Close Menu
    CCNA CyberOps Associate

    CCNA Cybersecurity Operations (Vesion 1.1) – CyberOps Chapter 10 Exam Answers

    CCNA SecurityBy No Comments6 Mins Read
    1. Which class of metric in the CVSS Basic metric group defines the features ofthe exploit such as the vector, complexity, and user interaction required by the exploit?
      • Impact
      • Exploitability *
      • Modified Base
      • Exploit Code Maturity
    2. Which step in the Vulnerability Management Life Cycle performs inventory of all assets across the network and identifies host details, including operating system and open services?
      • Assess
      • Discover *
      • Remediate
      • Prioritize assets
    3. In network security assessments, which type of test is used to evaluate the risk posed by vulnerabilities to a specific organization, including assessment of the likelihood of attacks and the impact of successful exploits on the organization?
      • Risk analysis *
      • Port scanning
      • Penetration testing
      • Vulnerability assessment
    4. In most host-based security suites, which function provides robust logging of security-related events and sends logs to a central location?
      • intrusion detection and prevention
      • anti-phishing
      • telemetry
      • safe browsing
    5. On a Windows host, which tool can be used to create and maintain blacklists and whitelists?
      • Group Policy Editor
      • Local Users and Groups
      • Computer Management
      • Task Manager
    6. Which statement describes agentless antivirus protection?
      • Host-based antivirus systems provide agentless antivirus protection.
      • The antivirus protection is provided by the router that is connected to a cloud service.
      • The antivirus protection is provided by the ISP.
      • Antivirus scans are performed on hosts from a centralized system.
    7. In network security assessments, which type of test employs software to scan internal networks and Internet facing servers for various types of vulnerabilities?
      • risk analysis
      • penetration testing
      • vulnerability assessment
      • strength of network security testing
    8. The IT security personnel of an organization notice that the web server deployed in the DMZ is frequently targeted by threat actors. The decision is made to implement a patch management system to manage the server. Which risk management strategy method is being used to respond to the identified risk?
      • risk avoidance
      • risk retention
      • risk reduction
      • risk sharing
    9. In addressing a risk that has low potential impact and relatively high cost of mitigation or reduction, which strategy will accept the risk and its consequences?
      • risk reduction
      • risk avoidance
      • risk retention
      • risk sharing
    10. Which three devices are possible examples of network endpoints? (Choose three.)
      • Router
      • Sensor *
      • Wireless AP
      • IoT controller *
      • VPN appliance
      • Network security camera *
    11. Which antimalware software approach can recognize various characteristics of known malware files to detect a threat?
      • Routing-based
      • Behavior-based
      • Signature-based *
      • Heuristics-based
    12. As described by the SANS Institute, which attack surface includes the exploitation of vulnerabilities in wired and wireless protocols used by IoT devices?
      • Human Attack Surface
      • Internet Attack Surface
      • Network Attack Surface *
      • Software Attack Surface
    13. In profiling a server, what defines what an application is allowed to do or run on a server?
      • User accounts
      • Listening ports
      • Service accounts *
      • Software environment
    14. What is a host-based intrusion detection system (HIDS)?
      • It identifies potential attacks and sends alerts but does not stop the traffic.
      • It detects and stops potential direct attacks but does not scan for malware.
      • It is an agentless system that scans files on a host for potential malware.
      • It combines the functionalities of antimalware applications with firewall protection.
    15. What type of antimalware program is able to detect viruses by recognizing various characteristics of a known malware file?
      • behavior-based
      • agent-based
      • signature-based
      • heuristic-based
    16. Which device in a LAN infrastructure is susceptible to MAC address-table overflow and spoofing attacks?
      • firewall
      • workstation
      • server
      • switch
    17. Which criterion in the Base Metric Group Exploitability metrics reflects the proximity of the threat actor to the vulnerable component?
      • user interaction
      • attack vector
      • attack complexity
      • privileges required
    18. In addressing an identified risk, which strategy aims to stop performing the activities that create risk?
      • risk reduction
      • risk avoidance
      • risk retention
      • risk sharing
