CCNA Security Chapter 9 - 2014

1. In which phase of the system development life cycle should security requirements be addressed?
		Add security requirements during the initiation phase.
	>>	Include a minimum set of security requirements at each phase.
		Apply critical security requirements during the implementation phase.
		Implement the majority of the security requirements at the acquisition phase.
2. Which type of analysis uses a mathematical model that assigns a monetary figure to the value of assets, the cost of threats being realized, and the cost of security implementations?
		Qualitative Risk Analysis
	>>	Quantitative Risk Analysis
		Qualitative Asset Analysis
		Quantitative Continuity Analysis
3. Which term describes a completely redundant backup facility, with almost identical equipment to the operational facility, that is maintained in the event of a disaster?
		backup site
		cold site
	>>	hot site
		reserve site
4. Which network security test requires a network administrator to launch an attack within the network?
		network scan
		password crack
	>>	penetration test
		vulnerability scan
5. Which three documents comprise the hierarchical structure of a comprehensive security policy for an organization? (Choose three.)
		backup policy
		server policy
		incident policy
	>>	governing policy
	>>	end-user policy
	>>	technical policy
6. Which three detailed documents are used by security staff for an organization to implement the security policies? (Choose three.)
		asset inventory
		best practices
	>>	guidelines
	>>	procedures
		risk assessment
	>>	standards
7. What are the two major components of a security awareness program? (Choose two.)
	>>	awareness campaign
		security policy development
		security solution development
		self-defending network implementation
	>>	training and education
8. When an organization implements the two-person control principle, how are tasks handled?
	>>	A task requires two individuals who review and approve the work of each other.
		A task is broken down into two parts, and each part is assigned to a different individual.
		A task must be completed twice by two operators who must achieve the same results.
		A task is rotated among individuals within a team, each completing the entire task for a specific amount of time.
9. Which component of the security policy lists specific websites, newsgroups, or bandwidth-intensive applications that are not allowed on the company network?
		remote access policies
	>>	acceptable use policies
		incident handling procedures
		identification and authentication policies
10. Which security document includes implementation details, usually with step-by-step instructions and graphics?
		guideline document
		standard document
	>>	procedure document
		overview document
11. Which option describes ethics?
	>>	Ethics is a standard that is higher than the law.
		Ethics involves government agencies enforcing regulations.
		Ethics compliance is the basis for setting security policies.
		Ethics deals with criminal law and monetary compensation.
12. In the Cisco SecureX architecture, which component is considered the workhorse of policy enforcement?
		next-generation endpoint
		policy management console
	>>	scanning engine
		Security Intelligence Operations
13. Which development has contributed most to the growing demand for a borderless network?
	>>	consumer endpoints
		DMZ services
		corporate managed laptops
		personal firewall software
14. Which aspect of a scanning element is able to determine a security policy to apply based on information such as the person using the device, the location of the device, and the application being used?
	>>	context awareness
		perimeter awareness
		centralized enforcement
		perimeter deployment
15. A company is considering implementing the Cisco SecureX security architecture. What is the purpose of Cisco TrustSec?
	>>	It is a technology that implements packet tagging to allow security elements to share information from scanning elements.
		It is a large cloud-based security ecosystem with global correlation.
		It is a stand-alone appliance managed from a central policy console.
		It is a perimeter-based, stand-alone network scanning device.
16. Which statement about network security within the SecureX architecture is true?
	>>	It is located closer to the end user.
		It is implemented in the network core.
		It is enforced in a highly centralized structure.
		It is managed by a single policy.
17. Which Cisco SecureX product family would be primarily responsible for detecting and blocking attacks and exploits, while preventing intruder access?
		secure e-mail and web
		secure access
		secure mobility
		secure data center
	>>	secure network
18. Which SecureX product family would include Cisco AnyConnect?
		secure network
		secure e-mail and web
		secure access
	>>	secure mobility
		secure data center
19. If a web browser is to be used, and not a hardware or software-based client, which Cisco solution is best for establishing a secure VPN connection?
	>>	VPN Services for Cisco ASA Series
		Cisco Adaptive Wireless IPS Software
		Cisco AnyConnect Secure Mobility Solutions
		Cisco Virtual Security Gateway
20. Which Cisco secure access solution can be used to determine if hosts are compliant with security policies?
	>>	Network Admission Control Appliance
		Cisco Secure Access Control System
		Cisco AnyConnect Secure Mobility Solutions
		Cisco Adaptive Wireless IPS Software
21. What protocol is used by SCP for secure transport?
		IPSec
		HTTPS
	>>	SSH
		Telnet
		TFTP

Tags: CCNA Security Exam Answer CCNA Security Chapter Answer CCNA Security Answer CISCO Security Answer CISCO CCNA Security Security Chapter Answer CCNA Security Chapter 9 Exam Answer CCNA Security Chapter 9 Test Answer

<< CCNA Security Chapter 8 Answers

CCNA Security Chapter 9 Answers

CCNA Security Chapter 10 Answers >>