- Home
- Networking
- CCNA Security
1.
Which one of the following is not an OPSEC best practice?
- A.Trusted recovery
- B.Principle of least privilege
- C.Threat containment
- D.Rotation of duties
- Answer & Explanation
- Report
Answer : [C]
Explanation :
Explanation :
| Threat containment is not one of the OPSEC best practices. It is a principle of the Cisco Self - Defending Network. |
2.
When performing a risk analysis, which of the following is the formula for determining the
annual loss expectancy (ALE)?
- A.SLE * ARO
- B.ARO * AV
- C.ALE * EF
- D.EF * SRO
- Answer & Explanation
- Report
Answer : [A]
Explanation :
Explanation :
| The annual loss expectancy is computed by multiplying the single loss expectancy (SLE) by the annual rate of occurrence (ARO). |
3.
Transferring credit card processing from your data center to a third - party processor is an
example of what?
- A.Risk management
- B.Risk assessment
- C.Risk avoidance
- D.Risk transference
- Answer & Explanation
- Report
Answer : [D]
Explanation :
Explanation :
| Risk transference is transferring risk to another party. |
4.
A computer virus that combines several different technologies is known as what?
- A.Polymorphic threat
- B.Blended threat
- C.Super threat
- D.Sophisticated virus
- E.Worm
- Answer & Explanation
- Report
Answer : [B]
Explanation :
Explanation :
| A blended threat is a virus that combines several different technologies. |
5.
The SDLC process includes a formal risk assessment. Which phase does it belong to?
- A.Initiation
- B.Disposition
- C.Acquisition and development
- D.Implementation
- E.Operations and maintenance
- Answer & Explanation
- Report
Answer : [C]
Explanation :
Explanation :
| A formal risk assessment is performed during the acquisition and development phase. |
|
|
||||||||||||||||||||||||||||
