Skip to content
  • Home
  • CCNA Labs
    • CCNA 1 LAB Activities (v6 & v7)
    • CCNA 2 LAB Activities (v6 & v7)
    • CCNA 3 LAB Activities (v6 & v7)
    • CCNA 4 Lab Activities
  • Linux
    • Linux Unhatched
    • Linux Essentials 2.0
    • Linux Essentials
    • Introduction to Linux I
    • Introduction to Linux II
  • Programming
    • PCAP – Programming Essentials in Python
    • CLA – Programming Essentials in C
    • CPA Programming Essentials in C++
  • About
    • Contact Us
    • Privacy Policy

CCNA 7 Exam Answers 2023

Go with our CCIE, Passed 100%

  • ITE
    • ITE - IT Essentials v7.0
    • ITE - IT Essentials v6.0
      • IT Essentials Lab 2019
    • ITE v5.0 Exam
    • Virtual Activity Laptop
    • Virtual Activity Desktop
  • NE
    • MF
  • CCNA
    • CCNA1
      • CCNA1 v7.0 – ITN
      • CCNA1 v6.0
    • CCNA2
      • CCNA2 v7.0 – SRWE
      • CCNA2 v6.0
    • CCNA3
      • CCNA3 v7.0 – ENSA
      • CCNA3 v6.0
    • CCNA4
      • CCNA4 v6.0
  • Cyber-Security
    • ITC – Introduction to Cybersecurity 2.1 (Level 1)
    • CE – Cybersecurity Essentials 1.1 (Level 2)
    • CCNA CyberOps 1.1 (Level 3)
  • Security
    • CCNA Security v2
  • DevNet
  • CCNA PT Lab 2023

CCNA CyberOps Chapter 10 Exam Online

Last Updated on May 20, 2021 by Admin

CCNA CyberOps Chapter 10 Exam Online

CCNA CyberOps 1.1 -- Chapter 10 Exam

Time limit: 0

Quiz-summary

0 of 39 questions completed

Questions:

  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. 7
  8. 8
  9. 9
  10. 10
  11. 11
  12. 12
  13. 13
  14. 14
  15. 15
  16. 16
  17. 17
  18. 18
  19. 19
  20. 20
  21. 21
  22. 22
  23. 23
  24. 24
  25. 25
  26. 26
  27. 27
  28. 28
  29. 29
  30. 30
  31. 31
  32. 32
  33. 33
  34. 34
  35. 35
  36. 36
  37. 37
  38. 38
  39. 39

Information

CCNA CyberOps 1.1 — Chapter 10 Exam

You have already completed the quiz before. Hence you can not start it again.

Quiz is loading...

You must sign in or sign up to start the quiz.

You have to finish following quiz, to start this quiz:

Results

0 of 39 questions answered correctly

Your time:

Time has elapsed

You have reached 0 of 0 points, (0)

Average score
 
 
Your score
 
 

Categories

  1. Not categorized 0%
  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. 7
  8. 8
  9. 9
  10. 10
  11. 11
  12. 12
  13. 13
  14. 14
  15. 15
  16. 16
  17. 17
  18. 18
  19. 19
  20. 20
  21. 21
  22. 22
  23. 23
  24. 24
  25. 25
  26. 26
  27. 27
  28. 28
  29. 29
  30. 30
  31. 31
  32. 32
  33. 33
  34. 34
  35. 35
  36. 36
  37. 37
  38. 38
  39. 39
  1. Answered
  2. Review
  1. Question 1 of 39
    1. Question
    1 points

    Which device in a LAN infrastructure is susceptible to MAC address-table overflow and spoofing attacks?

    Correct

    Incorrect

    Switches are LAN infrastructure devices interconnecting endpoints. They are susceptible to LAN-related attacks including MAC address-table overflow attacks, spoofing attacks, LAN storm attacks, STP manipulation attacks, and VLAN attacks.

    Hint

    Switches are LAN infrastructure devices interconnecting endpoints. They are susceptible to LAN-related attacks including MAC address-table overflow attacks, spoofing attacks, LAN storm attacks, STP manipulation attacks, and VLAN attacks.

  2. Question 2 of 39
    2. Question
    1 points

    Which type of antimalware software detects and mitigates malware by analyzing suspicious activities?

    Correct

    Incorrect

    Antimalware programs may detect viruses using three different approaches:

    • signature-based – by recognizing various characteristics of known malware files
    • heuristics-based – by recognizing general features shared by various types of malware
    • behavior-based – through analysis of suspicious activities

     

    Hint

    Antimalware programs may detect viruses using three different approaches:

    • signature-based – by recognizing various characteristics of known malware files
    • heuristics-based – by recognizing general features shared by various types of malware
    • behavior-based – through analysis of suspicious activities

     

  3. Question 3 of 39
    3. Question
    1 points

    In most host-based security suites, which function provides robust logging of security-related events and sends logs to a central location?

