Details of this Paper

Network Security




1. (TCO 1) The agents used in a distributed denial of service;attack are called _____. (Points: 6) zombies;vampires;werewolves;Smurfs;Question 2. 2. (TCO 1) How would you describe IP spoofing? (Points: 6) Altering the source IP address in packets;Sending large amounts of ICMP packets to a broadcast address;Altering IP routing tables;Packet sniffing;Question 3. 3. (TCO 2) Which of the following configuration register settings will cause the router to bypass the stored configuration settings in NVRAM (used for password recovery)? (Points: 6) 0x2100;0x2102;0x2101;0x2142;Question 4. 4. (TCO 2) After you enter the enable password or the enable secret password, the > symbol changes to a(n) _____ symbol to indicate you are in privileged EXEC mode. (Points: 6);$;#;Question 5. 5. (TCO 3) Which measure is a best practice for mitigating VLAN hopping attacks? (Points: 6) Place all unused ports in a separate guest VLAN.;Disable trunk negotiation on all ports connecting to workstations.;Enable DTP on all trunk ports.;Ensure that the native VLAN is used for management traffic.;Question 6. 6. (TCO 3) Which switch security feature will cause a port to shut down when it receives BPDU frames? (Points: 6) BPDU guard;Root guard;Port-security;STP guard;Question 7. 7. (TCO 4);access-list 101 permit tcp any eq telnet;access-list 101 permit tcp any eq www time-range MWF;access-list 101 deny tcp any eq ftp time-range ABS;time-range MWF;periodic Monday Wednesday Friday 8:00 to 17:00;Note the spaces between days and the word to between start and end times;time-range ABS;absolute start 00:00 20 September 2014 end 01:00 20 September 2014;Given the configuration shown above, users in the network will be _____. (Points: 6) denied web access 3 days each week;permitted web access for 1 hour on September 20, 2014;permitted web access 3 days each week;denied web access for 1 hour on September 20, 2014;Question 8. 8. (TCO 4) Which type of access list entry is dynamic, becomes active only when a Telnet session is authenticated, and can be used for inbound or outbound traffic? (Points: 6) Established;Lock and key (dynamic);Reflexive;CBAC;Question 9. 9. (TCO 5) Which of the following is not considered a component of AAA? (Points: 6) Authentication;Authorization;Accounting;Administration;Question 10. 10. (TCO 5) Which AAA server protocol is best suited to produce detailed accounting reports of network activity? (Points: 6) CSACS;RADIUS;OpenACS;TACACS+;Question 11. 11. (TCO 6) IPSec VPNs use ACLs to specify VPN tunnel traffic. Any traffic not permitted in the ACL will be _____. (Points: 6) dropped before it exits the VPN outbound interface;passed through the VPN outbound interface with no IPSec protection;encrypted and sent out through the VPN outbound interface, because the ACL specifies traffic to be restricted;sent back to the sender with a message indicating invalid IPSec format;Question 12. 12. (TCO 6) Which of the following Cisco IOS firewall router commands correctly configures authentication and encryption for an IPSec transform set? (Points: 6) crypto ipsec transform-set ah-hmac-md5 esp-des;crypto ipsec transform-set ah-md5 esp-3des;crypto ipsec transform-set esp-sha-hmac esp-3des;crypto ipsec transform-set ah-md5 esp-des-hmac;Question 13. 13. (TCO 7) The type of intrusion prevention technology that is used by Cisco IOS firewall routers and security appliances is _____. (Points: 6) rule based;signature based;profile based;anomaly based;Question 14. 14. (TCO 7) Cisco routers implementing IPS can save IPS events in a syslog server by executing which command? (Points: 6) ip ips log {IP Address};ip ips notify syslog;ip ips notify log;ip ips notify sdee


Paper#69932 | Written in 18-Jul-2015

Price : $22