Hide Notes 

Slide 1: 646-561 Advanced Security for Account Managers Exam Exam: 646-561 Demo Edition © 2005- 2006 Test Killer, LTD All Rights Reserved 1 http://www.testkiller.com http://www.troytec.com
Slide 2: 646-561 Question: 1 Company.com wants to ensure business continuity by allowing legitimate transactions to thewebsite while redirecting illegitimate transactions. Which Cisco SDN solution offering wouldsatisfy this requirement? A. Cisco NAC framework B. Cisco Secure ACS C. Cisco Guard DDoS Mitigation Appliances D. Cisco Security MARS Answer: C Question: 2 Which statement best describes the Cisco SDN strategy? A. The SDN strategy is to protect standalone products at the physical perimeter of a network, where the LAN meets the WAN and corporate networks connect to the Internet. B. The SDN strategy is to protect business processes and the network of an organization byidentifying, preventing, and adapting to security threats and by including integrated,collaborative, and adaptive security elements throughout the network. C. The SDN enables network elements to communicate with one another in a collaborative manner, for example, an IDS instructing an ACL to deny access to a connection. D. The SDN is the most widely deployed network-admissions-control strategy, supporting organizations of all sizes as well as multiple access methods, including wireless, remote,LAN, WAN, and guest access. Answer: B Question: 3 A hacker initiates an attack that floods the network, overwhelming the company server, router,firewall, or network. Legitimate traffic cannot be processed, and the company cannot function.This causes which security pain point? A. DDoS attack B. application security C. theft of information D. Day Zero attack Answer: A Question: 4 A Cisco Outbreak Prevention Solution provides customers with many benefits. Within this solution, which type of Cisco network security offering acts as the first line of defense to proactively isolate infections by preventing worms or viruses from infiltrating endpoints? A. NIPS 3 http://www.testkiller.com http://www.troytec.com
Slide 3: 646-561 B. HIPS C. Cisco IOS infrastructure security D. Cisco antivirus software Answer: B Question: 5 In which two ways does a Cisco solution directly reduce the cost of operation? (Choose two.) A. by minimizing the number of vendors that supply security B. by reducing overall management complexity C. by improving competitive advantage D. by avoiding information theft E. by addressing security pain points Answer: A, B Question: 6 Which government regulation specifies which patient information must be kept private, how companies must secure the information, and the standards for electronic communication between medical providers and insurance companies? A. Basel II B. GLB Act C. HIPAA D. USA PATRIOT Act Answer: C Question: 7 Which two Cisco security technologies can help organizations that have difficulty enforcing compliance to security policies that govern desktop antivirus software? (Choose two.) A. Cisco ASA 5500 Series Adaptive Security Appliances B. Cisco Integrated Services Routers C. Cisco PIX Firewall 500 Series D. Cisco Security Agent E. NAC Appliance (Cisco Clean Access) F. Firewall Services Module Answer: D, E Question: 8 Which government regulation affects companies in Australia and New Zealand that wish to comply with the first universal risk-management standard? A. Basel II B. AS/NZS 4360 C. GLB Act 4 http://www.testkiller.com http://www.troytec.com
Slide 4: 646-561 D. BS 7799/ISO 17799 Answer: B Question: 9 Which Cisco Security Solution helps organizations to effectively avoid disruptions that are caused by worms or viruses, while also helping to control the costs of deploying and maintaining a secure network? A. Cisco Works VPN/Security Management Solution B. Cisco Security Monitoring, Analysis and Response System C. Theft of Information Solution D. Outbreak Prevention Solution Answer: D Question: 10 When determining business pain points at the operations level of an organization, an account manager should focus on which two critical success factors? (Choose two.) A. streamlining processes B. implementing the new technology vision C. decreasing TCO D. aligning network and security goals Answer: B, D Question: 11 Which security management offering helps customers to readily and accurately identify, manage, and mitigate network attacks and to maintain network security compliance? A. Cisco Works VPN/Security Management Solution B. Cisco Network Assistant C. Cisco NAC D. Cisco Security MARS Answer: D Question: 12 Which statement accurately describes the difference between a quantitative and a qualitative risk analysis? A. Quantitative risk analysis attempts to determine numeric values for risk that is based on a number of factors, such as impact, duration, and asset value. A qualitative approach assigns a subjective rating to each risk that typically is based on past experience or consultant opinion. B. Qualitative risk analysis attempts to determine numeric values for risk that is based on a number of factors, such as impact, duration, and asset value. A quantitative approach assigns a subjective rating to each risk that typically is based on past experience or consultant opinion. http://www.testkiller.com http://www.troytec.com 5
Slide 5: 646-561 C. Both quantitative and qualitative risk analyses determine numeric values for risk. However, a quantitative risk analysis focuses on objective information, whereas a qualitative approach focuses on subjective information. D. Both quantitative and qualitative risk analyses determine numeric values for risk. However, a quantitative risk analysis focuses on subjective information, whereas a qualitative approach focuses on objective information. Answer: A Question: 13 Which two factors should be considered when calculating the cost of downtime? (Choose two.) A. number of compromised servers B. server downtime (in hours) C. time (in hours) to rebuild servers D. average revenue per hour Answer: B, D Question: 14 Which business enabler provides a defense against damages and losses (such as financial, legal, commercial, image, branding, property, and people), which directly affect the ability of a company to do business? A. government regulations B. protection C. ubiquitous access D. contribution to profitability Answer: B Question: 15 How do you calculate risk quantitatively for SLE? A. single loss expectancy divided by the annualized rate of occurrence B. exposure factor multiplied by the asset value C. cost of recovery multiplied by the number of compromised servers D. average revenue per hour divided by the hourly server downtime Answer: B Question: 16 The Cisco SDN is a strategy to protect the business processes and the network of an organization by identifying, preventing, and adapting to security threats. What are three principal characteristics of the SDN? (Choose three.) A. application security B. adaptation C. intelligence 6 http://www.testkiller.com http://www.troytec.com
Slide 6: 646-561 D. collaboration E. protection F. integration Answer: B, D, F Question: 17 Which two threat-defense features allow a network to correlate events, mitigate events, and audit policies? (Choose two.) A. proactive threat response B. control of data transmission C. application security D. network containment and control E. Anti-X defenses Answer: A, D Question: 18 Network containment and control provides the ability to layer sophisticated auditing, control, and correlation capabilities to protect any networked element across any firewall, VPN, intrusion detection mechanism, or other technology. How does this enable proactive response to threats? A. It distributes mitigation points throughout key security-enforcement points in the network. B. It examines message-level information to ascertain the ntent?of the applications. C. It provides controls that limit the transmission of confidential data or policies. D. It aggregates and correlates security information. Answer: D Question: 19 Which three technologies allow the Cisco SDN to adapt to new threats as they arise? (Choose three.) A. antivirus B. application awareness C. behavior recognition D. fire walling E. network control F. VPN Answer: B, C, E Question: 20 How do Cisco Security Solutions reduce TCO? A. by proactively responding to threats through event correlation, mitigation, and policy auditing http://www.testkiller.com http://www.troytec.com 7
Slide 7: 646-561 B. by providing application security, Anti-X defense, and containment and control in one device C. by protecting and controlling web-based applications and services D. by integrating firewall and VPN capabilities within routers Answer: D 8 http://www.testkiller.com http://www.troytec.com