. Security policy, monitor, test, improve -
D. Secure, monitor, test, update |
| A3: | Answer B is correct. The security wheel contains four main steps: secure, monitor, test, and improve. These steps form a circle around the security policy and are used to maintain and update the policy as necessary. The security policy itself is not a step. Therefore, answers A, C, and D are incorrect. |
| Question 4 | Using the Cisco security wheel, which tool could be used to help test and validate your security policy? |
| A4: | Answer B is correct. The Cisco Secure Scanner tool can be used to identify and test your security. Cisco Secure Intrusion Detection Systems is used to monitor traffic and possible attacks against the network, so answer A is incorrect. Answer C is incorrect because Cisco Network Sniffer does not exist. Answer D is incorrect because Cisco Secure Access Control Server (CSACS) is used as an authentication service. |
| Question 5 | What are the four security threat categories? (Select four.) |
| A5: | Answers B, D, E, and F are correct. Experienced individuals perform structured threats, whereas inexperienced individuals known as script kiddies perform unstructured threats. Individuals working inside the corporation, such as disgruntled employees , execute internal threats. External threats are executed by individuals working outside the corporation. The other threats listed do not exist. Therefore, answers A, C, and G are incorrect. |
| Question 6 | What are the three categories of attacks? (Select three.) |
| A6: | Answers A, C, and D are correct. Reconnaissance attacks employ tools such as ping sweepers and port scanners in an effort to discover active systems that could be targets in the future. Access attacks take advantage of authentication weaknesses to gain access to data and information. Finally, DoS attacks send large amounts of useless traffic into a network to disable or slow down that network. Answer B is incorrect because an experienced attack is not one of the main attacks, although it sounds like the structured threats performed by experienced hackers. Answer E is incorrect because an unstructured attack is not an actual attack, although it sounds like the unstructured security threat. |
| Question 7 | Against which type of attack would strong authentication be used as a first line of defense? |
| A7: | Answer A is correct. There are several types of access attacks, including password guessing and the use of brute-force password programs. Brute-force and dictionary password cracking programs attempt to discover a password by either trying commonly used passwords or every possible combination of characters . The use of strong authentication can prevent the discovery of passwords during an access attack. Therefore, answers B, C, and D are incorrect. |
| Question 8 | Which type of attack is a Trojan horse? |
| A8: | Answer A is correct. Trojan horses are one type of access attack. Trojan horses are typically programs hidden within other programs or email messages and can cause several problems, including sending an email message to everyone in the recipient's address book, deleting files, or collecting password information to be forwarded to a hacker. Therefore, answers B, C, and D are incorrect. |
| Question 9 | Which tool would you use when using the security wheel monitoring step? |
| A9: | Answer B is correct. During the monitoring step of the security wheel, Cisco Secure Intrusion Detection Systems can be used to monitor traffic signatures and help detect attacks. Access monitor does not exist, so answer A is incorrect. Cisco Secure Access Control Server is used to provide better security in the first (secure) step, so answer C is incorrect. Cisco Secure Scanner is used in the testing step, so answer D is incorrect. |
| Question 10 | Network security is constantly changing. The security wheel consists of four mains steps to maintain effective network security. What do the four steps update? |
| A10: | Answer C is correct. The security wheel steps are secure, monitor, test, and improve. These steps are used to either apply or evaluate the security policy recommendations, and furthermore to update the policy where weaknesses exist. Therefore, answers A, B, and D are incorrect. |