    Correct

    Incorrect

    The telemetry functionality in most host-based security suites provides robust logging functionality and submits logs to a central location for analysis.

    Hint

    The telemetry functionality in most host-based security suites provides robust logging functionality and submits logs to a central location for analysis.

  4. Question 4 of 39
    4. Question
    1 points

    Which statement describes agentless antivirus protection?

    Correct

    Incorrect

    Host-based antivirus protection is also known as agent-based. Agent-based antivirus runs on every protected machine. Agentless antivirus protection performs scans on hosts from a centralized system.

    Hint

    Host-based antivirus protection is also known as agent-based. Agent-based antivirus runs on every protected machine. Agentless antivirus protection performs scans on hosts from a centralized system.

  5. Question 5 of 39
    5. Question
    1 points

    Which statement describes the use of a Network Admission Control (NAC) solution?

    Correct

    Incorrect

    Network Admission Control (NAC) allows only authorized and compliant systems to connect to a network.

    Hint

    Network Admission Control (NAC) allows only authorized and compliant systems to connect to a network.

  6. Question 6 of 39
    6. Question
    1 points

    What type of antimalware program is able to detect viruses by recognizing various characteristics of a known malware file?

    Correct

    Incorrect

    Using a signature-based approach, host security software can detect viruses and malware by recognizing various characteristics of known malware files.

    Hint

    Using a signature-based approach, host security software can detect viruses and malware by recognizing various characteristics of known malware files.

  7. Question 7 of 39
    7. Question
    1 points

    What is a host-based intrusion detection system (HIDS)?

    Correct

    Incorrect

    A current HIDS is a comprehensive security application that combines the functionalities of antimalware applications with firewall protection. An HIDS not only detects malware but also prevents it from executing. Because the HIDS runs directly on the host, it is considered an agent-based system.

    Hint

    A current HIDS is a comprehensive security application that combines the functionalities of antimalware applications with firewall protection. An HIDS not only detects malware but also prevents it from executing. Because the HIDS runs directly on the host, it is considered an agent-based system.

  8. Question 8 of 39
    8. Question
    1 points

    Which statement describes the anomaly-based intrusion detection approach?

    Correct

    Incorrect

    With an anomaly-based intrusion detection approach, a baseline of host behaviors is established first. The host behavior is checked against the baseline to detect significant deviations, which might indicate potential intrusions.

    Hint

    With an anomaly-based intrusion detection approach, a baseline of host behaviors is established first. The host behavior is checked against the baseline to detect significant deviations, which might indicate potential intrusions.

  9. Question 9 of 39
    9. Question
    1 points

    Which statement describes the term iptables?

    Correct

    Incorrect

    Iptables is an application that allows Linux system administrators to configure network access rules.

    Hint

    Iptables is an application that allows Linux system administrators to configure network access rules.

  10. Question 10 of 39
    10. Question
    1 points

    On a Windows host, which tool can be used to create and maintain blacklists and whitelists?

    Correct

    Incorrect

    In Windows, blacklisting and whitelisting settings can be managed through the Group Policy Editor.

    Hint

    In Windows, blacklisting and whitelisting settings can be managed through the Group Policy Editor.

  11. Question 11 of 39
    11. Question
    1 points

    Which statement describes the term attack surface?

    Correct

    Incorrect

    An attack surface is the total sum of the vulnerabilities in a system that is accessible to an attacker. The attack surface can consist of open ports on servers or hosts, software that runs on Internet-facing servers, wireless network protocols, and even users.

    Hint

    An attack surface is the total sum of the vulnerabilities in a system that is accessible to an attacker. The attack surface can consist of open ports on servers or hosts, software that runs on Internet-facing servers, wireless network protocols, and even users.

  12. Question 12 of 39
    12. Question
    1 points

    Which statement describes the Cisco Threat Grid Glovebox?

    Correct

    Incorrect

    Cisco ThreatGrid Glovebox is a sandbox product for analyzing malware behaviors.

    Hint

    Cisco ThreatGrid Glovebox is a sandbox product for analyzing malware behaviors.

  13. Question 13 of 39
    13. Question
    1 points

    Which security procedure would be used on a Windows workstation to prevent access to a specific set of websites?

    Correct

    Incorrect

    Blacklists can be used to identify and prevent specific applications, websites, or services from being downloaded or executed within an enterprise network.

