SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
CCNA Security
Start Test
Study First
Subjects
:
cisco
,
it-skills
,
ccna
Instructions:
Answer 30 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What are the 3 phases of disaster recovery?
ALE = Monetary value to justify expense of security solutions AV = total cost of an asset EF = % representing percentage of loss that an asset experiences ARO = How many times per year a threat occurs
Security Device Manager provides GUI for configuring security features (e.g. IPS - IPSec site-site VPN - firewall features)
1. Emergency Response 2. Recovery 3. Return to Normal Operations
Module that goes in a Catalyst 6500 or similar to provide firewall services between VLANs.
2. Cisco Security Products: HIPS
1. Hot site: completely redundant site 2. Warm site: similar - but outdated equipment 3. Cold site: network needs to be built from scratch
Security Device Manager provides GUI for configuring security features (e.g. IPS - IPSec site-site VPN - firewall features)
Host-based Intrusion Prevention System (HIPS) - Example Cisco Security Agent
Monitors security devices and applications: Uses event correlation to collect events from multiple devices - reducing the number of false positives - Identified appropriate mitigation strategies - Uses Cisco NetFlow technology to more readily identif
3. What are the 3 types of backup sites?
1. Hot site: completely redundant site 2. Warm site: similar - but outdated equipment 3. Cold site: network needs to be built from scratch
Many Cisco IOS routers can be configured with Intrusion Prevention System (IPS) - virtual private network (VPN) and firewall features.
ALE = Monetary value to justify expense of security solutions AV = total cost of an asset EF = % representing percentage of loss that an asset experiences ARO = How many times per year a threat occurs
1. Categorize severity of a security breach 2. Preliminary (high-level) risk assessment
4. What is the Cisco Security Manager?
ALE = Monetary value to justify expense of security solutions AV = total cost of an asset EF = % representing percentage of loss that an asset experiences ARO = How many times per year a threat occurs
1. Inspection of security system 2. System integration 3. Security certification 4. Security accreditation
Consists of a collection of security solutions to identify - prevent and adapt to emerging threats.
An application used to configure security features on a variety of IOS-based routers - ASA 5500 - PIX 500 - IPS 4200 - Catalyst 6500 through a graphical interface. Also provides a centralized policy and inter-operates with Cisco ACS.
5. What are the 5 phases of the System Development Life Cycle (SDLC)?
Cisco 5500 Adaptive Security Appliances (ASA) offers a wide variety of security solutions such as firewall - IPS - VPN - anti-spyware - antivirus - and anti-phishing.
1. Relocating operations to another facility while the original facility is under repair 2. Using alternative forms of internal and external communication
1. Initiation 2. Acquisition and development 3. Implementation 4. Operations and maintenance 5. Disposition
1. Inspection of security system 2. System integration 3. Security certification 4. Security accreditation
6. Cisco Security Products: Cisco Security Agent (CSA)
1. Categorize severity of a security breach 2. Preliminary (high-level) risk assessment
Application that provides IPS services on a host.
Cisco 5500 Adaptive Security Appliances (ASA) offers a wide variety of security solutions such as firewall - IPS - VPN - anti-spyware - antivirus - and anti-phishing.
7. What are the 4 Operations Security Recommendations
1. Information preservation 2. Media sanitation 3. Hardware and software disposal
1. Separate duties (dual operator - two-man control) 2. Rotate duties (allows peer review) 3. System failure preparation (Trusted recovery) 4. Multiple personnel oversee configuration changes to anticipate issues
Host-based Intrusion Prevention System (HIPS) - Example Cisco Security Agent
Many Cisco IOS routers can be configured with Intrusion Prevention System (IPS) - virtual private network (VPN) and firewall features.
8. What are the components of a Security Policy?
Cisco 5500 Adaptive Security Appliances (ASA) offers a wide variety of security solutions such as firewall - IPS - VPN - anti-spyware - antivirus - and anti-phishing.
1. Hot site: completely redundant site 2. Warm site: similar - but outdated equipment 3. Cold site: network needs to be built from scratch
Analyze inline traffic for malicious activity. IPS can drop offending traffic - instruct appliances to block specific host - send alerts etc.
9. SDLC Acquisition and Development Phase
1. Hot site: completely redundant site 2. Warm site: similar - but outdated equipment 3. Cold site: network needs to be built from scratch
1. Formalized risk assessment 2. Security functional requirements 3. Security assurance/legal requirements 4. Cost considerations 5. Security planning (security controls in use) 6. Design and development of security controls 7. Basic testing
1. Relocating operations to another facility while the original facility is under repair 2. Using alternative forms of internal and external communication
1. Categorize severity of a security breach 2. Preliminary (high-level) risk assessment
10. Cisco Security Products: 4200 Series IPS
1. Information preservation 2. Media sanitation 3. Hardware and software disposal
Analyze inline traffic for malicious activity. IPS can drop offending traffic - instruct appliances to block specific host - send alerts etc.
