Professional Documents
Culture Documents
Which three detailed documents are used by security staff for an organization to implement the security policies? (Choose three.)
asset inventory
best practices
guidelines
procedures
risk assessment
standards
Bottom of Form
2 Top of Form
set of legal standards that specify enforceable actions when the law is broken
Bottom of Form
3 Top of Form
What are the two major components of a security awareness program? (Choose two.)
awareness campaign
Bottom of Form
4 Top of Form
What three areas should be considered when designing a network security policy? (Choose three.)
remote access
network maintenance
Bottom of Form
5 Top of Form
What are the two major elements of the Cisco Secure Communications solution? (Choose two.)
Bottom of Form
6 Top of Form
Which three documents comprise the hierarchical structure of a comprehensive security policy for an organization? (Choose three.)
backup policy
server policy
incident policy
governing policy
end-user policy
technical policy
Bottom of Form
7 Top of Form
Which two Cisco Threat Control and Containment technologies address endpoint security? (Choose two.)
Bottom of Form
8 Top of Form
Which type of analysis uses a mathematical model that assigns a monetary figure to the value of assets, the cost of threats being
realized, and the cost of security implementations?
Bottom of Form
9 Top of Form
What are the two components in the Cisco Security Management Suite? (Choose two.)
Bottom of Form
10 Top of Form
Which security services, available through the Cisco Self-Defending Network, include VPN access?
secure communications
Bottom of Form
11 Top of Form
Which principle of the Cisco Self-Defending Network emphasizes that security should be built in?
adapt
collaborate
integrate
simplify
Bottom of Form
12 Top of Form
Security is purposefully included in every phase of the system development life cycle.
Security requirements are assessed and fully implemented in the initiation phase of the system development life cycle.
Security cost and reporting considerations are determined in the operations and maintenance phase of the system development life
cycle.
Bottom of Form
13 Top of Form
Bottom of Form
14 Top of Form
Which security document includes implementation details, usually with step-by-step instructions and graphics?
guideline document
standard document
procedure document
overview document
Bottom of Form
15 Top of Form
What are three key principles of a Cisco Self-Defending Network? (Choose three.)
adaptability
authentication
collaboration
confidentiality
integration
integrity
Bottom of Form
16 Top of Form
Which term describes a completely redundant backup facility, with almost identical equipment to the operational facility, that is
maintained in the event of a disaster?
backup site
cold site
hot site
reserve site
Bottom of Form
17 Top of Form
Employee groups are identified and the training is customized to their needs.
All employees become trained in the design and implementation of secure networks.
Training for all employees covers the full scope of security issues related to the organization.
Bottom of Form
18 Top of Form
When an organization implements the two-person control principle, how are tasks handled?
A task requires two individuals who review and approve the work of each other.
A task is broken down into two parts, and each part is assigned to a different individual.
A task must be completed twice by two operators who must achieve the same results.
A task is rotated among individuals within a team, each completing the entire task for a specific amount of time.
Bottom of Form
19 Top of Form
Which statement could be expected to be included in a Code of Ethics that is related to IT and network security?
Employees breaching the Code of Ethics will be prosecuted to the full extent of the law.
Application of the Code of Ethics to use of the network is at the discretion of the employee.
Employees with greater than 5 years of service can claim exemption from provisions of the Code of Ethics.
The network is to be used by employees to provide diligent and competent services to the organization.
Bottom of Form
20 Top of Form
Which network security test requires a network administrator to launch an attack within the network?
network scan
password crack
penetration test
vulnerability scan
Bottom of Form
21 Top of Form
Which component of the security policy lists specific websites, newsgroups, or bandwidth-intensive applications that are not allowed on
the company network?
Bottom of Form
22 Top of Form
Refer to the exhibit. When implementing the Cisco Self-Defending Network, which two technologies ensure confidentiality when referring
to secure communications? (Choose two.)
IPsec VPN
SSL VPN
Bottom of Form