CCSP SelfStudy CCSP CSI: Exam Certification Guide, Second Edition [Electronic resources] نسخه متنی

Why is network security becoming increasingly important?

1. Information is more important today than it has been in the past.

2. Vendors do not provide sufficient security in their products.

3. Attackers are posing an increasing threat to the capabilities of businesses to function efficiently and securely.

4. Network attacks are launched not only from external sources but also increasingly from within the network.

5. b and c are correct.

6. c and d are correct.

What are the two primary reasons for the increasing threat to network systems?

1. Network administrators are not diligent in securing their networks.

2. The Internet is ubiquitous.

3. Vendors are not diligent in eliminating software bugs.

4. Easy-to-use operating systems and development environments have become pervasive.

5. b and d are correct.

6. a and c are correct.

Within the scope of network security, what does CIA stand for?

1. Common information assurance

2. Confidentiality, identification, and assurance

3. Core Internet attacks

4. Confidentiality, integrity, and availability

What does a network security policy do?

1. Describes the procedures to secure a network

2. Defines the framework used to protect the assets connected to a network

3. Provides legal and financial guidance to secure a network

4. Describes a network's level of security

What is the main goal of a network security policy?

1. To ensure that system users, staff, and managers are informed of their responsibilities for protecting corporate technology and information assets

2. To secure the network so that attackers cannot gain access

3. To provide a framework that is used to protect computers on a network and ensure that users authenticate their identity

4. To provide legal protection to the IT staff

What three characteristics should a network security policy have?

1. It should be implementable, capable of defining roles, and enforceable

2. It should be administrative, managerial, and understandable

3. It should be definable, restrictive, and enforceable

4. It should be implementable, understandable, and enforceable

What are the two types of network security policies?

1. Administrative

2. Restrictive

3. Managerial

4. Permissive

What are some of the elements of a network security policy?

1. Acceptable-use policy

2. Download policy

3. Encryption policy

4. Extranet policy

5. All of the above

What is a risk assessment?

1. A process of determining the vulnerabilities on a network

2. The reduction of the level of risk in a network

3. The ability to verify that risk exists

4. A verification that no risk exists in the network

5. A method that allows the level of risk inherent in a system to be quantified

What is the Security Wheel?

1. It defines network security as a continuous process that is built around the corporate security policy.

2. It is a system whereby once the network is secured according to the outline of the security policy, the network is considered secure.

3. It defines the method that is used to secure a network.

4. None of the above.

Which of the following are phases of the Security Wheel? Select all that apply.

1. Security policy implementation

2. Testing

3. Monitoring and detection

4. Improvement

5. Analysis

6. All of the above