SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
CCNA Security
Start Test
Study First
Subjects
:
cisco
,
it-skills
,
ccna
Instructions:
Answer 30 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. SDLC: Disposition
1. Relocating operations to another facility while the original facility is under repair 2. Using alternative forms of internal and external communication
1. Information preservation 2. Media sanitation 3. Hardware and software disposal
1. Inspection of security system 2. System integration 3. Security certification 4. Security accreditation
2. Cisco Security Products: HIPS
Host-based Intrusion Prevention System (HIPS) - Example Cisco Security Agent
1. Initiation 2. Acquisition and development 3. Implementation 4. Operations and maintenance 5. Disposition
An attempt to secure hardware - software - and various media while investigating anomalous network behavior.
Application that provides AAA funtionality
3. What are the 3 phases of disaster recovery?
1. Emergency Response 2. Recovery 3. Return to Normal Operations
1. Inspection of security system 2. System integration 3. Security certification 4. Security accreditation
1. Hot site: completely redundant site 2. Warm site: similar - but outdated equipment 3. Cold site: network needs to be built from scratch
1. Configuration management and control 2. Continuous monitoring
4. What is the difference between a Qualitative analysis and a Quantitative Analysis
1. Formalized risk assessment 2. Security functional requirements 3. Security assurance/legal requirements 4. Cost considerations 5. Security planning (security controls in use) 6. Design and development of security controls 7. Basic testing
Qualitative mathematically models the probability and severity of a risk while Quantitative uses a scenario model (better for big deployments)
Consists of a collection of security solutions to identify - prevent and adapt to emerging threats.
Cisco 5500 Adaptive Security Appliances (ASA) offers a wide variety of security solutions such as firewall - IPS - VPN - anti-spyware - antivirus - and anti-phishing.
5. What are the 3 types of backup sites?
Cisco PIX 500 series of security appliances offer firewall and VPN-termination features.
Qualitative mathematically models the probability and severity of a risk while Quantitative uses a scenario model (better for big deployments)
Analyze inline traffic for malicious activity. IPS can drop offending traffic - instruct appliances to block specific host - send alerts etc.
1. Hot site: completely redundant site 2. Warm site: similar - but outdated equipment 3. Cold site: network needs to be built from scratch
6. SDLC: Implementation
Security Device Manager provides GUI for configuring security features (e.g. IPS - IPSec site-site VPN - firewall features)
Many Cisco IOS routers can be configured with Intrusion Prevention System (IPS) - virtual private network (VPN) and firewall features.
1. Inspection of security system 2. System integration 3. Security certification 4. Security accreditation
7. Cisco Security Products: ASA 5500
1. Initiation 2. Acquisition and development 3. Implementation 4. Operations and maintenance 5. Disposition
Security Device Manager provides GUI for configuring security features (e.g. IPS - IPSec site-site VPN - firewall features)
Cisco 5500 Adaptive Security Appliances (ASA) offers a wide variety of security solutions such as firewall - IPS - VPN - anti-spyware - antivirus - and anti-phishing.
ALE = Monetary value to justify expense of security solutions AV = total cost of an asset EF = % representing percentage of loss that an asset experiences ARO = How many times per year a threat occurs
8. What are the components of a Security Policy?
1. Information preservation 2. Media sanitation 3. Hardware and software disposal
Analyze inline traffic for malicious activity. IPS can drop offending traffic - instruct appliances to block specific host - send alerts etc.
1. Separate duties (dual operator - two-man control) 2. Rotate duties (allows peer review) 3. System failure preparation (Trusted recovery) 4. Multiple personnel oversee configuration changes to anticipate issues
9. What are the 5 phases of the System Development Life Cycle (SDLC)?
1. Separate duties (dual operator - two-man control) 2. Rotate duties (allows peer review) 3. System failure preparation (Trusted recovery) 4. Multiple personnel oversee configuration changes to anticipate issues
1. Initiation 2. Acquisition and development 3. Implementation 4. Operations and maintenance 5. Disposition
Cisco PIX 500 series of security appliances offer firewall and VPN-termination features.
10. What are the 4 Operations Security Recommendations
1. Formalized risk assessment 2. Security functional requirements 3. Security assurance/legal requirements 4. Cost considerations 5. Security planning (security controls in use) 6. Design and development of security controls 7. Basic testing
1. Separate duties (dual operator - two-man control) 2. Rotate duties (allows peer review) 3. System failure preparation (Trusted recovery) 4. Multiple personnel oversee configuration changes to anticipate issues
Cisco 5500 Adaptive Security Appliances (ASA) offers a wide variety of security solutions such as firewall - IPS - VPN - anti-spyware - antivirus - and anti-phishing.
