Quiz Chapter 7-8 CCNA CyberOps Version 1.1 Answers

1. Which monitoring technology mirrors traffic flowing through a switch to an analysis device connected to another switch port?

  • NetFlow
  • SNMP
  • SIEM
  • SPAN

2. Which network technology uses a passive splitting device that forwards all traffic, including Layer 1 errors, to an analysis device?

  • NetFlow
  • network tap
  • SNMP
  • IDS

3. What technique is a security attack that depletes the pool of IP addresses available for legitimate hosts?

  • reconnaissance attack
  • DHCP spoofing
  • DHCP snooping
  • DHCP starvation

4. Which language is used to query a relational database?

  • Python
  • C++
  • Java
  • SQL

5. Which network monitoring technology collects IP operational data on packets flowing through Cisco routers and multilayer switches?

  • Wireshark
  • NetFlow
  • SNMP
  • SIEM

6. In what type of attack is a cybercriminal attempting to prevent legitimate users from accessing network services?

  • DoS
  • MITM
  • session hijacking
  • address spoofing

7. Which network monitoring tool saves captured network frames in PCAP files?

  • Wireshark
  • SNMP
  • NetFlow
  • SIEM

8. Which term is used to describe legitimate traffic that is mistaken for unauthorized traffic by firewalls and IPSs?

  • false positive
  • true positive
  • false negative
  • true negative

9. Which network monitoring tool is in the category of network protocol analyzers?

  • SNMP
  • SPAN
  • Wireshark
  • SIEM

10. Which technology is a proprietary SIEM system?

  • StealthWatch
  • SNMP agent
  • NetFlow collector
  • Splunk

11. A DNS tunnel attack is used to build botnets to bypass traditional security solutions.

12. Which SIEM function is associated with examining the logs and events of multiple systems to reduce the amount of time of detecting and reacting to security events?

  • aggregation
  • correlation
  • forensic analysis
  • retention

13. Which of the following offers a free service called Automated Indicator that enables the real-time exchange of cyberthreat indicators?

  • Department of Homeland Security

14. Refer to the exhibit. The security policy of an organization allows employees to connect to the office intranet from their homes. Which type of security policy is this?

  • remote access

15. Passwords, passphrases, and PINs are examples of which security term?

  • authentication

16. Which component of AAA allows an administrator to track individuals who access network resources and any changes that are made to those resources?

  • Accounting

17. What is a characteristic of a layered defense-in-depth security approach?

  • One safeguard failure does not affect the effectiveness of other safeguards.

18. Fill in the blank.

The acronym BYOD is about end users having the freedom to use their personal devices (laptops, tablets, smartphones) to access information and communicate across the corporate network.

19. During the AAA process, when will authorization be implemented?

  • ​immediately after successful authentication against an AAA data source

20. With the evolution of borderless networks, which vegetable is now used to describe a defense-in-depth approach?

  • artichoke

21. Fill in the blank.
The principle of least privilege specifies a limited, as-needed approach to granting users the minimum amount of access required to perform work.

22. Which type of business policy establishes the rules of conduct and the responsibilities of employees and employers?

  • Company

23. What are two characteristics of the RADIUS protocol? (Choose two.)

  • the use of UDP ports for authentication and accounting encryption of the password only

24. Which component of AAA is used to determine which resources a user can access and which operations the user is allowed to perform?

  • authorization

25. Fill in the blank.
A/An asset is anything within IT that is of value that needs protection including information, and infrastructure devices such as servers, routers, access points, switches, and firewalls.

26. What is privilege escalation?

  • Vulnerabilities in systems are exploited to grant higher levels of privilege than someone or some process should have.
Notify of

Inline Feedbacks
View all comments