1. Emergency Response 2. Recovery 3. Return to Normal Operations
1. Categorize severity of a security breach 2. Preliminary (high-level) risk assessment
11. SDLC: Implementation
Application that provides IPS services on a host.
1. Inspection of security system 2. System integration 3. Security certification 4. Security accreditation
1. Formalized risk assessment 2. Security functional requirements 3. Security assurance/legal requirements 4. Cost considerations 5. Security planning (security controls in use) 6. Design and development of security controls 7. Basic testing
12. SDLC: Disposition
1. Information preservation 2. Media sanitation 3. Hardware and software disposal
1. Emergency Response 2. Recovery 3. Return to Normal Operations
Risk Management: keeping damange to a minimum - Risk Avoidance: preventing risk from occuring
Host-based Intrusion Prevention System (HIPS) - Example Cisco Security Agent
13. Cisco Security Products: PIX 500
Cisco PIX 500 series of security appliances offer firewall and VPN-termination features.
An attempt to secure hardware - software - and various media while investigating anomalous network behavior.
1. Information preservation 2. Media sanitation 3. Hardware and software disposal
1. Inspection of security system 2. System integration 3. Security certification 4. Security accreditation
14. What are the characteristics of the Cisco Self-Defending Network?
Integrated - Collaborative - Adaptive
Security Device Manager provides GUI for configuring security features (e.g. IPS - IPSec site-site VPN - firewall features)
ALE = Monetary value to justify expense of security solutions AV = total cost of an asset EF = % representing percentage of loss that an asset experiences ARO = How many times per year a threat occurs
Application that provides IPS services on a host.
15. What are the 3 classifications of disruptions?
Risk Management: keeping damange to a minimum - Risk Avoidance: preventing risk from occuring
1. Non-disaster: Brief interruption 2. Disaster: Interruption 1-7 days 3. Catastrophe: Move to alternative site - all resources destroyed.
1. Relocating operations to another facility while the original facility is under repair 2. Using alternative forms of internal and external communication
ALE = Monetary value to justify expense of security solutions AV = total cost of an asset EF = % representing percentage of loss that an asset experiences ARO = How many times per year a threat occurs
16. Cisco Security Products: SDM
1. Non-disaster: Brief interruption 2. Disaster: Interruption 1-7 days 3. Catastrophe: Move to alternative site - all resources destroyed.
1. Information preservation 2. Media sanitation 3. Hardware and software disposal
Security Device Manager provides GUI for configuring security features (e.g. IPS - IPSec site-site VPN - firewall features)
An application used to configure security features on a variety of IOS-based routers - ASA 5500 - PIX 500 - IPS 4200 - Catalyst 6500 through a graphical interface. Also provides a centralized policy and inter-operates with Cisco ACS.
17. What is 'Operations Security?'
1. Separate duties (dual operator - two-man control) 2. Rotate duties (allows peer review) 3. System failure preparation (Trusted recovery) 4. Multiple personnel oversee configuration changes to anticipate issues
An attempt to secure hardware - software - and various media while investigating anomalous network behavior.
1. Hot site: completely redundant site 2. Warm site: similar - but outdated equipment 3. Cold site: network needs to be built from scratch
1. Categorize severity of a security breach 2. Preliminary (high-level) risk assessment
18. What are the components (hierarchy) of the Cisco Self-Defending Network?
Many Cisco IOS routers can be configured with Intrusion Prevention System (IPS) - virtual private network (VPN) and firewall features.
1. Initiation 2. Acquisition and development 3. Implementation 4. Operations and maintenance 5. Disposition
1. Information preservation 2. Media sanitation 3. Hardware and software disposal
19. What is the difference between a Qualitative analysis and a Quantitative Analysis
1. Categorize severity of a security breach 2. Preliminary (high-level) risk assessment
Host-based Intrusion Prevention System (HIPS) - Example Cisco Security Agent
Application that provides AAA funtionality
Qualitative mathematically models the probability and severity of a risk while Quantitative uses a scenario model (better for big deployments)
20. What is MARS?
Integrated - Collaborative - Adaptive
Monitors security devices and applications: Uses event correlation to collect events from multiple devices - reducing the number of false positives - Identified appropriate mitigation strategies - Uses Cisco NetFlow technology to more readily identif
Cisco PIX 500 series of security appliances offer firewall and VPN-termination features.
