Do I Know This Already Quiz

The purpose of the "Do I Know This Already?" quiz is to help you determine whether you really need to read the entire chapter from beginning to end or just sections of the chapter. If you intend to read the chapter in its entirety, you do not necessarily need to answer these questions now.

The 10-question quiz, derived from the major sections in the "Foundation Topics" portion of this chapter, helps you determine how to spend your study time.

Table 1-1 outlines the major topics discussed in this chapter and the "Do I Know This Already?" quiz questions that correspond to those topics.

Table 1-1. "Do I Know This Already?" Foundation Topics Section-to-

Question Mapping

Table 1-1. "Do I Know This Already?" Foundation Topics Section-to-

Question Mapping

Foundation Topics Section

Questions Covered in This Section

Defininq Network Security


Balancinq Business Needs with Network Security Requirements


Network Security Policies

57, 9

Network Security as a Process


Network Security as a Legal Issue

The goal of self-assessment is to gauge your mastery of the topics in this chapter. If you do not know the answer to a question or are only partially sure of the answer, you should mark this question wrong for purposes of the self-assessment. Giving yourself credit for an answer you correctly guess skews your self-assessment results and might provide you with a false sense of security.

1. Network security has a direct affect on which of the following environment aspects?

a. Implementation of products and services b. Organizational policies and directives c. Network architecture d. Process to control and monitor resources e. Scheduling of updates, patches, and routine maintenance f. All of the above

2. The definition of a corporate network security policy as it relates to users is most likely which of the following?

a. A technical document that directs different aspects of a user's functions within the corporate environment b. A formal statement or document that specifies a set of rules that all users must follow while utilizing corporate resources c. A detailed action plan indicating what users should do in case of an emergency d. A document detailing the concept of operations as it pertains to the corporate network e. A technical document detailing corporate rules and regulations set forth by human resources

3. Which of the following are not components of a network security policy?

a. Internet access b. E-mail access c. Server and workstation configuration d. VoIP fax and telephone access policy e. Disposure of trash f. All of the above

4. The network infrastructure policy ties together the following components, except for what?

a. Network addressing schema b. Log consolidation and processing c. Problem resolution d. Quality of service e. Management and monitoring f. Naming convention

5. How can cost savings be realized through a standard set of operational policies and procedures?

a. Savings through not having corrupted data b. Savings through not having downtime because of a DoS attack c. Savings through ensuring data integrity d. Savings through increased efficiency e. Savings through not having network "hiccups"

f. All of the above

6. What high-level goals should a network security policy strive to achieve?

a. Define requirements, identify components, detail contacts, and identify consequences b. Define requirements, guide configuration, define responsibilities, identify consequences, and define responses c. Collect requirements, provide guidance, define responsibilities, define standards, and define approach d. All of the above

7. A network security policy needs to follow standard guidelines, except for a. Technical people must support the policy.

b. It must be consistent.

c. It must be technically feasible.

d. It must be implemented throughout the environment.

e. It must define roles and responsibilities.

f. It must be a nontechnical document.

8. The Cisco security wheel is used to depict what aspect of network security?

a. Network monitoring b. The design process c. The network security life cycle d. Goal e. None of the above

9. What is the one biggest advantage of making the network security policy a nontechnical document?

a. It makes writing and updating the document much easier.

b. It simplifies the content for management.

c. It provides a good framework for budget requests.

d. It protects details on specific technologies.

e. It limits use of technical jargon.

f. It provides a framework for enforcement.

10. The protection of personal information maintained on networked computer systems is required by law.

The answers to the "Do I Know This Already?" quiz are found in the appendix. The suggested choices for your next step are as follows:

• 8 or less overall score Read the entire chapter. This includes the "Foundation Topics" and "Foundation Summary" sections and the "Q&A" section.

• 9 or 10 overall score If you want more review on these topics, skip to the "Foundation Summary" section and then go to the "Q&A" section. Otherwise, move on to Chapter 2, "Defining and Detailing Attack Threats."



0 0

Post a comment