11. What are two types of risk mitigation
An attempt to secure hardware - software - and various media while investigating anomalous network behavior.
Risk Management: keeping damange to a minimum - Risk Avoidance: preventing risk from occuring
1. Categorize severity of a security breach 2. Preliminary (high-level) risk assessment
Application that provides IPS services on a host.
12. Cisco Security Products: Cisco Security Agent (CSA)
Application that provides IPS services on a host.
Module that goes in a Catalyst 6500 or similar to provide firewall services between VLANs.
Security Device Manager provides GUI for configuring security features (e.g. IPS - IPSec site-site VPN - firewall features)
Analyze inline traffic for malicious activity. IPS can drop offending traffic - instruct appliances to block specific host - send alerts etc.
13. What are the 3 classifications of disruptions?
Many Cisco IOS routers can be configured with Intrusion Prevention System (IPS) - virtual private network (VPN) and firewall features.
1. Non-disaster: Brief interruption 2. Disaster: Interruption 1-7 days 3. Catastrophe: Move to alternative site - all resources destroyed.
1. Hot site: completely redundant site 2. Warm site: similar - but outdated equipment 3. Cold site: network needs to be built from scratch
Analyze inline traffic for malicious activity. IPS can drop offending traffic - instruct appliances to block specific host - send alerts etc.
14. What are the components (hierarchy) of the Cisco Self-Defending Network?
Consists of a collection of security solutions to identify - prevent and adapt to emerging threats.
Security Device Manager provides GUI for configuring security features (e.g. IPS - IPSec site-site VPN - firewall features)
Module that goes in a Catalyst 6500 or similar to provide firewall services between VLANs.
15. Cisco Security Products: SDM
ALE = Monetary value to justify expense of security solutions AV = total cost of an asset EF = % representing percentage of loss that an asset experiences ARO = How many times per year a threat occurs
Host-based Intrusion Prevention System (HIPS) - Example Cisco Security Agent
Risk Management: keeping damange to a minimum - Risk Avoidance: preventing risk from occuring
Security Device Manager provides GUI for configuring security features (e.g. IPS - IPSec site-site VPN - firewall features)
16. What is the Cisco Self-Defending Network?
An attempt to secure hardware - software - and various media while investigating anomalous network behavior.
Consists of a collection of security solutions to identify - prevent and adapt to emerging threats.
An application used to configure security features on a variety of IOS-based routers - ASA 5500 - PIX 500 - IPS 4200 - Catalyst 6500 through a graphical interface. Also provides a centralized policy and inter-operates with Cisco ACS.
Risk Management: keeping damange to a minimum - Risk Avoidance: preventing risk from occuring
17. What are two primary goals of business continuity planning?
Application that provides AAA funtionality
1. Relocating operations to another facility while the original facility is under repair 2. Using alternative forms of internal and external communication
1. Formalized risk assessment 2. Security functional requirements 3. Security assurance/legal requirements 4. Cost considerations 5. Security planning (security controls in use) 6. Design and development of security controls 7. Basic testing
Cisco PIX 500 series of security appliances offer firewall and VPN-termination features.
18. What is MARS?
Monitors security devices and applications: Uses event correlation to collect events from multiple devices - reducing the number of false positives - Identified appropriate mitigation strategies - Uses Cisco NetFlow technology to more readily identif
Application that provides AAA funtionality
1. Categorize severity of a security breach 2. Preliminary (high-level) risk assessment
1. Non-disaster: Brief interruption 2. Disaster: Interruption 1-7 days 3. Catastrophe: Move to alternative site - all resources destroyed.
19. SDLC Acquisition and Development Phase
Module that goes in a Catalyst 6500 or similar to provide firewall services between VLANs.
1. Formalized risk assessment 2. Security functional requirements 3. Security assurance/legal requirements 4. Cost considerations 5. Security planning (security controls in use) 6. Design and development of security controls 7. Basic testing
1. Inspection of security system 2. System integration 3. Security certification 4. Security accreditation
20. Cisco Security Products: PIX 500
An application used to configure security features on a variety of IOS-based routers - ASA 5500 - PIX 500 - IPS 4200 - Catalyst 6500 through a graphical interface. Also provides a centralized policy and inter-operates with Cisco ACS.
Cisco PIX 500 series of security appliances offer firewall and VPN-termination features.
Monitors security devices and applications: Uses event correlation to collect events from multiple devices - reducing the number of false positives - Identified appropriate mitigation strategies - Uses Cisco NetFlow technology to more readily identif
Cisco 5500 Adaptive Security Appliances (ASA) offers a wide variety of security solutions such as firewall - IPS - VPN - anti-spyware - antivirus - and anti-phishing.
