Exam Prep Questions

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Exam Prep Questions

Which is not one of the three prongs of the Cisco Host Security Strategy?

	A.	Endpoint protection
	B.	Cisco network admission control
	C.	Network infection containment
	D.	Comprehensive network security policy
	E.	Cisco routers

What are the two main software elements that must be secured in order that an endpoint proves its trustworthiness? (Choose one answer.)

	A.	Applications, operating system
	B.	Encrypted code, peer review
	C.	Cisco NAC, CSA
	D.	Anti-virus software, host firewall
	E.	None of the above.

Applications and operating systems are susceptible to DoS and access attacks in the same way that network devices are. What are some specific attacks that endpoints may be susceptible to?

	A.	Brute force attacks
	B.	Known cipher attacks
	C.	Buffer overflows
	D.	Worms, viruses, and Trojan horses
	E.	None of the above.

True or false. Worms are like microorganisms that invade a human host, attaching to other programs and executing unwanted functions on that host.

Put the five Ps of the phases of a worm attack in the correct order by putting the number indicating the correct order in the blank opposite the phase name.

Penetrate:	___
Propagate:	___
Persist:	___
Probe:	___
Paralyze:	___

Match the following descriptions of NAC components with the letter corresponding to its name from the list of choices.

A device deployed in-band or out-of-band to perform network access control.
Software that resides on a client endpoint and is queried to establish an endpoint’s compliance with the network security policy.
A GUI-based central administrative interface for IT security personnel.

Choices:

a. NAS

b. NAM

c. NAA

d. NAD

e. NAC

Cisco Security Agent (CSA) comprises four interceptors to intercept application calls to the operating system kernel. Fill in the blanks in the description of two of these interceptors with the choices from the list.

The ________ interceptor ensures that each application plays by the rules by only allowing write access to memory that is owned by that application.

The ________interceptor intercepts read/write requests to the system registry or (in Unix) the run control (rc) files.

Choices:

a. Execution space

b. Network

c. File System

d. Configuration

Which one of the following SAN interconnection technologies is used for SAN-to-SAN connectivity?

	A.	FCIP
	B.	iSCSI
	C.	Fiber Channel
	D.	None of the above.

Fiber Channel VSANs are most analogous to what security feature?

	A.	VLANs
	B.	ACLs
	C.	802.1X

10.

True or false. SPIT (SPAM over IP Telephony) is a very real and current threat for VoIP networks.

Answers to Exam Prep Questions

1.	Answers D and E are the correct choices. Cisco’s Host Security Strategy comprises endpoint protection using CSA, network admission control using NAC, and network infection containment.
2.	The correct answer is A. Cisco has specific products to address application and operating system security. The other choices, while ostensibly software (and also good ideas!), do not represent the high-level answer that was being looked for.
3.	The correct answers are C and D. Answers A and B are incorrect because these are attacks against cryptosystems and were explained in Chapter 6, “Introducing Cryptographic Services.” They are deliberately misleading because the reader will recognize the terminology.
4.	The correct answer is false. The definition provided is for a virus. Worms take their names from burrowing organisms that live in the “soil” of an infected host. The worm replicates into the memory of an infected host that, in turn, infects other computers.
5.	The correct order is 1—Probe, 2—Penetrate, 3—Persist, 4—Propagate, and 5—Paralyze (a—2, b—4, c—3, d—1, e—5).
6.	The correct answers are 1—a, 2—c, 3—b. Answers d and e do not match any of the descriptions. NAS stands for NAC Appliance Server. NAM stands for NAC Appliance Manager, and NAA stands for NAC Appliance Agent. A rule of thumb is that the GUI used to manage a single network device is called a “manager.” For example, Cisco IPS appliances use the IPS Device Manager (IDM). Cisco IOS routers use the Cisco Security Device Manager (SDM). Thus, the GUI to manage a single NAC appliance is the NAC Appliance Manager (NAM).
7.	The correct answers are a and d (in that order).
8.	The correct answer is A. Fiber Channel over IP (FCIP) is used to interconnect SANs over an IP network. Choice B, iSCSI, is used for host-to-SAN connectivity over an IP network, whereas choice C, Fiber Channel, is a technology used in the fabric of a fiber SAN switch to connect hosts (such as application servers) to the SAN volumes.
9.	The correct answer is A. Fiber channel zones are analogous to ACLs (answer B) and Fiber Channel port security is similar to 802.1X port-based authentication (answer C).
10.	False. SPIT is an emerging threat, but not one that has been seen in the wild as yet. It serves most to underline that as the technology evolves, so do the attack methods.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Exam Prep Questions

Create new playlist

Sign In

Sign Up

Exam Prep Questions

Answers to Exam Prep Questions

Table of Contents for
Exam Prep Questions