    Hint

    Blacklists can be used to identify and prevent specific applications, websites, or services from being downloaded or executed within an enterprise network.

  14. Question 14 of 39
    14. Question
    1 points

    When a network baseline is being established for an organization, which network profile element indicates the time between the establishment of a data flow and its termination?

    Correct

    Incorrect

    Important elements of a network profile include:

    • Total throughput – the amount of data passing from a given source to a given destination in a given period of time
    • Session duration – the time between the establishment of a data flow and its termination
    • Ports used – a list of TCP or UDP processes that are available to accept data
    • Critical asset address space – the IP addresses or the logical location of essential systems or data

     

    Hint

    Important elements of a network profile include:

    • Total throughput – the amount of data passing from a given source to a given destination in a given period of time
    • Session duration – the time between the establishment of a data flow and its termination
    • Ports used – a list of TCP or UDP processes that are available to accept data
    • Critical asset address space – the IP addresses or the logical location of essential systems or data

     

  15. Question 15 of 39
    15. Question
    1 points

    In network security assessments, which type of test employs software to scan internal networks and Internet facing servers for various types of vulnerabilities?

    Correct

    Incorrect

    In vulnerability assessment, security analysts use software to scan internal networks and Internet facing servers for various types of vulnerabilities. Tools for vulnerability assessment include the open source OpenVAS platform, Microsoft Baseline Security Analyzer, Nessus, Qualys, and Fireeye Mandiant services.

    Hint

    In vulnerability assessment, security analysts use software to scan internal networks and Internet facing servers for various types of vulnerabilities. Tools for vulnerability assessment include the open source OpenVAS platform, Microsoft Baseline Security Analyzer, Nessus, Qualys, and Fireeye Mandiant services.

  16. Question 16 of 39
    16. Question
    2 points

    Which two classes of metrics are included in the CVSS Base Metric Group? (Choose two.)

    Correct

    Incorrect

    The Base Metric Group of CVSS represents the characteristics of a vulnerability that are constant over time and across contexts. It contains two classes of metrics, Exploitability and Impact.

    Hint

    The Base Metric Group of CVSS represents the characteristics of a vulnerability that are constant over time and across contexts. It contains two classes of metrics, Exploitability and Impact.

  17. Question 17 of 39
    17. Question
    1 points

    Which criterion in the Base Metric Group Exploitability metrics reflects the proximity of the threat actor to the vulnerable component?

    Correct

    Incorrect

    The Base Metric Group Exploitability metrics include the criteria:

    • Attack vector – a metric that reflects the proximity of the threat actor to the vulnerable component
    • Attack complexity – a metric that expresses the number of components, software, hardware, or networks, that are beyond control of the attacker and that must be present in order for a vulnerability to be successfully exploited
    • Privileges required – a metric that captures the level of access that is required for a successful exploit of the vulnerability
    • User interaction – second component of the attack complexity metric that expresses the presence or absence of the requirement for user interaction in order for an exploit to be successful
    • Scope – a metric that expresses whether multiple authorities must be involved in an exploit

     

    Hint

    The Base Metric Group Exploitability metrics include the criteria:

    • Attack vector – a metric that reflects the proximity of the threat actor to the vulnerable component
    • Attack complexity – a metric that expresses the number of components, software, hardware, or networks, that are beyond control of the attacker and that must be present in order for a vulnerability to be successfully exploited
    • Privileges required – a metric that captures the level of access that is required for a successful exploit of the vulnerability
    • User interaction – second component of the attack complexity metric that expresses the presence or absence of the requirement for user interaction in order for an exploit to be successful
    • Scope – a metric that expresses whether multiple authorities must be involved in an exploit

     

  18. Question 18 of 39
    18. Question
    2 points

    Which two criteria in the Base Metric Group Exploitability metrics are associated with the complexity of attacks? (Choose two)

    Correct

    Incorrect

    The Base Metric Group Exploitability metrics include these criteria:

    • Attack vector – a metric that reflects the proximity of the threat actor to the vulnerable component
    • Attack complexity – a metric that expresses the number of components, software, hardware, or networks, that are beyond control of the attacker and that must be present in order for a vulnerability to be successfully exploited
    • Privileges required – a metric that captures the level of access that is required for a successful exploit of the vulnerability
    • User interaction – second component of the attack complexity metric that expresses the presence or absence of the requirement for user interaction in order for an exploit to be successful
    • Scope – a metric that expresses whether multiple authorities must be involved in an exploit

     

    Hint

    The Base Metric Group Exploitability metrics include these criteria:

    • Attack vector – a metric that reflects the proximity of the threat actor to the vulnerable component
    • Attack complexity – a metric that expresses the number of components, software, hardware, or networks, that are beyond control of the attacker and that must be present in order for a vulnerability to be successfully exploited
    • Privileges required – a metric that captures the level of access that is required for a successful exploit of the vulnerability
    • User interaction – second component of the attack complexity metric that expresses the presence or absence of the requirement for user interaction in order for an exploit to be successful
    • Scope – a metric that expresses whether multiple authorities must be involved in an exploit

     

  19. Question 19 of 39
    19. Question
    1 points

    Which regulatory compliance regulation sets requirements for all U.S. public company boards, management and public accounting firms regarding the way in which corporations control and disclose financial information?

