CCNA Cyber Ops (Version 1.1) – Chapter 10 Exam Answers Full

CCNA Cyber Ops (Version 1.1) – Chapter 10 Exam Answers Full
5 (1) vote[s]

How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the question to find that question/answer.

NOTE: If you have the new question on this test, please comment Question and Multiple-Choice list in form below this article. We will update answers for you in the shortest time. Thank you! We truly value your contribution to the website.

1. In most host-based security suites, which function provides robust logging of security-related events and sends logs to a central location?

  • intrusion detection and prevention
  • anti-phishing
  • telemetry
  • safe browsing

2. On a Windows host, which tool can be used to create and maintain blacklists and whitelists?

  • Group Policy Editor
  • Local Users and Groups
  • Computer Management
  • Task Manager

3. Which statement describes agentless antivirus protection?

  • Host-based antivirus systems provide agentless antivirus protection.
  • The antivirus protection is provided by the router that is connected to a cloud service.
  • The antivirus protection is provided by the ISP.
  • Antivirus scans are performed on hosts from a centralized system.

4. In network security assessments, which type of test employs software to scan internal networks and Internet facing servers for various types of vulnerabilities?

  • risk analysis
  • penetration testing
  • vulnerability assessment
  • strength of network security testing

5. The IT security personnel of an organization notice that the web server deployed in the DMZ is frequently targeted by threat actors. The decision is made to implement a patch management system to manage the server. Which risk management strategy method is being used to respond to the identified risk?

  • risk avoidance
  • risk retention
  • risk reduction
  • risk sharing

6. In addressing a risk that has low potential impact and relatively high cost of mitigation or reduction, which strategy will accept the risk and its consequences?

  • risk reduction
  • risk avoidance
  • risk retention
  • risk sharing

7. What is a host-based intrusion detection system (HIDS)?

  • It identifies potential attacks and sends alerts but does not stop the traffic.
  • It detects and stops potential direct attacks but does not scan for malware.
  • It is an agentless system that scans files on a host for potential malware.
  • It combines the functionalities of antimalware applications with firewall protection.

8. What type of antimalware program is able to detect viruses by recognizing various characteristics of a known malware file?

  • behavior-based
  • agent-based
  • signature-based
  • heuristic-based

9. Which device in a LAN infrastructure is susceptible to MAC address-table overflow and spoofing attacks?

  • firewall
  • workstation
  • server
  • switch

10. Which criterion in the Base Metric Group Exploitability metrics reflects the proximity of the threat actor to the vulnerable component?

  • user interaction
  • attack vector
  • attack complexity
  • privileges required

11. In addressing an identified risk, which strategy aims to stop performing the activities that create risk?

  • risk reduction
  • risk avoidance
  • risk retention
  • risk sharing

12. Which statement describes the term iptables?

  • It is a file used by a DHCP server to store current active IP addresses.
  • It is a DHCP application in Windows.
  • It is a DNS daemon in Linux.
  • It is a rule-based firewall application in Linux.

13. For network systems, which management system addresses the inventory and control of hardware and software configurations?

  • asset management
  • vulnerability management
  • risk management
  • configuration management

14. Which statement describes the anomaly-based intrusion detection approach?

  • It compares the signatures of incoming traffic to a known intrusion database.
  • It compares the antivirus definition file to a cloud based repository for latest updates.
  • It compares the operations of a host against a well-defined security policy.
  • It compares the behavior of a host to an established baseline to identify potential intrusions.

15. What is the first step taken in risk assessment?

  • Identify threats and vulnerabilities and the matching of threats with vulnerabilities.
  • Establish a baseline to indicate risk before security controls are implemented.
  • Compare to any ongoing risk assessment as a means of evaluating risk management effectiveness.
  • Perform audits to verify threats are eliminated.

16. Which statement describes the threat-vulnerability (T-V) pairing?

  • It is the identification of threats and vulnerabilities and the matching of threats with vulnerabilities.
  • It is the comparison between known malware and system risks.
  • It is the detection of malware against a central vulnerability research center.
  • It is the advisory notice from a vulnerability research center.

17. Which security procedure would be used on a Windows workstation to prevent access to a specific set of websites?

  • whitelisting
  • HIDS
  • blacklisting
  • baselining

18. Which statement describes the use of a Network Admission Control (NAC) solution?

  • It provides network access to only authorized and compliant systems.
  • A Network Admission Control solution provides filtering of potentially malicious emails before they reach the endpoint.
  • It provides endpoint protection from viruses and malware.
  • It provides filtering and blacklisting of websites being accessed by end users.

19. Which statement describes the Cisco Threat Grid Glovebox?

  • It is a network-based IDS/IPS.
  • It is a firewall appliance.
  • It is a host-based intrusion detection system (HIDS) solution to fight against malware
  • It is a sandbox product for analyzing malware behaviors.

20. Which type of antimalware software detects and mitigates malware by analyzing suspicious activities?

  • heuristics-based
  • packet-based
  • behavior-based
  • signature-based

21. Which regulatory compliance regulation sets requirements for all U.S. public company boards, management and public accounting firms regarding the way in which corporations control and disclose financial information?

  • Gramm-Leach-Bliley Act (GLBA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Federal Information Security Management Act of 2002 (FISMA)
  • Sarbanes-Oxley Act of 2002 (SOX)

22. Which statement describes the term attack surface?

  • It is the total sum of vulnerabilities in a system that is accessible to an attacker.
  • It is the group of hosts that experiences the same attack.
  • It is the network interface where attacks originate.
  • It is the total number of attacks toward an organization within a day.

23. Which step in the Vulnerability Management Life Cycle determines a baseline risk profile to eliminate risks based on asset criticality, vulnerability threat, and asset classification?

  • assess
  • discover
  • verify
  • prioritize assets

24. When a network baseline is being established for an organization, which network profile element indicates the time between the establishment of a data flow and its termination?

  • session duration
  • critical asset address space
  • ports used
  • total throughput

25. Which two classes of metrics are included in the CVSS Base Metric Group? (Choose two.)

  • Modified Base
  • Confidentiality Requirement
  • Exploit Code Maturity
  • Exploitability
  • Impact metrics

26. Which two criteria in the Base Metric Group Exploitability metrics are associated with the complexity of attacks? (Choose two)

  • scope
  • attack complexity
  • user interaction
  • attack vector
  • privileges required

Download PDF File below:

Related Articles

Leave a Reply

Photo and Image Files
Audio and Video Files
Other File Types

Send this to a friend