Appendix A.

Answers to Chapter
Review Questions
Chapter 1
1. a, b, and e
2. a, d, and e
3. a. Preventative = f. Lock
b. Deterrent = e. Video surveillance
c. Detective = d. Motion sensor
4. a. White hat = p. Breaks security for nonmalicious
reasons
b. Black hat = k. Unethical hacker
c. Gray hat = m. Ethically questionable hacker
d. Blue hat = i. Bug tester
e. Cracker = o. Synonymous with black hat hacker
f. Phreaker = l. Hacker of telecommunication systems
g. Script kiddy = j. Hacker with little skill
h. Hacktivist = n. Hacker with a political agenda
5. a. Escalate privilege = Step 4
b. Leverage the compromised system = Step 7
c. Perform footprint analysis = Step 1
d. Install back doors = Step 6
e. Enumerate applications and operating systems = Step 2
f. Gather additional passwords and secrets = Step 5
g. Manipulate users to gain access = Step 3
6. d, e, and g
7. a. Confidential = 4
b. Private = 3
c. Public = 1
d. Sensitive = 2
8. d
9. a. Owner = f. Ultimately responsible for the data
b. Custodian = e. Responsible on a day-to-day basis for the
classified data
c. User = d. Responsible for using the data
10. b
11. b
12. a. Searching a network host and open ports = j. Port
scanning

b. Capturing electrical transmission = g. Emanation

capturing
c. Hiding information within a transmission = h. Covert
channel
d. Intercepting traffic that passes over a physical network
= e. Packet sniffing
13. a. Operations and maintenance = Step 4
b. Initiation = Step 1
c. Disposition = Step 5
d. Acquisition and development = Step 2
e. Implementation = Step 3
14. b
Chapter 2
1. a. Context-aware enforcement = 4
b. Cisco TrustSec = 1
c. Cisco SIO = 2
d. Cisco AnyConnect = 3
2. a
3. b and d
4. c
5. b and e
Chapter 3
1. a
2. c
3. a and d
4. c and e
5. a. Management = f. Packets used to manage the
network
b. Data = d. User-generated packets
c. Control = e. Packets used for the creation and operation
of the network itself
6. d and f
7. b
8. a. Communities = g. Groups of devices that share
common components
b. Templates = e. Parameterized configuration files
c. Profiles = f. GUI views that allow role-based access
control over Cisco Configuration
Professional menus and options

d. Wizards = h. GUI tools to hide the complexity of

commands
9. a
10. c
Chapter 4
1. c
2. a and d
3. d
4. a
5. c
6. d
7. a
8. b
9. c
10. b
Chapter 5
1. d
2. b, c, and d
3. a and c
4. b
5. c
6. a. = Step 3
b. = Step 4
c. = Step 1
d. = Step 2
7. c
8. a
9. b
10. b
Chapter 6
1. c
2. a and c
3. a
4. c
5. e
6. b
7. d
8. a and c
9. d

10. c
Chapter 7
1. c
2. b
3. a and d
4. c
5. c
Chapter 8
1. a
2. b and c
3. d
4. d
5. d
6. a, b, and c
7. c
8. b, c, and d
9. a
10. a, b, and c
Chapter 9
1. a and c
2. c
3. a. Packet-filtering firewalls = 1 Work primarily at the
network level of the OSI model
b. Application layer gateways = 4 Were the first application
layer firewalls
c. Stateful packet filters = 2 Are the most common firewalls
d. Application inspection firewalls = 3 Monitor sessions to
determine the port numbers for
secondary channels
4. c and d
5. b
6. a. Static NAT = 3 Translation is one-to-one
b. Dynamic NAT = 2 Translation is many-to-many
c. Dynamic PAT = 4 Translation is many-to-one
d. Policy NAT = 1 Translation depends on both source and
destination
7. a. Service control = 4 Allow HTTP, allow HTTPS, deny
everything else

b. Direction control = 1 Allow HTTP outbound, but not

inbound
c. User control = 2 Allow campus VLANs HTTP access, deny
it for wireless VLANs
d. Behavior control = 3 Open negotiated FTP ports after
learning them during connection
setup
Chapter 10
1. b
2. b
3. d
4. c
5. a and d
6. b
7. b
8. b
9. d
10. b
11. d
12. a
13. c
14. a
15. b
Chapter 11
1. b and d
2. b
3. a and d
4. c
5. a, b, and d
6. a. Signature-based IPS = 3. Can produce false positives
because certain normal network
activity can be misinterpreted as malicious activity
b. Policy-based IPS = 4. Similar to implementing a
restrictive firewall policy
c. Reputation-based IPS = 2. Typically implemented in the
form of white lists or black lists
d. Anomaly-based IPS = 1. Normal behavior typically
defined based on traffic patterns,
traffic and protocol mix, traffic volumes, and other criteria

7. d
8. c
9. b
10. a
11. a and d
12. a
13. a
14. c
15. a
Chapter 12
1. a, d, and e
2. b
3. a, c, and d
4. b
5. c
6. d
7. a and e
8. b
9. d
10. b
11. a and c
12. d
13. d
14. a
15. b
16. c
17. a
18. d
19. c
20. c
21. c
22. d and e
Chapter 13
1. b
2. a, b, and c
3. a, d, and e
4. a. Group 5 = g. 4096
b. Group 2 = h. 163
c. Group 7 = i. 1024

d. Group 1 = j. 1536
e. Group 16 = k. 256
f. Group 19= l. 768
5. b
6. a. ESP = 4. Confidentiality
b. IKE = 3. Negotiation
c. EDCH = 1. Key Exchange
d. EDCSA = 2. Authentication
7. b
8. b
9. b
10. a, e, and f
Chapter 14
1. d
2. c
3. d
4. d
5. b
6. a
7. b
8. c
Chapter 15
1. a and c
2. b
3. c
4. d
5. b
6. c
7. a. Confidentiality = 1, 4, 7
b. Integrity = 3, 5
c. Authentication = 2
d. Key management = 6, 8