CCNA Cybersecurity Operations (Version 1.1) – CyberOps Chapter 8 Exam Answers

CCNA Cybersecurity Operations (Version 1.1) – CyberOps Chapter 8 Exam Answers 2019

  1. In a defense-in-depth approach, which three options must be identified to effectively defend a network against attacks? (Choose three.)

    • assets that need protection
    • location of attacker or attackers
    • threats to assets
    • total number of devices that attach to the wired and wireless network
    • vulnerabilities in the system
    • past security breaches
      Explanation:

      In order to prepare for a security attack, IT security personnel must identify assets that need to be protected such as servers, routers, access points, and end devices. They must also identify potential threats to the assets and vulnerabilities in the system or design.

  2. Which two areas must an IT security person understand in order to identify vulnerabilities on a network? (Choose two.)

    • data analysis trends
    • important applications used
    • hardware used by applications
    • number of systems on each network
    • network baseline data
      Explanation:

      In order to identify security vulnerabilities, a cybersecurity expert must understand the applications being used and their associated vulnerabilities, as well as the hardware used.

  3. Which device is usually the first line of defense in a layered defense-in-depth approach?

    • access layer switch
    • edge router
    • firewall
    • internal router
      Explanation:

      The edge router connects an organization to a service provider. The edge router has a set of rules that specify which traffic is allowed or denied.

  4. How does BYOD change the way in which businesses implement networks?​

    • BYOD requires organizations to purchase laptops rather than desktops.
    • BYOD users are responsible for their own network security, thus reducing the need for organizational security policies.
    • BYOD devices are more expensive than devices that are purchased by an organization.
    • BYOD provides flexibility in where and how users can access network resources.
      Explanation:

      A BYOD environment requires an organization to accommodate a variety of devices and access methods. Personal devices, which are not under company control, may be involved, so security is critical. Onsite hardware costs will be reduced, allowing a business to focus on delivering collaboration tools and other software to BYOD users.

  5. What component of a security policy explicitly defines the type of traffic allowed on a network and what users are allowed and not allowed to do?

    • identification and authentication policies
    • password policies
    • acceptable use policies
    • remote access policies
      Explanation:

      Security policies specify requirements and provide a baseline for organizations. Security policies may include the following:
      Identification and authentication policies that specify authorized individuals that have access to network resources and verification procedures
      Password policies that ensure minimum requirements are met and authentication methods are being enforced and updated
      Remote access policies that identify how remote users can access a network and to what they are allowed to connect
      Acceptable use policies that identify network applications and network usage that are allowed within the organization

  6. Which section of a security policy is used to specify that only authorized individuals should have access to enterprise data?

    • statement of scope
    • statement of authority
    • Internet access policy
    • acceptable use policy
    • campus access policy
    • identification and authentication policy
      Explanation:

      The identification and authentication policy section of the security policy typically specifies authorized persons that can have access to network resources and identity verification procedures.

  7. What three items are components of the CIA triad? (Choose three.)

    • access
    • integrity
    • scalability
    • availability
    • confidentiality
    • intervention
      Explanation:

      The CIA triad contains three components: confidentiality, integrity, and availability. It is a guideline for information security for an organization.

  8. What is the purpose of mobile device management (MDM) software?

    • It is used to create a security policy.
    • It is used by threat actors to penetrate the system.
    • It is used to identify potential mobile device vulnerabilities.
    • It is used to implement security policies, setting, and software configurations on mobile devices.
      Explanation:

      Mobile device management (MDM) software is used with mobile devices so that corporate IT personnel can track the devices, implement security settings, as well as control software configurations.

  9. A web server administrator is configuring access settings to require users to authenticate first before accessing certain web pages. Which requirement of information security is addressed through the configuration?

    • integrity
    • scalability
    • availability
    • confidentiality
      Explanation:

      Confidentiality ensures that data is accessed only by authorized individuals. Authentication will help verify the identity of the individuals.

  10. A company is experiencing overwhelming visits to a main web server. The IT department is developing a plan to add a couple more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan?

    • integrity
    • scalability
    • availability
    • confidentiality
      Explanation:

      Availability ensures that network services are accessible and performing well under all conditions. By load balancing the traffic destined to the main web servers, in times of a huge volume of visits the systems will be well managed and serviced.

  11. Which type of access control applies the strictest access control and is commonly used in military or mission critical applications?

