"Do I Know This Already?" Quiz
The purpose of the "Do I Know This Already?" quiz is to help you decide if you really need to read the entire chapter. If you already intend to read the entire chapter, you do not necessarily need to answer these questions now.
The 11-question quiz, derived from the major sections in the "Foundation Topics" portion of the chapter, helps you determine how to spend your limited study time.
|
1: | Why is network security becoming increasingly important? Information is more important today than it has been in the past. Vendors do not provide sufficient security in their products. Attackers are posing an increasing threat to the capabilities of businesses to function efficiently and securely. Network attacks are launched not only from external sources but also increasingly from within the network. b and c are correct. c and d are correct.
|
| 2: | What are the two primary reasons for the increasing threat to network systems? Network administrators are not diligent in securing their networks. The Internet is ubiquitous. Vendors are not diligent in eliminating software bugs. Easy-to-use operating systems and development environments have become pervasive. b and d are correct. a and c are correct.
|
| 3: | Within the scope of network security, what does CIA stand for? Common information assurance Confidentiality, identification, and assurance Core Internet attacks Confidentiality, integrity, and availability
|
| 4: | What does a network security policy do? Describes the procedures to secure a network Defines the framework used to protect the assets connected to a network Provides legal and financial guidance to secure a network Describes a network's level of security
|
| 5: | What is the main goal of a network security policy? To ensure that system users, staff, and managers are informed of their responsibilities for protecting corporate technology and information assets To secure the network so that attackers cannot gain access To provide a framework that is used to protect computers on a network and ensure that users authenticate their identity To provide legal protection to the IT staff
|
| 6: | What three characteristics should a network security policy have? It should be implementable, capable of defining roles, and enforceable It should be administrative, managerial, and understandable It should be definable, restrictive, and enforceable It should be implementable, understandable, and enforceable
|
| 7: | What are the two types of network security policies? Administrative Restrictive Managerial Permissive
|
| 8: | What are some of the elements of a network security policy? Acceptable-use policy Download policy Encryption policy Extranet policy All of the above
|
| 9: | What is a risk assessment? A process of determining the vulnerabilities on a network The reduction of the level of risk in a network The ability to verify that risk exists A verification that no risk exists in the network A method that allows the level of risk inherent in a system to be quantified
|
| 10: | What is the Security Wheel? It defines network security as a continuous process that is built around the corporate security policy. It is a system whereby once the network is secured according to the outline of the security policy, the network is considered secure. It defines the method that is used to secure a network. None of the above.
|
| 11: | Which of the following are phases of the Security Wheel? Select all that apply. Security policy implementation Testing Monitoring and detection Improvement Analysis All of the above
|
The answers to the "Do I Know This Already?" quiz are found in Appendix A, "Answers to the 'Do I Know This Already?' Quizzes and Q&A Sections." The suggested choices for your next step are as follows:
10 or more overall score
If you want more review on these topics, skip to the "Foundation Summary" section and then go to the "Q&A" section. Otherwise, move to the next chapter.