    19. Which security procedure would be used on a Windows workstation to prevent access to a specific set of websites?
      • whitelisting
      • HIDS
      • blacklisting
      • baselining
    20. Which statement describes the use of a Network Admission Control (NAC) solution?
      • It provides network access to only authorized and compliant systems.
      • A Network Admission Control solution provides filtering of potentially malicious emails before they reach the endpoint.
      • It provides endpoint protection from viruses and malware.
      • It provides filtering and blacklisting of websites being accessed by end users.
    21. Which statement describes the Cisco Threat Grid Glovebox?
      • It is a network-based IDS/IPS.
      • It is a firewall appliance.
      • It is a host-based intrusion detection system (HIDS) solution to fight against malware
      • It is a sandbox product for analyzing malware behaviors.
    22. Which type of antimalware software detects and mitigates malware by analyzing suspicious activities?
      • heuristics-based
      • packet-based
      • behavior-based
      • signature-based
    23. Which regulatory compliance regulation sets requirements for all U.S. public company boards, management and public accounting firms regarding the way in which corporations control and disclose financial information?
      • Gramm-Leach-Bliley Act (GLBA)
      • Health Insurance Portability and Accountability Act (HIPAA)
      • Federal Information Security Management Act of 2002 (FISMA)
      • Sarbanes-Oxley Act of 2002 (SOX)
    24. Which statement describes the term attack surface?
      • It is the total sum of vulnerabilities in a system that is accessible to an attacker.
      • It is the group of hosts that experiences the same attack.
      • It is the network interface where attacks originate.
      • It is the total number of attacks toward an organization within a day.
    25. Which step in the Vulnerability Management Life Cycle determines a baseline risk profile to eliminate risks based on asset criticality, vulnerability threat, and asset classification?
      • assess
      • discover
      • verify
      • prioritize assets
    26. When a network baseline is being established for an organization, which network profile element indicates the time between the establishment of a data flow and its termination?
      • session duration
      • critical asset address space
      • ports used
      • total throughput
    27. Which statement describes the term iptables?
      • It is a file used by a DHCP server to store current active IP addresses.
      • It is a DHCP application in Windows.
      • It is a DNS daemon in Linux.
      • It is a rule-based firewall application in Linux.
    28. For network systems, which management system addresses the inventory and control of hardware and software configurations?
      • asset management
      • vulnerability management
      • risk management
      • configuration management
    29. Which statement describes the anomaly-based intrusion detection approach?
      • It compares the signatures of incoming traffic to a known intrusion database.
      • It compares the antivirus definition file to a cloud based repository for latest updates.
      • It compares the operations of a host against a well-defined security policy.
      • It compares the behavior of a host to an established baseline to identify potential intrusions.
    30. What is the first step taken in risk assessment?
      • Identify threats and vulnerabilities and the matching of threats with vulnerabilities.
      • Establish a baseline to indicate risk before security controls are implemented.
      • Compare to any ongoing risk assessment as a means of evaluating risk management effectiveness.
      • Perform audits to verify threats are eliminated.
    31. Which statement describes the threat-vulnerability (T-V) pairing?
      • It is the identification of threats and vulnerabilities and the matching of threats with vulnerabilities.
      • It is the comparison between known malware and system risks.
      • It is the detection of malware against a central vulnerability research center.
      • It is the advisory notice from a vulnerability research center.
    32. Which two classes of metrics are included in the CVSS Base Metric Group? (Choose two.)
      • Modified Base
      • Confidentiality Requirement
      • Exploit Code Maturity
      • Exploitability
      • Impact metrics
    33. Which two criteria in the Base Metric Group Exploitability metrics are associated with the complexity of attacks? (Choose two)
      • scope
      • attack complexity
      • user interaction
      • attack vector
      • privileges required
    Share.

    Related Posts

    0 0 votes
    Article Rating
    Subscribe
    Notify of
    guest

    0 Comments
    Oldest
    Newest Most Voted
    Inline Feedbacks
    View all comments
    0
    Would love your thoughts, please comment.x
    ()
    x