    Correct

    Incorrect

    There are five major regulatory compliance regulations including:

    • Federal Information Security Management Act of 2002 (FISMA) – specifies security standards for U.S. government systems and contractors to the U.S. government.
    • Sarbanes-Oxley Act of 2002 (SOX) – sets new or expanded requirements for all U.S. public company boards, management and public accounting firms regarding the way in which corporations control and disclose financial information.
    • Gramm-Leach-Bliley Act (GLBA) – established that financial institutions must ensure the security and confidentiality of customer information; protect against any anticipated threats or hazards to the security or integrity of such information; and protect against unauthorized access to or use of customer information that could result in substantial harm or inconvenience to any customer.
    • Health Insurance Portability and Accountability Act (HIPAA) – requires that all patient personally identifiable healthcare information be stored, maintained, and transmitted in ways that ensure patient privacy and confidentiality.

     

    Hint

    There are five major regulatory compliance regulations including:

    • Federal Information Security Management Act of 2002 (FISMA) – specifies security standards for U.S. government systems and contractors to the U.S. government.
    • Sarbanes-Oxley Act of 2002 (SOX) – sets new or expanded requirements for all U.S. public company boards, management and public accounting firms regarding the way in which corporations control and disclose financial information.
    • Gramm-Leach-Bliley Act (GLBA) – established that financial institutions must ensure the security and confidentiality of customer information; protect against any anticipated threats or hazards to the security or integrity of such information; and protect against unauthorized access to or use of customer information that could result in substantial harm or inconvenience to any customer.
    • Health Insurance Portability and Accountability Act (HIPAA) – requires that all patient personally identifiable healthcare information be stored, maintained, and transmitted in ways that ensure patient privacy and confidentiality.

     

  20. Question 20 of 39
    20. Question
    1 points

    Which statement describes the threat-vulnerability (T-V) pairing?

    Correct

    Incorrect

    A mandatory activity in risk assessment is the identification of threats and vulnerabilities and the matching of threats with vulnerabilities, also called threat-vulnerability (T-V) pairing.

    Hint

    A mandatory activity in risk assessment is the identification of threats and vulnerabilities and the matching of threats with vulnerabilities, also called threat-vulnerability (T-V) pairing.

  21. Question 21 of 39
    21. Question
    1 points

    In addressing an identified risk, which strategy aims to stop performing the activities that create risk?

    Correct

    Incorrect

    There are four potential strategies for responding to risks that have been identified:

    • Risk avoidance – Stop performing the activities that create risk.
    • Risk reduction – Decrease the risk by taking measures to reduce vulnerability.
    • Risk sharing – Shift some of the risk to other parties.
    • Risk retention – Accept the risk and its consequences.

     

    Hint

    There are four potential strategies for responding to risks that have been identified:

    • Risk avoidance – Stop performing the activities that create risk.
    • Risk reduction – Decrease the risk by taking measures to reduce vulnerability.
    • Risk sharing – Shift some of the risk to other parties.
    • Risk retention – Accept the risk and its consequences.

     

  22. Question 22 of 39
    22. Question
    1 points

    In addressing a risk that has low potential impact and relatively high cost of mitigation or reduction, which strategy will accept the risk and its consequences?

    Correct

    Incorrect

    There are four potential strategies for responding to risks that have been identified:

    • Risk avoidance – Stop performing the activities that create risk.
    • Risk reduction – Decrease the risk by taking measures to reduce vulnerability.
    • Risk sharing – Shift some of the risk to other parties.
    • Risk retention – Accept the risk and its consequences.

     

    Hint

    There are four potential strategies for responding to risks that have been identified:

    • Risk avoidance – Stop performing the activities that create risk.
    • Risk reduction – Decrease the risk by taking measures to reduce vulnerability.
    • Risk sharing – Shift some of the risk to other parties.
    • Risk retention – Accept the risk and its consequences.

