Archivo: /home/roberto/Documentos/IT/ccns/tema9

Pgina 1 de 3

1 In which phase of the system development life cycle should security requirements be addressed? Add security requirements during the initiation phase. * Include a minimum set of security requirements at each phase. Apply critical security requirements during the implementation phase. Implement the majority of the security requirements at the acquisition phase. 2 Which type of analysis uses a mathematical model that assigns a monetary figure to the value of assets, the cost of threats being realized, and the cost of security implementations? Qualitative Risk Analysis * Quantitative Risk Analysis Qualitative Asset Analysis Quantitative Continuity Analysis 3 Which term describes a completely redundant backup facility, with almost identical equipment to the operational facility, that is maintained in the event of a disaster? backup site cold site * hot site reserve site 4 Which network security test requires a network administrator to launch an attack within the network? network scan password crack * penetration test vulnerability scan 5 Which three documents comprise the hierarchical structure of a comprehensive security policy for an organization? (Choose three.) backup policy server policy incident policy * governing policy * end-user policy * technical policy 6 Which three detailed documents are used by security staff for an organization to implement the security policies? (Choose three.) asset inventory best practices * guidelines * procedures risk assessment * standards 7 What are the two major components of a security awareness program? (Choose two.) * awareness campaign security policy development security solution development self-defending network implementation * training and education 8 When an organization implements the two-person control principle, how are tasks handled? * A task requires two individuals who review and approve the work of each other. A task is broken down into two parts, and each part is assigned to a different individual. A task must be completed twice by two operators who must achieve the same results. A task is rotated among individuals within a team, each completing the entire task for a specific amount of time. 9 Which component of the security policy lists specific websites, newsgroups, or bandwidth-intensive applications that are not allowed on the company network? remote access policies * acceptable use policies incident handling procedures identification and authentication policies 10

Archivo: /home/roberto/Documentos/IT/ccns/tema9

Pgina 2 de 3

Which security document includes implementation details, usually with step-by-step instructions and graphics? guideline document standard document * procedure document overview document 11 Which option describes ethics? * Ethics is a standard that is higher than the law. Ethics involves government agencies enforcing regulations. Ethics compliance is the basis for setting security policies. Ethics deals with criminal law and monetary compensation. 12 In the Cisco SecureX architecture, which component is considered the workhorse of policy enforcement? next-generation endpoint policy management console * scanning engine Security Intelligence Operations 13 Which development has contributed most to the growing demand for a borderless network? * consumer endpoints DMZ services corporate managed laptops personal firewall software 14 Which aspect of a scanning element is able to determine a security policy to apply based on information such as the person using the device, the location of the device, and the application being used? * context awareness perimeter awareness centralized enforcement perimeter deployment 15 A company is considering implementing the Cisco SecureX security architecture. What is the purpose of Cisco TrustSec? * It is a technology that implements packet tagging to allow security elements to share information from scanning elements. It is a large cloud-based security ecosystem with global correlation. It is a stand-alone appliance managed from a central policy console. It is a perimeter-based, stand-alone network scanning device. 16 Which statement about network security within the SecureX architecture is true? * It is located closer to the end user. It is implemented in the network core. It is enforced in a highly centralized structure. It is managed by a single policy. 17 Which Cisco SecureX product family would be primarily responsible for detecting and blocking attacks and exploits, while preventing intruder access? secure e-mail and web secure access secure mobility secure data center * secure network 18 Which SecureX product family would include Cisco AnyConnect? secure network secure e-mail and web secure access * secure mobility secure data center 19 If a web browser is to be used, and not a hardware or software-based client, which Cisco solution is

Archivo: /home/roberto/Documentos/IT/ccns/tema9
best for establishing a secure VPN connection? * VPN Services for Cisco ASA Series Cisco Adaptive Wireless IPS Software Cisco AnyConnect Secure Mobility Solutions Cisco Virtual Security Gateway

Pgina 3 de 3

20 Which Cisco secure access solution can be used to determine if hosts are compliant with security policies? * Network Admission Control Appliance Cisco Secure Access Control System Cisco AnyConnect Secure Mobility Solutions Cisco Adaptive Wireless IPS Software 21 What protocol is used by SCP for secure transport? IPSec HTTPS * SSH Telnet TFTP