21. Cisco Security Products: 4200 Series IPS
An application used to configure security features on a variety of IOS-based routers - ASA 5500 - PIX 500 - IPS 4200 - Catalyst 6500 through a graphical interface. Also provides a centralized policy and inter-operates with Cisco ACS.
Analyze inline traffic for malicious activity. IPS can drop offending traffic - instruct appliances to block specific host - send alerts etc.
Integrated - Collaborative - Adaptive
Many Cisco IOS routers can be configured with Intrusion Prevention System (IPS) - virtual private network (VPN) and firewall features.
22. SDLC Initiation Phase
Integrated - Collaborative - Adaptive
1. Categorize severity of a security breach 2. Preliminary (high-level) risk assessment
1. Relocating operations to another facility while the original facility is under repair 2. Using alternative forms of internal and external communication
An attempt to secure hardware - software - and various media while investigating anomalous network behavior.
23. What is the ALE and how is it calculated?
An application used to configure security features on a variety of IOS-based routers - ASA 5500 - PIX 500 - IPS 4200 - Catalyst 6500 through a graphical interface. Also provides a centralized policy and inter-operates with Cisco ACS.
1. Information preservation 2. Media sanitation 3. Hardware and software disposal
Security Device Manager provides GUI for configuring security features (e.g. IPS - IPSec site-site VPN - firewall features)
ALE = Monetary value to justify expense of security solutions AV = total cost of an asset EF = % representing percentage of loss that an asset experiences ARO = How many times per year a threat occurs
24. What is the Cisco Security Manager?
Qualitative mathematically models the probability and severity of a risk while Quantitative uses a scenario model (better for big deployments)
Consists of a collection of security solutions to identify - prevent and adapt to emerging threats.
An application used to configure security features on a variety of IOS-based routers - ASA 5500 - PIX 500 - IPS 4200 - Catalyst 6500 through a graphical interface. Also provides a centralized policy and inter-operates with Cisco ACS.
1. Hot site: completely redundant site 2. Warm site: similar - but outdated equipment 3. Cold site: network needs to be built from scratch
25. Cisco Security Products: IOS Router
1. Non-disaster: Brief interruption 2. Disaster: Interruption 1-7 days 3. Catastrophe: Move to alternative site - all resources destroyed.
1. Configuration management and control 2. Continuous monitoring
1. Initiation 2. Acquisition and development 3. Implementation 4. Operations and maintenance 5. Disposition
Many Cisco IOS routers can be configured with Intrusion Prevention System (IPS) - virtual private network (VPN) and firewall features.
26. What are the characteristics of the Cisco Self-Defending Network?
Risk Management: keeping damange to a minimum - Risk Avoidance: preventing risk from occuring
Integrated - Collaborative - Adaptive
Cisco PIX 500 series of security appliances offer firewall and VPN-termination features.
1. Information preservation 2. Media sanitation 3. Hardware and software disposal
27. SDLC: Operations and Maintenance Phase
Application that provides AAA funtionality
1. Configuration management and control 2. Continuous monitoring
Application that provides IPS services on a host.
1. Emergency Response 2. Recovery 3. Return to Normal Operations
28. Cisco Security Products: Firewall Services Module (FWSM)
Cisco 5500 Adaptive Security Appliances (ASA) offers a wide variety of security solutions such as firewall - IPS - VPN - anti-spyware - antivirus - and anti-phishing.
Module that goes in a Catalyst 6500 or similar to provide firewall services between VLANs.
1. Initiation 2. Acquisition and development 3. Implementation 4. Operations and maintenance 5. Disposition
29. Cisco Security Products: Cisco Secure Access Control Server (ACS)
1. Relocating operations to another facility while the original facility is under repair 2. Using alternative forms of internal and external communication
Application that provides AAA funtionality
1. Categorize severity of a security breach 2. Preliminary (high-level) risk assessment
30. What is 'Operations Security?'
An application used to configure security features on a variety of IOS-based routers - ASA 5500 - PIX 500 - IPS 4200 - Catalyst 6500 through a graphical interface. Also provides a centralized policy and inter-operates with Cisco ACS.
An attempt to secure hardware - software - and various media while investigating anomalous network behavior.
1. Hot site: completely redundant site 2. Warm site: similar - but outdated equipment 3. Cold site: network needs to be built from scratch
1. Non-disaster: Brief interruption 2. Disaster: Interruption 1-7 days 3. Catastrophe: Move to alternative site - all resources destroyed.