Module 1

Question 1

Networks are routinely under attack.

Answer 1

True

Question 2

Maintains the interactive Cyberthreat Real-Time Map display of current network attacks.

Answer 2

Kapersky

Question 3

Network security breaches can…

Answer 3

disrupt e-commerce, cause the loss of business data, threaten people’s privacy, and compromise the integrity of information

Question 4

Cisco website that provides comprehensive security and threat intelligence

Answer 4

Cisco Talos Intelligence Group

Question 5

What does PSIRT stand for?

Answer 5

Cisco Product Security Incident Response Team

Question 6

PSIRT is responsible for..

Answer 6

investigating and mitigating potential vulnerabilities in Cisco products

Question 7

What is an attack vector?

Answer 7

A path by which a threat actor can gain access to a server, host, or network.

Question 8

Where do attack vectors originate from?

Answer 8

Inside or outside the corporate network.

Question 9

How may threat actors target a network?

Answer 9

Through the internet

Question 10

Why might threat actors target a network through the internet?

Answer 10

To disrupt network operations and create a DoS attack

Question 11

The most common vector for data loss including instant messaging software and social media sites

Answer 11

Email/Social Networking

Question 12

A stolen corporate laptop containing confidential organizational data is an example of having an…

Answer 12

Unencrypted Device

Question 13

What happens when data isn’t stored using an encryption algorithm

Answer 13

A thief can retrieve valuable confidential data

Question 14

What can happen with Cloud Storage Devices with sensitive data?

Answer 14

It can be lost if access to the cloud is compromised due to weak security settings

Question 15

What is Removable media?

Answer 15

Any type of storage device that can be removed from a computer while the system is running

Question 16

What could happen between a curious employee and a suspicious USB

Answer 16

The employee could perform an unauthorized transfer of data to a USB drive

Question 17

What risk could happen involving a USB

Answer 17

Someone could lose it while it contained valuable corporate data

Question 18

What should be done with confidential Hard Copies

Answer 18

It should be shredded when no longer required

Question 19

Why should confidential Hard Copies be shredded?

Answer 19

A thief could retrieve discarded reports and gain valuable information

Question 20

What could happen with Improper Access Control

Answer 20

Stolen or weak passwords which have been compromised can provide an attacker easy access to data

Question 21

Virtual Private Networks (VPNs) ensure..

Answer 21

data confidentiality and integrity from authenticated sources

Question 22

How do VPNs protect data?

Answer 22

It protects data in motion that is flowing from the CAN to the outside world

Question 23

What does Adaptive Security Appliance (ASA) firewall do?

Answer 23

Performs stateful packet filtering to filter return traffic from the outside network into campus

Question 24

What Cisco Intrusion Prevention System (IPS) device do?

Answer 24

Continuously monitors incoming and outgoing network traffic for malicious activity and blocks if needed

Question 25

What does IPS monitor/log?

Answer 25

Information about the activity and attempts to block and report it

Question 26

What are Layer 3 Switches and what do they do?

Answer 26

These distribution layer switches are secured and provide secure redundant trunk connections to the Layer 2 switches

Question 27

What type of security can be implemented on Layer 3 Switches?

Answer 27

ACLs, DHCP snooping, Dynamic ARP Inspection (DAI), and IP source guard

Question 28

What security features can be implemented on Layer 2 Switches?

Answer 28

Port security, DHCP snooping, and 802.1x user authentication

Question 29

What do Cisco Email Security Appliance (ESA) and Web Security Appliance (WSA) do?

Answer 29

They provide advanced threat defense, application visibility and control, reporting, and secure mobility to secure and control email and web traffic

Question 30

What do AAA servers do?

Answer 30

Authenticates users, authorizes what they are allowed to do, and tracks what they are doing

Question 31

How are Hosts secured?

Answer 31

Antivirus and antimalware software, Host Intrusion Protection System features, and 802.1X

Question 32

Campus Area Networks (CANs) consist of..?

Answer 32

Interconnected LANS within a limited geographical area

Question 33

What do the elements of the defense-in-depth design include?

Answer 33

VPN, ASA firewall, IPS, Layer 3 switches, ESA/WSA, AAA server, and hosts

Question 34

How are SOHO networks typically protected?

Answer 34

They use consumer-grade routers that provide integrated firewall features and secure wireless connections

Question 35

What hosts use WPA2 data encryption technology?

Answer 35

Wireless hosts

Question 36

What do WANs have to use to secure their network?

Answer 36

They must use secure devices on the edge of the network

Question 37

Where are Data center networks typically housed?

Answer 37

Off-site facility to store sensitive or proprietary data

Question 38

What is the physical security of Data centers?

Answer 38

Outside perimeter security and inside perimeter security

Question 39

What do Security traps do?

Answer 39

They require a person to use their badge ID to enter the first area. After the person is inside the security trap, facial recognition, fingerprints, or other biometric verifications are used to open the second door

Question 40

What does cloud computing do?

Answer 40

Allows organizations to use services such as data storage or cloud-based applications, to extend their capacity or capabilities without adding infrastructure

Question 41

What does the actual cloud network have?

Answer 41

It consists of physical and virtual servers which are commonly housed in data centers

Question 42

What are data centers using to provide server services to their clients?

Answer 42

Virtual Machines (VMs)

Question 43

What attacks are VMs prone to?

Answer 43

Hyperjacking, instant-on activation, and antivirus storms

Question 44

What does Cisco Secure Data Center do?

Answer 44

Block internal and external threats at the data center edge

Question 45

What do the core components of the Cisco Secure Data Center provide?

Answer 45

segmentation, threat defense, and visibility

Question 46

What devices are people using to access enterprise information?

Answer 46

Bring Your Own Device (BYOD)

Question 47

How does Cisco accommodate BYOD?

Answer 47

They developed the Borderless Network

Question 48

What happens in a Borderless Network?

Answer 48

Access to resources can be initiated by users from many locations, on many types of endpoint devices, using various connectivity methods

Question 49

How does Cisco support the Borderless Network?

Answer 49

Cisco devices support MDM features

Question 50

Data encryption (MDM)

Answer 50

MDM features can ensure that only devices that support data encryption and have it enabled can access the network and corporate content

Question 51

PIN Enforcement (MDM)

Answer 51

Strong password policies can also be enforced by an MDM, reducing the likelihood of brute-force attacks

Question 52

Data Wipe (MDM)

Answer 52

Lost or stolen devices can be removed fully- or partially wiped, either by the user or by an administrator via the MDM

Question 53

DLP (Data Loss Prevention) (MDM)

Answer 53

Prevents authorized users from doing careless or malicious things with critical data

Question 54

Jailbreak/Root Detection (MDM)

Answer 54

Jailbreaking (Apple IOS) and rooting (Andriod) are a means to bypass the management of a device. MDM features can detect such bypasses and immediately restrict a device’s access to the network or other corporate assets

Question 55

What is Hyperjacking?

Answer 55

AN attacker hijacks a VM hypervisor and uses it as a launch point to attack other devices on the data center network

Question 56

What is Instant-on Activation?

Answer 56

When a VM that has not been used for a period of time is brought online, it may have security policies that deviate from the baseline security and can introduce security vulnerabilities

Question 57

Secure Segmentation

Answer 57

Provides granular inter-virtual-machine security

Question 58

Threat Defense

Answer 58

Threat intelligence, passive OS fingerprinting, reputation, and contextual analysis are used to provide threat defense

Question 59

Visibility

Answer 59

Visibility solutions are provided using software such as the Cisco Security Manager which help simplify operations and compliance reporting