1. Relocating operations to another facility while the original facility is under repair 2. Using alternative forms of internal and external communication
21. What is the Cisco Self-Defending Network?
Consists of a collection of security solutions to identify - prevent and adapt to emerging threats.
Application that provides AAA funtionality
1. Inspection of security system 2. System integration 3. Security certification 4. Security accreditation
1. Information preservation 2. Media sanitation 3. Hardware and software disposal
22. What is the ALE and how is it calculated?
Qualitative mathematically models the probability and severity of a risk while Quantitative uses a scenario model (better for big deployments)
1. Hot site: completely redundant site 2. Warm site: similar - but outdated equipment 3. Cold site: network needs to be built from scratch
1. Inspection of security system 2. System integration 3. Security certification 4. Security accreditation
ALE = Monetary value to justify expense of security solutions AV = total cost of an asset EF = % representing percentage of loss that an asset experiences ARO = How many times per year a threat occurs
23. What are two types of risk mitigation
Risk Management: keeping damange to a minimum - Risk Avoidance: preventing risk from occuring
1. Relocating operations to another facility while the original facility is under repair 2. Using alternative forms of internal and external communication
Application that provides AAA funtionality
24. SDLC: Operations and Maintenance Phase
1. Initiation 2. Acquisition and development 3. Implementation 4. Operations and maintenance 5. Disposition
1. Separate duties (dual operator - two-man control) 2. Rotate duties (allows peer review) 3. System failure preparation (Trusted recovery) 4. Multiple personnel oversee configuration changes to anticipate issues
1. Configuration management and control 2. Continuous monitoring
Qualitative mathematically models the probability and severity of a risk while Quantitative uses a scenario model (better for big deployments)
25. Cisco Security Products: ASA 5500
Cisco 5500 Adaptive Security Appliances (ASA) offers a wide variety of security solutions such as firewall - IPS - VPN - anti-spyware - antivirus - and anti-phishing.
1. Separate duties (dual operator - two-man control) 2. Rotate duties (allows peer review) 3. System failure preparation (Trusted recovery) 4. Multiple personnel oversee configuration changes to anticipate issues
Many Cisco IOS routers can be configured with Intrusion Prevention System (IPS) - virtual private network (VPN) and firewall features.
26. What are two primary goals of business continuity planning?
1. Relocating operations to another facility while the original facility is under repair 2. Using alternative forms of internal and external communication
1. Formalized risk assessment 2. Security functional requirements 3. Security assurance/legal requirements 4. Cost considerations 5. Security planning (security controls in use) 6. Design and development of security controls 7. Basic testing
Monitors security devices and applications: Uses event correlation to collect events from multiple devices - reducing the number of false positives - Identified appropriate mitigation strategies - Uses Cisco NetFlow technology to more readily identif
1. Configuration management and control 2. Continuous monitoring
27. SDLC Initiation Phase
1. Categorize severity of a security breach 2. Preliminary (high-level) risk assessment
Module that goes in a Catalyst 6500 or similar to provide firewall services between VLANs.
1. Non-disaster: Brief interruption 2. Disaster: Interruption 1-7 days 3. Catastrophe: Move to alternative site - all resources destroyed.
28. Cisco Security Products: Firewall Services Module (FWSM)
Many Cisco IOS routers can be configured with Intrusion Prevention System (IPS) - virtual private network (VPN) and firewall features.
Application that provides IPS services on a host.
Module that goes in a Catalyst 6500 or similar to provide firewall services between VLANs.
29. Cisco Security Products: Cisco Secure Access Control Server (ACS)
Application that provides AAA funtionality
1. Configuration management and control 2. Continuous monitoring
An application used to configure security features on a variety of IOS-based routers - ASA 5500 - PIX 500 - IPS 4200 - Catalyst 6500 through a graphical interface. Also provides a centralized policy and inter-operates with Cisco ACS.
Module that goes in a Catalyst 6500 or similar to provide firewall services between VLANs.
30. Cisco Security Products: IOS Router
1. Hot site: completely redundant site 2. Warm site: similar - but outdated equipment 3. Cold site: network needs to be built from scratch
Many Cisco IOS routers can be configured with Intrusion Prevention System (IPS) - virtual private network (VPN) and firewall features.
Integrated - Collaborative - Adaptive
1. Relocating operations to another facility while the original facility is under repair 2. Using alternative forms of internal and external communication