     

  23. Question 23 of 39
    23. Question
    1 points

    The IT security personnel of an organization notice that the web server deployed in the DMZ is frequently targeted by threat actors. The decision is made to implement a patch management system to manage the server. Which risk management strategy method is being used to respond to the identified risk?

    Correct

    Incorrect

    There are four potential strategies for responding to risks that have been identified:

    • Risk avoidance – Stop performing the activities that create risk.
    • Risk reduction – Decrease the risk by taking measures to reduce vulnerability.
    • Risk sharing – Shift some of the risk to other parties.
    • Risk retention – Accept the risk and its consequences.

     

    Hint

    There are four potential strategies for responding to risks that have been identified:

    • Risk avoidance – Stop performing the activities that create risk.
    • Risk reduction – Decrease the risk by taking measures to reduce vulnerability.
    • Risk sharing – Shift some of the risk to other parties.
    • Risk retention – Accept the risk and its consequences.

     

  24. Question 24 of 39
    24. Question
    1 points

    Which step in the Vulnerability Management Life Cycle determines a baseline risk profile to eliminate risks based on asset criticality, vulnerability threat, and asset classification?

    Correct

    Incorrect

    The steps in the Vulnerability Management Life Cycle include these:Discover – inventory all assets across the network and identify host details, including operating systems and open services, to identify vulnerabilities
    Prioritize assets – categorize assets into groups or business units, and assign a business value to asset groups based on their criticality to business operations
    Assess – determine a baseline risk profile to eliminate risks based on asset criticality, vulnerability threats, and asset classification
    Report – measure the level of business risk associated with assets according to security policies. Document a security plan, monitor suspicious activity, and describe known vulnerabilities.
    Remediate – prioritize according to business risk and fix vulnerabilities in order of risk
    Verify – verify that threats have been eliminated through follow-up audits

    Hint

    The steps in the Vulnerability Management Life Cycle include these:Discover – inventory all assets across the network and identify host details, including operating systems and open services, to identify vulnerabilities
    Prioritize assets – categorize assets into groups or business units, and assign a business value to asset groups based on their criticality to business operations
    Assess – determine a baseline risk profile to eliminate risks based on asset criticality, vulnerability threats, and asset classification
    Report – measure the level of business risk associated with assets according to security policies. Document a security plan, monitor suspicious activity, and describe known vulnerabilities.
    Remediate – prioritize according to business risk and fix vulnerabilities in order of risk
    Verify – verify that threats have been eliminated through follow-up audits

  25. Question 25 of 39
    25. Question
    1 points

    For network systems, which management system addresses the inventory and control of hardware and software configurations?

    Correct

    Incorrect

    Configuration management addresses the inventory and control of hardware and software configurations of network systems.

    Hint

    Configuration management addresses the inventory and control of hardware and software configurations of network systems.

  26. Question 26 of 39
    26. Question
    1 points

    What is the first step taken in risk assessment?

    Correct

    Incorrect

    The three steps of risk assessment in order are as follows:

    1. Identify threats and vulnerabilities and the matching of threats with vulnerabilities.
    2. Establish a baseline to indicate risk before security controls are implemented.
    3. Compare to an ongoing risk assessment as a means of evaluating risk management effectiveness.

     

    Hint

    The three steps of risk assessment in order are as follows:

    1. Identify threats and vulnerabilities and the matching of threats with vulnerabilities.
    2. Establish a baseline to indicate risk before security controls are implemented.
    3. Compare to an ongoing risk assessment as a means of evaluating risk management effectiveness.

     

  27. Question 27 of 39
    27. Question
    4 points

    Match the network-based antimalware solution to the function. (Not all options are used.)

     

    Sort elements
    • provides filtering of SPAM and potentially malicious emails before they reach the endpoint
    • provides filtering of websites and blacklisting before they reach the endpoint
    • permits only authorized and compliant systems to connect to the network
    • provides endpoint protection from viruses and malware
    • provides dynamic IP addresses to authenticated endpoints
    • email security appliance
      • web security appliance
        • network admission control
          • advanced malware protection
            Correct

            Incorrect

          • Question 28 of 39
            28. Question
            3 points

            Match the description to the antimalware approach. (Not all options are used.)

