1. How does BYOD change the way in which businesses implement networks?​

  • A. BYOD requires organizations to purchase laptops rather than desktops.
  • B. BYOD devices are more expensive than devices that are purchased by an organization.
  • C. BYOD provides flexibility in where and how users can access network resources.
  • D. BYOD users are responsible for their own network security, thus reducing the need for organizational security policies.

In a SOC, the job of a Tier 1 Alert Analyst includes monitoring incoming alerts and verifying that a true security incident has occurred.

2. Which device is usually the first line of defense in a layered defense-in-depth approach?

  • A. Edge router
  • B. Internal router
  • C. Access layer switch
  • D. Firewall

The edge router connects an organization to a service provider. The edge router has a set of rules that specify which traffic is allowed or denied.

3. With the evolution of borderless networks, which vegetable is now used to describe a defense-in- depth approach?

  • A. Onion
  • B. Artichoke
  • C. Cabbage
  • D. Lettuce

The artichoke is now used to provide a visual analogy to describe a defense-in- depth security approach. The onion used to be descriptive because the attacker would "peel away" each layer of the network defense mechanisms. Now the artichoke is used because a single petal or leaf can be moved or removed to reveal sensitive information.

4. Which type of business policy establishes the rules of conduct and the responsibilities of employees and employers?

  • A. Data
  • B. Employee
  • C. Company
  • D. Security

Business policies set a baseline of acceptable use. Company policies establish the rules and conduct and the responsibilities of both employees and the employer. Company policies protect the rights of the workers as well as the business interests of the company.

5. An administrator is concerned with restricting which network applications and uses are acceptable to the organization. What security policy component does the administrator use to address these concerns?

  • A. Network maintenance policy
  • B. Incident handling procedures policy
  • C. Remote access policy
  • D. Acceptable use policy

The acceptable use policy (AUP) identifies which network applications and uses are acceptable to an organization.

6. What component of a security policy explicitly defines the type of traffic allowed on a network and what users are allowed and not allowed to do?

  • A. Acceptable use policies
  • B. Password policies
  • C. Remote access policies
  • D. Identification and authentication policies

Security policies specify requirements and provide a baseline for organizations. Security policies may include the following: o Identification and authentication policies that specify authorized individuals that have access to network resources and verification procedures o Password policies that ensure minimum requirements are met and authentication methods are being enforced and updated o Remote access policies that identify how remote users can access a network and to what they are allowed to connect o Acceptable use policies that identify network applications and network usage that are allowed within the organization

7. What device would be used as the third line of defense in a defense-in-depth approach?

  • A. Internal router
  • B. Firewall
  • C. Edge router
  • D. Host

In a defense-in-depth approach, the edge router would form the first line of defense. The firewall would be the second line of defense followed by the internal router making up the third line of defense.

8. Refer to the exhibit. The security policy of an organization allows employees to connect to the office intranet from their homes. Which type of security policy is this?

  • A. Acceptable use
  • B. Incident handling
  • C. Remote access
  • D. Network maintenance

The remote access policy section of a corporate security policy identifies how remote users can access a network and what is accessible via remote connectivity.

9. What is a characteristic of a layered defense-in-depth security approach?

  • A. The layers define a set of security objectives for a company and define the rules of behavior for users and administrators.
  • B. The different layers work in isolation to create a security architecture.
  • C. The layers set a baseline of acceptable use of the network.
  • D. The failure of one safeguard does not affect the effectiveness of the other safeguards.

In the layered defense-in-depth security approach, the different layers work together to create a security architecture in which the failure of one safeguard does not affect the effectiveness of the other safeguards.

10. Which is a BYOD security best practice?

  • A. Use one global complex password for all BYOD devices
  • B. Subscribe to a device locator service with remote wipe feature
  • C. Disable use of MDM software on any of the BYOD devices
  • D. Have all users install an antivirus program of their choice on the BYOD device

One of the best practices for BYOD devices is subscribing to a device locator service with remote wipe feature in the event the device is lost or stolen.

11. What do security compliance regulations define?

  • A. What organizations are responsible for providing and the liability for failure to comply
  • B. Which websites users cannot access
  • C. Which defense-in-depth mechanisms to adopt
  • D. Which security appliances can be used

Compliance regulations define what organizations are responsible for providing and the liability failure to comply. The compliance regulations that an organization is obligated to follow will differ from one organization to the next because the regulations depend on the type of organization and the data that the organization handles.

12. What device would be used as a second line of defense in a defense-in-depth approach?

  • A. Edge router
  • B. Switch
  • C. Internal router
  • D. Firewall

In a defense-in-depth approach, the edge router would form the first line of defense. The firewall would be the second line of defense followed by the internal router making up the third line of defense.

13. Which two areas must an IT security person understand in order to identify vulnerabilities on a network? (Choose two.)

  • A. Important applications used
  • B. Number of systems on each network
  • C. Data analysis trends
  • D. Hardware used by applications
  • E. Network baseline data

In order to identify security vulnerabilities, a cybersecurity expert must understand the applications being used and their associated vulnerabilities, as well as the hardware used.