CBROPS Misc3 Updated Exam
Questions And Answers
False - ANS NAT can make it fairly trivial to perform security monitoring and analyzing logs,
NetFlow, and other data in the network.
Response:
True
False
decision making - ANS Which principle is being followed when an analyst gathers
information relevant to a security incident to determine the appropriate course of action?
Response:
rapid response
due diligence
decision making
data mining
Heuristic-based algorithms may require fine-tuning to adapt to network traffic and minimize the
possibility of false positives. - ANS Which of the following is true about heuristic-based
algorithms?
Response:
Heuristic-based algorithms may require fine-tuning to adapt to network traffic and minimize the
possibility of false positives.
Heuristic-based algorithms support advanced malware protection.
Heuristic-based algorithms provide capabilities for the automation of IPS signature creation and
tuning.
Heuristic-based algorithms do not require fine-tuning.
, All of these answers are correct. - ANS During the investigation and resolution of a security
incident, you may also need to communicate with outside parties regarding the incident. Which
of the following are examples of those external entities?
Response:
Coordination centers
All of these answers are correct.
The vendor of your hardware and software products
Law enforcement
Internet service providers (ISPs)
Administrative controls - ANS Following are some of the access controls that an
organization has deployed:
- Policies and procedures
- Security awareness training
- Asset classification and control
- Employment policies and practices
What type of access controls are these?
Response:
Administrative controls
Compensating controls
Guideline controls
Technical controls
True - ANS IKEv2 is more efficient than IKEv1.
Response:
False
True
DES, AES - ANS Which of the following are symmetric encryption ciphers?
Response:
MD5, DES
DES, AES
RSA, AES
AES, MD5
Attack - ANS Which of the following is not a component of the diamond model of intrusion?
Questions And Answers
False - ANS NAT can make it fairly trivial to perform security monitoring and analyzing logs,
NetFlow, and other data in the network.
Response:
True
False
decision making - ANS Which principle is being followed when an analyst gathers
information relevant to a security incident to determine the appropriate course of action?
Response:
rapid response
due diligence
decision making
data mining
Heuristic-based algorithms may require fine-tuning to adapt to network traffic and minimize the
possibility of false positives. - ANS Which of the following is true about heuristic-based
algorithms?
Response:
Heuristic-based algorithms may require fine-tuning to adapt to network traffic and minimize the
possibility of false positives.
Heuristic-based algorithms support advanced malware protection.
Heuristic-based algorithms provide capabilities for the automation of IPS signature creation and
tuning.
Heuristic-based algorithms do not require fine-tuning.
, All of these answers are correct. - ANS During the investigation and resolution of a security
incident, you may also need to communicate with outside parties regarding the incident. Which
of the following are examples of those external entities?
Response:
Coordination centers
All of these answers are correct.
The vendor of your hardware and software products
Law enforcement
Internet service providers (ISPs)
Administrative controls - ANS Following are some of the access controls that an
organization has deployed:
- Policies and procedures
- Security awareness training
- Asset classification and control
- Employment policies and practices
What type of access controls are these?
Response:
Administrative controls
Compensating controls
Guideline controls
Technical controls
True - ANS IKEv2 is more efficient than IKEv1.
Response:
False
True
DES, AES - ANS Which of the following are symmetric encryption ciphers?
Response:
MD5, DES
DES, AES
RSA, AES
AES, MD5
Attack - ANS Which of the following is not a component of the diamond model of intrusion?
