Formative 1

Question 1

Which device in a layered defense-in-depth approach denies connections initiated from untrusted networks to
internal networks, but allows internal users within an organization to connect to untrusted networks?

IPS
Firewall
Internal Router
Access Layer Switch

Answer 1

Firewall

Question 2

An adminstrator discovers that a user is accessing a newly established website that may be detrimental to
company security. What action should the adminstrator take first in terms of the security policy?

Ask the user to stop imediately and inform the user that this constitutes grounds for dismissal

Revise the AUP immediately and get all users to sign the updated AUP.

Create a firewall rule blocking the respective website.

Immediately suspend the network privileges of the user

Answer 2

Revise the AUP immediately and get all users to sign the updated AUP.

Question 3

Which tool can be used to gather information about the different types of traffic that exist in a network?

protocol analyzer

rtp

application server

QoS

Answer 3

Protocol Analyzer

Question 4

With the evolution or borderless networks, which vegetable is now used to describe a defense-in-depth approach?

lettuce
cabbage
artichoke
onion

Answer 4

Artichoke

Question 5

Which section of a security policy is used to specify that only authorized individuals should have access to
enterprise data?

identification and authentication policy

acceptable use policy

statement of scope

statment of authority

Answer 5

Identification and Authentication Policy

Question 6

What is the benefit of a defense-in-depth approach?

All network vulnerabilirties are mitigated.

Only a single layer of security at the network core is required

The need for firewalls is eliminated

The effectiveness of other security measurers is not impacted when a security mechanism fails.

Answer 6

The effectiveness of other security means is not impacted when a security mechanism fails.

Question 7

In a defense-in-depth approach, which three options must be identified to effectively defend a network against attacks? (Choose three)

vulnerabilities in the system

total number of devices that attach to thte wired and wireless network

past security breaches

assets that need protection

location of attacker or attackers

threats to assets

Answer 7

Vulnerabilities in the system.

Assets that need protection.

Threats to assets.

Question 8

What three goals a BYOD security policy accomplish? (Choose three)

Identify and prevent all heuristic virus signatures

identify which employees can bring their own devices

identify safeguards to put in place if a device is compromised

describe the rights to access and activities permitted to security

personnel on the device

Answer 8

Identify which employees can bring their own devices.

Identify safeguards to puut in place if a device is compromised.

Describe the rights to access and activities permitted to security personnal on the device.

Question 9

Which device is usually the first line of defense in a layered defense-in-depth approach?

Answer 9

Edge Router

Question 10

What component of a security policy explicity defines the type of traffic allowed on a network and what users are allowed and not allowed to do?

acceptable use policies

remote access policies

password policies

identification and authentication policies

Answer 10

Acceptable Use Policies (AUP)