             

            Sort elements
            • behavior-based
            • signature-based
            • heuristics-based
            • agent-based
            • analyzing suspicious activities
              • recognizing various characteristics of known malware files
                • recognizing general features shared by various types of malware
                  Correct

                  Incorrect

                  Antimalware programs may detect viruses using three different approaches:

                  • signature-based – by recognizing various characteristics of known malware files
                  • heuristics-based – by recognizing general features shared by various types of malware
                  • behavior-based – through analysis of suspicious activities

                   

                  Hint

                  Antimalware programs may detect viruses using three different approaches:

                  • signature-based – by recognizing various characteristics of known malware files
                  • heuristics-based – by recognizing general features shared by various types of malware
                  • behavior-based – through analysis of suspicious activities

                   

                • Question 29 of 39
                  29. Question
                  1 points
                  Use the following scenario to answer the questions. An entrepreneur is starting a small business and is considering the server services needed for the startup company. The company handling the IT service is presenting options to the company.
                  If the entrepreneur decides to go with Linux server, how are services handled differently from how Windows server services would be handled?
                  Correct

                  Incorrect

                  Linux server services are managed using configuration files that contain specific information about the service including port number, location of the hosted resources, and client authorization details.

                  Hint

                  Linux server services are managed using configuration files that contain specific information about the service including port number, location of the hosted resources, and client authorization details.

                • Question 30 of 39
                  30. Question
                  2 points
                  Use the following scenario to answer the questions. An entrepreneur is starting a small business and is considering the server services needed for the startup company. The company handling the IT service is presenting options to the company.
                  The company will be using both Linux- and Windows-based hosts. Which two solutions would be used in a distributed firewall network design? (Choose two.)
                  Correct

                  Incorrect

                  A network design that uses distributed firewalls centrally manages security rules and pushes those rules to the Linux and Windows host machines. Windows-based hosts use the Windows Firewall, whereas the Linux-based hosts use a firewall application such as iptables or nftables. Snort is an open source network intrusion prevention software. Wireshark is a packet capture tool and Security information and event management (SIEM) provides real-time analysis of alerts and log entries generated by network appliances such as IDSs and firewalls.

                  Hint

                  A network design that uses distributed firewalls centrally manages security rules and pushes those rules to the Linux and Windows host machines. Windows-based hosts use the Windows Firewall, whereas the Linux-based hosts use a firewall application such as iptables or nftables. Snort is an open source network intrusion prevention software. Wireshark is a packet capture tool and Security information and event management (SIEM) provides real-time analysis of alerts and log entries generated by network appliances such as IDSs and firewalls.

                • Question 31 of 39
                  31. Question
                  1 points
                  Use the following scenario to answer the questions. An entrepreneur is starting a small business and is considering the server services needed for the startup company. The company handling the IT service is presenting options to the company.
                  Which protocol should be recommended to the company to monitor and manage network performance?
                  Correct

                  Incorrect

                  The Simple Network Management Protocol (SNMP) is an application layer protocol used to monitor and manage the network. Network devices have SNMP agents that communicate with the SNMP manager where the SNMP management software runs.

                  Hint

                  The Simple Network Management Protocol (SNMP) is an application layer protocol used to monitor and manage the network. Network devices have SNMP agents that communicate with the SNMP manager where the SNMP management software runs.

                • Question 32 of 39
                  32. Question
                  2 points
                  Use the following scenario to answer the questions. An entrepreneur is starting a small business and is considering the server services needed for the startup company. The company handling the IT service is presenting options to the company.
                  The IT company is recommending the use of PKI applications. In which two instances might the entrepreneur make use of PKIs? (Choose two.)
                  Correct

                  Incorrect

                  The Public Key Infrastructure (PKI) is a third party-system referred to as a certificate authority or CA. The PKI is the framework used to securely exchange information between parties. Common PKI applications are as follows:SSL/TLS certificate-based peer authentication
                  IPsec VPNs
                  HTTPS web traffic
                  network access control using 802.1x authentication
                  secure email using S/MIME
                  secure instant messaging
                  approve and authorize applications with Code signing
                  protect data with EFS
                  use two-factor authentication
                  secure USB storage devices

                  Hint

                  The Public Key Infrastructure (PKI) is a third party-system referred to as a certificate authority or CA. The PKI is the framework used to securely exchange information between parties. Common PKI applications are as follows:SSL/TLS certificate-based peer authentication
                  IPsec VPNs
                  HTTPS web traffic
                  network access control using 802.1x authentication
                  secure email using S/MIME
                  secure instant messaging
                  approve and authorize applications with Code signing
                  protect data with EFS
                  use two-factor authentication
                  secure USB storage devices

                • Question 33 of 39
                  33. Question
                  1 points
                  Use the following scenario to answer the questions. An entrepreneur is starting a small business and is considering the server services needed for the startup company. The company handling the IT service is presenting options to the company.
                  The entrepreneur is concerned about company employees having uninterrupted access to important resources and data. Which of the CIA triad components would address the concern?
                  Correct

                  Incorrect

                  Communications security is usually discussed using the CIA triad: confidentiality, integrity, and availability. Confidentiality ensures that only authorized individuals, devices, entities, or processes can access sensitive information. Integrity protects data from unauthorized alteration. Availability provides uninterrupted access for authorized users to important resources and data.