    • attribute-based access control (ABAC)
    • discretionary access control (DAC)
    • mandatory access control (MAC)
    • Non-discretionary access control
      Explanation:

      Access control models are used to define the access controls implemented to protect corporate IT resources. The different types of access control models are as follows:Mandatory access control (MAC) – The strictest access control that is typically used in military or mission critical applications.
      Discretionary access control (DAC) – Allows users to control access to their data as owners of that data. Access control lists (ACLs) or other security measures may be used to specify who else may have access to the information.
      Non-discretionary access control – Also known as role-based access control (RBAC). Allows access based on the role and responsibilities of the individual within the organization.
      Attribute-based access control (ABAC) – Allows access based on the attributes of the resource to be accessed, the user accessing the resource, and the environmental factors such as the time of day.

  12. Which method is used to make data unreadable to unauthorized users?

    • Encrypt the data.
    • Fragment the data.
    • Assign it a username and password.
    • Add a checksum to the end of the data.
      Explanation:

      Network data can be encrypted using various cryptography applications so that the data is made unreadable to unauthorized users. Authorized users have the cryptography application so the data can be unencrypted.

  13. What is the principle of least privilege access control model?

    • Users control access to data they own.
    • Users are granted the strictest access control possible to data.
    • Users are granted rights on an as-needed approach.
    • User access to data is based on object attributes.
      Explanation:

      The principle of least privilege is an access control model that specifies a limited and as-needed approach to user access to data.

  14. A company has a file server that shares a folder named Public. The network security policy specifies that the Public folder is assigned Read-Only rights to anyone who can log into the server while the Edit rights are assigned only to the network admin group. Which component is addressed in the AAA network service framework?

    • accounting
    • automation
    • authorization
    • authentication
      Explanation:

      After a user is successfully authenticated (logged into the server), the authorization is the process of determining what network resources the user can access and what operations (such as read or edit) the user can perform.

  15. Which statement describes a difference between RADIUS and TACACS+?

    • RADIUS uses TCP whereas TACACS+ uses UDP.
    • RADIUS is supported by the Cisco Secure ACS software whereas TACACS+ is not.
    • RADIUS encrypts only the password whereas TACACS+ encrypts all communication.
    • RADIUS separates authentication and authorization whereas TACACS+ combines them as one process.
      Explanation:

      TACACS+ uses TCP, encrypts the entire packet (not just the password), and separates authentication and authorization into two distinct processes. Both protocols are supported by the Cisco Secure ACS software.

  16. Which technology provides the framework to enable scalable access security?

    • role-based CLI access
    • Simple Network Management Protocol
    • AutoSecure
    • Cisco Configuration Professional communities
    • authentication, authorization, and accounting
      Explanation:

      AAA network security services (authentication, authorization, and accounting) provide the primary framework to set up access control on a network device. It provides a higher degree of scalability than the con, aux, vty and privileged EXEC authentication commands alone by using centrally managed Cisco Secure ACS servers using TACACS+ and RADIUS protocols.

  17. Which AAA component can be established using token cards?

    • accounting
    • authorization
    • auditing
    • authentication
      Explanation:

      The authentication component of AAA is established using username and password combinations, challenge and response questions, and token cards. The authorization component of AAA determines which resources the user can access and which operations the user is allowed to perform. The accounting and auditing component of AAA keeps track of how network resources are used.

  18. What service determines which resources a user can access along with the operations that a user can perform?

    • accounting
    • authentication
    • token
    • authorization
    • biometric
      Explanation:

      Authorization determines whether a user has certain access privileges.

  19. Which three services are provided by the AAA framework? (Choose three.)

    • accounting
    • automation
    • authorization
    • authentication
    • autobalancing
    • autoconfiguration
      Explanation:

      The authentication, authorization, and accounting (AAA) framework provides services to help secure access to network devices.

  20. In threat intelligence communications, what set of specifications is for exchanging cyberthreat information between organizations?

    • Structured threat information expression (STIX)
    • Trusted automated exchange of indicator information (TAXII)
    • Common vulnerabilities and exposures (CVE)
    • Automated indicator sharing (AIS)
      Explanation:

      The two common threat intelligence-sharing standards are as follows:
      Structured Threat Information Expression (STIX) – This is a set of specifications for exchanging cyberthreat information between organizations. The Cyber Observable Expression (CybOX) standard has been incorporated into STIX.
      Trusted Automated Exchange of Indicator Information (TAXII) – This is the specification for an application layer protocol that allows the communication of CTI over HTTPS. TAXII is designed to support STIX.

  21. Match the type of business policy to the description.

    CCNA Cybersecurity Operations (Version 1.1) - CyberOps Chapter 8 Exam Answers 2019 Full 100% 001

    CCNA Cybersecurity Operations (Version 1.1) – CyberOps Chapter 8 Exam Answers 2019 Full 100% 001