CCNA Cyber Ops (Version 1.1) – Chapter 10 Test Online Full

In most host-based security suites, which function provides robust logging of security-related events and sends logs to a central location?

On a Windows host, which tool can be used to create and maintain blacklists and whitelists?

Which statement describes agentless antivirus protection?

In network security assessments, which type of test employs software to scan internal networks and Internet facing servers for various types of vulnerabilities?

The IT security personnel of an organization notice that the web server deployed in the DMZ is frequently targeted by threat actors. The decision is made to implement a patch management system to manage the server. Which risk management strategy method is being used to respond to the identified risk?

In addressing a risk that has low potential impact and relatively high cost of mitigation or reduction, which strategy will accept the risk and its consequences?

What is a host-based intrusion detection system (HIDS)?

What type of antimalware program is able to detect viruses by recognizing various characteristics of a known malware file?

Which device in a LAN infrastructure is susceptible to MAC address-table overflow and spoofing attacks?

Which criterion in the Base Metric Group Exploitability metrics reflects the proximity of the threat actor to the vulnerable component?

In addressing an identified risk, which strategy aims to stop performing the activities that create risk?

Which statement describes the term iptables?

For network systems, which management system addresses the inventory and control of hardware and software configurations?

Which statement describes the anomaly-based intrusion detection approach?

What is the first step taken in risk assessment?

Which statement describes the threat-vulnerability (T-V) pairing?

Which security procedure would be used on a Windows workstation to prevent access to a specific set of websites?

Which statement describes the use of a Network Admission Control (NAC) solution?

Which statement describes the Cisco Threat Grid Glovebox?

Which type of antimalware software detects and mitigates malware by analyzing suspicious activities?

Which regulatory compliance regulation sets requirements for all U.S. public company boards, management and public accounting firms regarding the way in which corporations control and disclose financial information?

Which regulatory compliance regulation sets requirements for all U.S. public company boards, management and public accounting firms regarding the way in which corporations control and disclose financial information?

Which statement describes the term attack surface?

Which step in the Vulnerability Management Life Cycle determines a baseline risk profile to eliminate risks based on asset criticality, vulnerability threat, and asset classification?

When a network baseline is being established for an organization, which network profile element indicates the time between the establishment of a data flow and its termination?

Which two classes of metrics are included in the CVSS Base Metric Group? (Choose two.)

Which two criteria in the Base Metric Group Exploitability metrics are associated with the complexity of attacks? (Choose two)