                  Hint

                  Communications security is usually discussed using the CIA triad: confidentiality, integrity, and availability. Confidentiality ensures that only authorized individuals, devices, entities, or processes can access sensitive information. Integrity protects data from unauthorized alteration. Availability provides uninterrupted access for authorized users to important resources and data.

                • Question 34 of 39
                  34. Question
                  2 points
                  Use the following scenario to answer the questions. An entrepreneur is starting a small business and is considering the server services needed for the startup company. The company handling the IT service is presenting options to the company.
                  The IT company is recommending the use of PKI applications. In which two instances might the entrepreneur make use of PKIs? (Choose two.)
                  Correct

                  Incorrect

                  The Public Key Infrastructure (PKI) is a third party-system referred to as a certificate authority or CA. The PKI is the framework used to securely exchange information between parties. Common PKI applications are as follows:SSL/TLS certificate-based peer authentication
                  IPsec VPNs
                  HTTPS web traffic
                  network access control using 802.1x authentication
                  secure email using S/MIME
                  secure instant messaging
                  approve and authorize applications with Code signing
                  protect data with EFS
                  use two-factor authentication
                  secure USB storage devices

                  Hint

                  The Public Key Infrastructure (PKI) is a third party-system referred to as a certificate authority or CA. The PKI is the framework used to securely exchange information between parties. Common PKI applications are as follows:SSL/TLS certificate-based peer authentication
                  IPsec VPNs
                  HTTPS web traffic
                  network access control using 802.1x authentication
                  secure email using S/MIME
                  secure instant messaging
                  approve and authorize applications with Code signing
                  protect data with EFS
                  use two-factor authentication
                  secure USB storage devices

                • Question 35 of 39
                  35. Question
                  1 points
                  Use the following scenario to answer the questions. An entrepreneur is starting a small business and is considering the server services needed for the startup company. The company handling the IT service is presenting options to the company.
                  The entrepreneur is concerned about company employees having uninterrupted access to important resources and data. Which of the CIA triad components would address the concern?
                  Correct

                  Incorrect

                  Communications security is usually discussed using the CIA triad: confidentiality, integrity, and availability. Confidentiality ensures that only authorized individuals, devices, entities, or processes can access sensitive information. Integrity protects data from unauthorized alteration. Availability provides uninterrupted access for authorized users to important resources and data.

                  Hint

                  Communications security is usually discussed using the CIA triad: confidentiality, integrity, and availability. Confidentiality ensures that only authorized individuals, devices, entities, or processes can access sensitive information. Integrity protects data from unauthorized alteration. Availability provides uninterrupted access for authorized users to important resources and data.

                • Question 36 of 39
                  36. Question
                  1 points
                  Use the following scenario to answer the questions. An entrepreneur is starting a small business and is considering the server services needed for the startup company. The company handling the IT service is presenting options to the company.
                  The entrepreneur is concerned about company employees having uninterrupted access to important resources and data. Which of the CIA triad components would address the concern?
                  Correct

                  Incorrect

                  Communications security is usually discussed using the CIA triad: confidentiality, integrity, and availability. Confidentiality ensures that only authorized individuals, devices, entities, or processes can access sensitive information. Integrity protects data from unauthorized alteration. Availability provides uninterrupted access for authorized users to important resources and data.

                  Hint

                  Communications security is usually discussed using the CIA triad: confidentiality, integrity, and availability. Confidentiality ensures that only authorized individuals, devices, entities, or processes can access sensitive information. Integrity protects data from unauthorized alteration. Availability provides uninterrupted access for authorized users to important resources and data.

                • Question 37 of 39
                  37. Question
                  2 points
                  Use the following scenario to answer the questions. An entrepreneur is starting a small business and is considering the server services needed for the startup company. The company handling the IT service is presenting options to the company.
                  The IT company is recommending the use of PKI applications. In which two instances might the entrepreneur make use of PKIs? (Choose two.)
                  Correct

                  Incorrect

                  The Public Key Infrastructure (PKI) is a third party-system referred to as a certificate authority or CA. The PKI is the framework used to securely exchange information between parties. Common PKI applications are as follows:SSL/TLS certificate-based peer authentication
                  IPsec VPNs
                  HTTPS web traffic
                  network access control using 802.1x authentication
                  secure email using S/MIME
                  secure instant messaging
                  approve and authorize applications with Code signing
                  protect data with EFS
                  use two-factor authentication
                  secure USB storage devices

