CCNA Security v2.

0 Chapter 1 Exam Answers

WWW.CCNA-v5.Net

CCNA Security v2.0 Chapter 1 Exam Answers

1. What method can be used to mitigate ping sweeps?
o
o
o
o

using encrypted or hashed authentication protocols

installing antivirus software on hosts
deploying antisniffer software on all network devices
blocking ICMP echo and echo-replies at the network edge

2. What are the three major components of a worm attack? (Choose three.)
o
o
o
o
o
o

a penetration mechanism
an infecting vulnerability
a payload
an enabling vulnerability
a probing mechanism
a propagation mechanism

3. Which statement accurately characterizes the evolution of threats to network

security?
o
o
o
o

Internal threats can cause even greater damage than external threats.
Threats have become less sophisticated while the technical knowledge needed by an
attacker has grown.
Early Internet users often engaged in activities that would harm other users.
Internet architects planned for network security from the beginning.

4. What causes a buffer overflow?

o
o
o
o
o

launching a security countermeasure to mitigate a Trojan horse

sending repeated connections such as Telnet to a particular device, thus denying other
data sources.
downloading and installing too many software updates at one time
attempting to write more data to a memory location than that location can hold
sending too much information to two or more interfaces of the same device, thereby
causing dropped packets

5. What commonly motivates cybercriminals to attack networks as compared to

hactivists or state-sponsored hackers?
o
o
o

status among peers

fame seeking
financial gain
CCNA 5

Page 1

CCNA Security v2.0 Chapter 1 Exam Answers

o

WWW.CCNA-v5.Net

political reasons

6. Which two network security solutions can be used to mitigate DoS attacks?
(Choose two.)
o
o
o
o
o

virus scanning
intrusion protection systems
applying user authentication
antispoofing technologies
data encryption

7. Which two statements characterize DoS attacks? (Choose two.)

o
o

Examples include smurf attacks and ping of death attacks.

They attempt to compromise the availability of a network, host, or application

8. An attacker is using a laptop as a rogue access point to capture all network traffic
from a targeted user. Which type of attack is this?
o
o
o
o

trust exploitation
buffer overflow
man in the middle
port redirection

9. What functional area of the Cisco Network Foundation Protection framework is

responsible for device-generated packets required for network operation, such as
ARP message exchanges and routing advertisements?
o
o
o
o

data plane
control plane
management plane
forwarding plane

10. What are the three components of information security ensured by cryptography?
(Choose three.)
o
o
o
o
o
o

threat prevention
authorization
confidentiality
countermeasures
integrity
availability

11. What is the primary method for mitigating malware?

CCNA 5

Page 2

CCNA Security v2.0 Chapter 1 Exam Answers

o
o
o
o

WWW.CCNA-v5.Net

using encrypted or hashed authentication protocols

installing antivirus software on all hosts
blocking ICMP echo and echo-replies at the network edge
deploying intrusion prevention systems throughout the network

12. What is an objective of a state-sponsored attack?

o
o
o
o

to gain financial prosperity

to sell operation system vulnerabilities to other hackers
to gain attention
to right a perceived wrong

13. What role does the Security Intelligence Operations (SIO) play in the Cisco
SecureX architecture?
o
o
o
o

identifying and stopping malicious traffic

authenticating users
enforcing policy
identifying applications

14. What worm mitigation phase involves actively disinfecting infected systems?
o

Treatment

15. How is a smurf attack conducted?

o
o
o
o

by sending a large number of packets to overflow the allocated buffer memory of the
target device
by sending a large number of ICMP requests to directed broadcast addresses from a
spoofed source address on the same network
by sending a large number of TCP SYN packets to a target device from a spoofed
source address
by sending an echo request in an IP packet larger than the maximum packet size of
65,535 bytes

16. What is a characteristic of a Trojan horse as it relates to network security?

o
o
o
o

Malware is contained in a seemingly legitimate executable program.

Extreme quantities of data are sent to a particular network device interface.
An electronic dictionary is used to obtain a password to be used to infiltrate a key
network device.
Too much information is destined for a particular memory block causing additional
memory areas to be affected.

CCNA 5

Page 3

CCNA Security v2.0 Chapter 1 Exam Answers

WWW.CCNA-v5.Net

17. What is the first step in the risk management process specified by the ISO/IEC?
o
o
o
o

Create a security policy.

Conduct a risk assessment.
Inventory and classify IT assets.
Create a security governance model.

18. What is the significant characteristic of worm malware?

o
o
o
o

A worm can execute independently

A worm must be triggered by an event on the host system.
Worm malware disguises itself as legitimate software
Once installed on a host system, a worm does not replicate itself.

19. Which condition describes the potential threat created by Instant On in a data
center?
o
o
o
o

when the primary firewall in the data center crashes

when an attacker hijacks a VM hypervisor and then launches attacks against other
devices in the data center
when the primary IPS appliance is malfunctioning
when a VM that may have outdated security policies is brought online after a long period
of inactivity.

20. What are the three core components of the Cisco Secure Data Center solution?
(Choose three.)
o
o
o
o
o
o

mesh network
secure segmentation
visibility
threat defense
servers
infrastructure

21. A disgruntled employee is using Wireshark to discover administrative Telnet

usernames and passwords. What type of network attack does this describe?
o
o
o
o

trust exploitation
denial of service
reconnaissance
port redirection

22. Which two statements describe access attacks? (Choose two.)

CCNA 5

Page 4

CCNA Security v2.0 Chapter 1 Exam Answers

WWW.CCNA-v5.Net

Trust exploitation attacks often involve the use of a laptop to act as a rogue access point
to capture and copy all network traffic in a public location, such as a wireless hotspot.

To detect listening services, port scanning attacks scan a range of TCP or UDP port
numbers on a host

Buffer overflow attacks write data beyond the hallocated buffer memory to overwrite
valid data or to exploit systems to execute malicious code.

Password attacks can be implemented by the use os brute-force attack methods, Trojan
horse, or packet sniffers.

Port redirection attacks use a network adapter card in promiscuous mode to capture all
network packets that are sent across a LAN.

23. What is a ping sweep?

o
o
o
o

a scanning technique that examines a range of TCP or UDP port numbers on a host to
detect listening services.
a software application that enables the capture of all network packets that are sent
across a LAN.
a query and response protocol that identifies information about a domain, including the
addresses that are assigned to that domain
a network scanning technique that indicates the live hosts in a range of IP addresses.

24. As a dedicated network security tool, an intrusion Protection system can provide
detection and blocking of attacks in real time.

CCNA 5

Page 5