978-0789759825 Chapter 13

Unlock access to all the studying documents.

View Full Document

CompTIA Network+ N10-007 Certification Guide

Chapter 13: Network Policies and Best Practices

1) With sensitive data being stored on our networks, a well-crafted ___________ policy is needed.

A) Multifactor

B) Security

C) Resource

D) Deployment

2) Which commonplace policies should be considered for your organization as related to IT operations?

A) Remote access policy

B) Continuing education policy

C) Environmental policy

D) Password policy

E) Incident response policy

3) The “classic” password still plays a pivotal role in most networks. What are some examples of

password strength requirements?

A) Password expiration

B) Time-of-day restriction

C) No previously used passwords allowed

D) Acceptable use of the network

4) Part of an effective password policy defines the allowed/required characters in password creation.

Which of the following choices lists the most common considerations for password character

requirements?

A) Hexadecimal characters, sanitization, integrity

B) Decimal characters, phonetic alphabet, ANSI, four alpha characters

C) Uppercase letters, lowercase letters, numbers, special characters

D) ASCII characters, notational characters, UNICODE characters

5) Which of the following policies has a comprehensive focus on accidental or malicious data losses?

A) AUP

B) DLP

C) PUA

D) BYOD

6) Comprehensive data loss prevention (DLP) focuses on the use of content-level scanning and deep

content inspection (DCI) to identify sensitive data and protect it. Match the three DLP levels to the

targeted DLP activities:

DCI Levels

Target Activities

Client level

Data at rest

Network level

Data in operation

Storage level

Data in transit

7) Which of the following actions should you take when designing a DLP policy for your organization?

A) Periodically review the policy.

B) Present the exit policies for employees.

C) Keep all work areas as clean and organized as possible.

D) Identify the most sensitive data of the organization.

8) __________ access to corporate network resources presents unique challenges for organizations

today. Of primary concern is the fact that the _________ network might lack appropriate security

controls, or may even be currently compromised.

A) Data

B) Remote

C) Partner

D) Acceptable

9) A remote access policy tends to cover every remote access option. What are some common remote

access methods?

A) Dial-up, VPN, web portal access

B) 802.11i, proxy, PPPoA

C) AES, SONET, SAN

D) BYOD, provider SLA, smart cards

10) Certain standards must be met for compliant remote access. Which of the following standards could

be defined in a remote access policy?

A) Gap analysis

B) Baselining

C) Encryption

D) Chargeback

11) Security issues are inevitable for your network. What type of policy includes a comprehensive set of

steps that outline the proper response?

A) Acceptable response

B) Incident response

C) Recovery response

D) Privileged user agreement

12) After an incident occurs, the incident response policy should be used as a guideline for actions

taken. Different steps need to be performed to properly document and correct the incident. Which of

the following are phases from an incident response plan?

A) Prepare

B) Eradicate

C) Challenge

D) Discuss

E) Implement

13) During the _______ phase of an incident response, the focus would be on the precise recognition of

the actual security incident.

A) Prepare

B) Identify

C) Recover

D) Review

14) It is becoming more common in modern networks for users to enroll their personal devices into the

enterprise network. Which policy defines these devices and their acceptable use?

A) BYOD

B) PUA

C) Acceptable use

D) Remote-access

15) Which policy, sometimes referred to as the “fair use policy,” seeks to provide restrictions and overall

guidelines on how the network should be used?

A) PUA

B) On-boarding

C) NDA

D) AUP

16) Safety procedures are important to the safety of employees and company equipment. Which of the

following would be mentioned within a safety procedure policy?

A) Seeking assistance when lifting heavy network objects

B) Identifying the most sensitive data of an organization

C) Multifactor authentication

D) Avoiding electric shock

17) Which best practice agreement outlines IT employee access assignment and responsibilities?

A) NDA

B) Licensing restrictions

C) PUA

D) AUP

18) Another best practice is to have a detailed on-boarding and off-boarding process that defines the

hiring and terminating of employees as it relates to IT and the network. Which are some examples of IT-

related on-boarding steps?

A) Utilization and support

B) Workstation setup

C) ID card and access assignments

D) Detailing system life cycle

E) Time management and other HR software training

19) Many organizations utilize a nondisclosure agreement (NDA). An NDA is a legal contract that outlines

the confidential materials, knowledge, information, confidentiality, and trade secret. Typically, an NDA is

between ________ parties.

A) Mandated

B) Conflicting

C) At least two

D) Interested

20) Which policy provides guidance to network components in regard to conceptual design, utilization

and support, phase-out, and disposal?

A) International export controls

B) Licensing restriction

C) Data loss prevention

D) System life cycle