                  Hint

                  The Public Key Infrastructure (PKI) is a third party-system referred to as a certificate authority or CA. The PKI is the framework used to securely exchange information between parties. Common PKI applications are as follows:SSL/TLS certificate-based peer authentication
                  IPsec VPNs
                  HTTPS web traffic
                  network access control using 802.1x authentication
                  secure email using S/MIME
                  secure instant messaging
                  approve and authorize applications with Code signing
                  protect data with EFS
                  use two-factor authentication
                  secure USB storage devices

                • Question 38 of 39
                  38. Question
                  2 points
                  Use the following scenario to answer the questions. An entrepreneur is starting a small business and is considering the server services needed for the startup company. The company handling the IT service is presenting options to the company.
                  The IT company is recommending the use of PKI applications. In which two instances might the entrepreneur make use of PKIs? (Choose two.)
                  Correct

                  Incorrect

                  The Public Key Infrastructure (PKI) is a third party-system referred to as a certificate authority or CA. The PKI is the framework used to securely exchange information between parties. Common PKI applications are as follows:SSL/TLS certificate-based peer authentication
                  IPsec VPNs
                  HTTPS web traffic
                  network access control using 802.1x authentication
                  secure email using S/MIME
                  secure instant messaging
                  approve and authorize applications with Code signing
                  protect data with EFS
                  use two-factor authentication
                  secure USB storage devices

                  Hint

                  The Public Key Infrastructure (PKI) is a third party-system referred to as a certificate authority or CA. The PKI is the framework used to securely exchange information between parties. Common PKI applications are as follows:SSL/TLS certificate-based peer authentication
                  IPsec VPNs
                  HTTPS web traffic
                  network access control using 802.1x authentication
                  secure email using S/MIME
                  secure instant messaging
                  approve and authorize applications with Code signing
                  protect data with EFS
                  use two-factor authentication
                  secure USB storage devices

                • Question 39 of 39
                  39. Question
                  1 points
                  Use the following scenario to answer the questions. An entrepreneur is starting a small business and is considering the server services needed for the startup company. The company handling the IT service is presenting options to the company.
                  The entrepreneur is concerned about company employees having uninterrupted access to important resources and data. Which of the CIA triad components would address the concern?
                  Correct

                  Incorrect

                  Communications security is usually discussed using the CIA triad: confidentiality, integrity, and availability. Confidentiality ensures that only authorized individuals, devices, entities, or processes can access sensitive information. Integrity protects data from unauthorized alteration. Availability provides uninterrupted access for authorized users to important resources and data.

                  Hint

                  Communications security is usually discussed using the CIA triad: confidentiality, integrity, and availability. Confidentiality ensures that only authorized individuals, devices, entities, or processes can access sensitive information. Integrity protects data from unauthorized alteration. Availability provides uninterrupted access for authorized users to important resources and data.

                • CCNA1 v7
                • CCNA2 v7
                • CCNA3 v7
                System Test Exam Answers
                Modules 1 – 3 Exam Answers
                Modules 4 – 7 Exam Answers
                Modules 8 – 10 Exam Answers
                Modules 11 – 13 Exam Answers
                Modules 14 – 15 Exam Answers
                Modules 16 – 17 Exam Answers
                Practice Final – ITN Answers
                Course Feedback
                ITN Practice PT Skills Assessment (PTSA)
                Final Exam Answers
                Modules 1 – 4 Exam Answers
                Modules 5 – 6 Exam Answers
                Modules 7 – 9 Exam Answers
                Modules 10 – 13 Exam Answers
                Modules 14 – 16 Exam Answers
                ITN Practice Skills Assessment – PT Answers
                SRWE Practice Skills Assessment – PT Part 1 Answers
                SRWE Practice Skills Assessment – PT Part 2 Answers
                SRWE Hands On Skills Exam Answers
                SRWE Practice Final Exam Answers
                SRWE Final Exam Answers 
                Modules 1 – 2 Exam Answers
                Modules 3 – 5 Exam Answers
                Modules 6 – 8 Exam Answers
                Modules 9 – 12 Exam Answers
                Modules 13 – 14 Exam Answers
                ITN Practice PT Skills Assessment (PTSA) Answers
                SRWE Practice PT Skills Assessment (PTSA) – Part 1 Answers
                SRWE Practice PT Skills Assessment (PTSA) – Part 2 Answers
                ENSA Practice PT Skills Assessment (PTSA) Answers
                ENSA Hands On Skills Exam Answers
                Practice Final – ENSA Answers
                ENSA Final Exam Answers
                CCNA Certification Practice Exam Answers

                Copyright © 2023 PressExam.