1. |
Answer B is the correct answer. This is pretty much industry-wide. |
||||||||||
2. |
Answers A and D are correct. This is a trick question because the other answers are sub-categories of external and internal threats. Viruses and social engineering are examples of external threats and unauthorized access and network misuse are examples of internal threats. |
||||||||||
3. |
Answer B is the correct answer. Answer A is a definition for confidentiality. Answer C is a definition of availability. Answers D and E are trick answers. |
||||||||||
4. |
The answers are:
|
||||||||||
5. |
Answers A, C, and F are not categories of controls. Controls can be divided into three broad categories: physical, administrative, and technical. Remember the acronym PAT! Also recall that they can be further subdivided by type. Preventative, deterrent, and detective are examples of types of controls and not categories of controls. |
||||||||||
6. |
The correct answers are:
|
||||||||||
7. |
False. An exploit is an attack that takes advantage of a vulnerability. The definition given is that for a “risk.” |
||||||||||
8. |
The correct order is C, E, D, B, F, A, G. In other words: |
||||||||||
10. |
False. DoS and DDoS attacks attack the network’s availability. MiM attacks attack a network’s confidentiality and integrity. |
||||||||||
11. |
The correct answer is D. Cisco recommends all strategies in mitigating against the possibility of a trust exploit. |