Module 18: Understanding Defense

Question 1

How does BYOD change the way in which businesses implement networks?​

BYOD devices are more expensive than devices that are purchased by an organization.
BYOD provides flexibility in where and how users can access network resources.
BYOD requires organizations to purchase laptops rather than desktops.
BYOD users are responsible for their own network security, thus reducing the need for organizational security policies.

Answer 1

BYOD provides flexibility in where and how users can access network resources.

Question 2

Which device is usually the first line of defense in a layered defense-in-depth approach?

internal router
firewall
access layer switch
edge router

Answer 2

Edge router

Question 3

With the evolution of borderless networks, which vegetable is now used to describe a defense-in-depth approach?

cabbage
lettuce
artichoke
onion

Answer 3

artichoke

Question 4

Which type of business policy establishes the rules of conduct and the responsibilities of employees and employers?

data
security
employee
company

Answer 4

company

Question 5

An administrator is concerned with restricting which network applications and uses are acceptable to the organization. What security policy component does the administrator use to address these concerns?

network maintenance policy
remote access policy
incident handling procedures policy
acceptable use policy

Answer 5

acceptable use policy

Question 6

What component of a security policy explicitly defines the type of traffic allowed on a network and what users are allowed and not allowed to do?

acceptable use policies
remote access policies
password policies
identification and authentication policies

Answer 6

acceptable use policies

Question 7

What device would be used as the third line of defense in a defense-in-depth approach?

Answer 7

internal router

1. Edge Router
2. Firewall
3. Internal Router

Question 8

Refer to the exhibit. The security policy of an organization allows employees to connect to the office intranet from their homes. Which type of security policy is this?

Answer 8

Remote access

Question 9

What is a characteristic of a layered defense-in-depth security approach?

The layers define a set of security objectives for a company and define the rules of behavior for users and administrators.
The failure of one safeguard does not affect the effectiveness of the other safeguards.
The different layers work in isolation to create a security architecture.
The layers set a baseline of acceptable use of the network.

Answer 9

The failure of one safeguard does not affect the effectiveness of the other safeguards.

Question 10

Which is a BYOD security best practice?

have all users install an antivirus program of their choice on the BYOD device
subscribe to a device locator service with remote wipe feature
disable use of MDM software on any of the BYOD devices
use one global complex password for all BYOD devices

Answer 10

Subscribe to a device locator service with remote wipe feature

Question 11

What do security compliance regulations define?

which websites users cannot access
which defense-in-depth mechanisms to adopt
what organizations are responsible for providing and the liability for failure to comply
which security appliances can be used

Answer 11

what organizations are responsible for providing and the liability for failure to comply

Question 12

What device would be used as a second line of defense in a defense-in-depth approach?

edge router
internal router
switch
firewall

Answer 12

firewall