1 Początek formularza

What is a feature of an effective network security training program?

Participation in the network security training is voluntary.

Employee groups are identified and the training is customized to their needs.

All employees become trained in the design and implementation of secure networks.

Training for all employees covers the full scope of security issues related to the organization.
Dół formularza

2 Początek formularza
Which principle of the Cisco Self-Defending Network emphasizes that security should be built in?
adapt

collaborate

integrate

simplify
Dół formularza

3 Początek formularza
Which security services, available through the Cisco Self-Defending Network, include VPN access?
secure communications

threat control and containment

operational control and policy management

 application control for infrastructure
Dół formularza

4 Początek formularza
What are three key principles of a Cisco Self-Defending Network? (Choose three.)
adaptability

authentication

collaboration

confidentiality

integration

integrity
Dół formularza

5 Początek formularza
Which three statements describe ethics in network security? (Choose three.)
principles put into action in place of laws

foundations for current laws

set of moral principles that govern civil behavior

standard that is higher than the law

set of regulations established by the judiciary system

 set of legal standards that specify enforceable actions when the law is broken
Dół formularza
6 Początek formularza

Refer to the exhibit. When implementing the Cisco Self-Defending Network, which two technologies ensure
confidentiality when referring to secure communications? (Choose two.)
Cisco NAC appliances and Cisco Security Agent
 Cisco Security Manager

Cisco Security Monitoring, Analysis, and Response System

Intrusion Prevention System

IPsec VPN

SSL VPN
Dół formularza

7 Początek formularza
What is a design feature of a secure network life cycle management process?
Security is considered once the network is fully operational.

Security is purposefully included in every phase of the system development life cycle.
Security requirements are assessed and fully implemented in the initiation phase of the system development
life cycle.
Security cost and reporting considerations are determined in the operations and maintenance phase of the
system development life cycle.
Dół formularza

8 Początek formularza
What three areas should be considered when designing a network security policy? (Choose three.)
remote access

network maintenance

service level agreement

 network quality of service

network equipment provider

identification and authentication

Dół formularza

9 Początek formularza
Which security document includes implementation details, usually with step-by-step instructions and graphics?
guideline document

standard document

procedure document

overview document
Dół formularza

10 Początek formularza
What is the primary focus of network operations security?
to design and develop secure application code

to support deployment and periodic maintenance of secure systems

to conduct regular employee background checks

to reprimand personnel who do not adhere to security policies

Dół formularza
11 Początek formularza
 Which three detailed documents are used by security staff for an organization to implement the security policies?
(Choose three.)
asset inventory

best practices

guidelines

procedures

risk assessment

standards
Dół formularza

12 Początek formularza
What are the two major components of a security awareness program? (Choose two.)
awareness campaign

security policy development

security solution development

self-defending network implementation

training and education

Dół formularza

13 Początek formularza
Which three documents comprise the hierarchical structure of a comprehensive security policy for an
 organization? (Choose three.)
backup policy

server policy

incident policy

governing policy

end-user policy

technical policy
Dół formularza

14 Początek formularza
When an organization implements the two-person control principle, how are tasks handled?
A task requires two individuals who review and approve the work of each other.

A task is broken down into two parts, and each part is assigned to a different individual.

A task must be completed twice by two operators who must achieve the same results.
A task is rotated among individuals within a team, each completing the entire task for a specific amount of
time.
Dół formularza

15 Początek formularza
What are the two components in the Cisco Security Management Suite? (Choose two.)
Cisco Intrusion Prevention
 Cisco Network Admission Control

Cisco Security Agent

Cisco Security Manager

Cisco Security MARS

Dół formularza
16 Początek formularza
What are the two major elements of the Cisco Secure Communications solution? (Choose two.)
secure communications for extranets

secure communications for intranets

secure communications for management

secure communications for remote access

secure communications for site-to-site connections

Dół formularza

17 Początek formularza
Which component of the security policy lists specific websites, newsgroups, or bandwidth-intensive applications
that are not allowed on the company network?
remote access policies

acceptable use policies

incident handling procedures

 identification and authentication policies
Dół formularza

18 Początek formularza
Which network security test requires a network administrator to launch an attack within the network?
network scan

password crack

penetration test

vulnerability scan
Dół formularza

19 Początek formularza
Which two Cisco Threat Control and Containment technologies address endpoint security? (Choose two.)
Cisco Application Control Engine

Cisco Network Admission Control

Cisco Security Agent

Cisco Security Monitoring, Analysis, and Response System

virtual private network

Dół formularza

20 Początek formularza
Which term describes a completely redundant backup facility, with almost identical equipment to the operational
 facility, that is maintained in the event of a disaster?
backup site

cold site

hot site

reserve site
Dół formularza
21 Początek formularza
Which statement could be expected to be included in a Code of Ethics that is related to IT and network security?
Employees breaching the Code of Ethics will be prosecuted to the full extent of the law.

Application of the Code of Ethics to use of the network is at the discretion of the employee.

Employees with greater than 5 years of service can claim exemption from provisions of the Code of Ethics.

The network is to be used by employees to provide diligent and competent services to the organization.
Dół formularza

22 Początek formularza
Which type of analysis uses a mathematical model that assigns a monetary figure to the value of assets, the cost
of threats being realized, and the cost of security implementations?
Qualitative Risk Analysis

Quantitative Risk Analysis

Qualitative Asset Analysis

Quantitative Continuity Analysis

Dół formularza