CCNA Sec V2
Quiz yourself by thinking what should be in
each of the black spaces below before clicking
on it to display the answer.
Help!
|
|
||||
|---|---|---|---|---|---|
| show | probe, penetrate, persist, propagate, and paralyze
🗑
|
||||
| Which two are characteristics of DoS attacks? (Choose | show 🗑
|
||||
| Users report to the helpdesk that icons usually seen on the menu bar are randomly appearing on their computer screens. What could be a reason that computers are displaying these random graphics? | show 🗑
|
||||
| show | buffer overflow*
port redirection*
trust exploitation*
🗑
|
||||
| 5. What occurs during a spoofing attack? | show 🗑
|
||||
| show | A Trojan Horse can be carried in a virus or worm.*
🗑
|
||||
| Which phase of worm mitigation requires compartmentalization and segmentation of the network to slow down or stop the worm and prevent currently infected hosts from targeting and infecting other systems? | show 🗑
|
||||
| Which two statements are characteristics of a virus? (Choose two.) | show 🗑
|
||||
| What is a ping sweep? | show 🗑
|
||||
| show | virus*
🗑
|
||||
| show | reconnaissance*
🗑
|
||||
| What occurs during the persist phase of a worm attack? | show 🗑
|
||||
| show | enabling vulnerability*
payload*
propagation mechanism*
🗑
|
||||
| show | An FTP Trojan Horse is executing.*
🗑
|
||||
| show | determine potential vulnerabilities*
identify active services*
identify operating systems*
🗑
|
||||
| How is a Smurf attack conducted? | show 🗑
|
||||
| Which access attack method involves a software program attempting to discover a system password by using an electronic dictionary? | show 🗑
|
||||
| show | anti-spoofing technologies*
intrusion protection systems*
🗑
|
||||
| Which phase of worm mitigation involves terminating the worm process, removing modified files or system settings that the worm introduced, and patching the vulnerability that the worm used to exploit the system? | show 🗑
|
||||
| Which characteristic best describes the network security Compliance domain as specified by the ISO/IEC? | show 🗑
|
||||
| Which statement describes phone freaking? | show 🗑
|
||||
| Which two statements describe access attacks? (Choose two.) | show 🗑
|
||||
| show | Internal threats can cause even greater damage than external threats.*
🗑
|
||||
| show | The containment phase requires the use of incoming and outgoing ACLs on routers and firewalls.*
The inoculation phase patches uninfected systems with the appropriate vendor patch for the vulnerability.*
The treatment phase disinfe
🗑
|
||||
| show | man in the middle*
🗑
|
||||
| What is considered a valid method of securing the control plane in the Cisco NFP framework? | show 🗑
|
||||
| A port scan is classified as what type of attack? | show 🗑
|
||||
| Which type of software typically uses a network adapter card in promiscuous mode to capture all network packets that are sent across a LAN? | show 🗑
|
||||
| show | to protect against DoS attacks*
to provide bandwidth control*
🗑
|
||||
| show | availability*
confidentiality*
integrity*
🗑
|
||||
| show | security policy*
🗑
|
||||
| show | CERT*
🗑
|
||||
| How would limiting the type and number of input characters on a web page help with network security? | show 🗑
|
||||
| show | Malware is contained in a seemingly legitimate executable program.*
🗑
|
||||
| What causes a buffer overflow? | show 🗑
|
||||
| show | This message is a level five notification message.*
This message indicates that service timestamps have been globally enabled.*
🗑
|
||||
| show | one*
🗑
|
||||
| Routers R1 and R2 are connected via a serial link. One router is configured as the NTP master, and the other is an NTP client. Which two pieces of information can be obtained from the partial output of the show ntp associations detail command on R2? | show 🗑
|
||||
| . What are two characteristics of the SDM Security Audit wizard? (Choose two. ) | show 🗑
|
||||
| show | It requires users to first identify which router interfaces connect to the inside network and which connect to the outside network.*
🗑
|
||||
| If AAA is already enabled, which three CLI steps are required to configure a router with a specific view? (Choose three. ) | show 🗑
|
||||
| show | JR-Admin can issue ping and reload commands.*
🗑
|
||||
| Which recommended security practice prevents attackers from performing password recovery on a Cisco IOS router for the purpose of gaining access to the privileged EXEC mode? | show 🗑
|
||||
| show | CBAC*
security banner*
enable secret password*
🗑
|
||||
| Refer to the exhibit. Based on the output of the show running-config command, which type of view is SUPPORT? | show 🗑
|
||||
| Which three services on a router does Cisco SDM One-Step Lockdown enable? (Choose three. ) | show 🗑
|
||||
| An administrator defined a local user account with a secret password on router R1 for use with SSH. Which three additional steps are required to configure R1 to accept only encrypted SSH connections? (Choose three. ) | show 🗑
|
||||
| Which statement describes the operation of the Cisco SDM Security Audit wizard? | show 🗑
|
||||
| An administrator needs to create a user account with custom access to most privileged EXEC commands. Which privilege command is used to create this custom account? | show 🗑
|
||||
| Which three areas of router security must be maintained to secure an edge router at the network perimeter? (Choose three.) | show 🗑
|
||||
| Which service is enabled on a Cisco router by default that can reveal significant information about the router and potentially make it more vulnerable to attack? | show 🗑
|
||||
| Which two operations are required to implement Cisco SDM One-Step Lockdown? (Choose two. ) | show 🗑
|
||||
| show | auto secure privileged EXEC command and the SDM One-Step Lockdown wizard*
🗑
|
||||
| Refer to the exhibit. What is the significance of secret 5 in the generated output? | show 🗑
|
||||
| show | Restart the router in ROM monitor mode and display the secure bootset Cisco IOS image name using the dir command.*
Boot the secure bootset Cisco IOS image using the boot command with the filename.*
🗑
|
||||
| show | R1(config)# username admin secret Admin01pa55
R1(config)# line con 0
R1(config-line)# login local***********
🗑
|
||||
| show | All messages with a trap level of 4 and lower (more critical) will be logged.*
The syslog server IP address is 192. 168. 1. 3.*
🗑
|
||||
| What are two characteristics of SNMP community strings? (Choose two. ) | show 🗑
|
||||
| show | 1024*
🗑
|
||||
| Which two characteristics apply to Role-Based CLI Access superviews? (Choose two. ) | show 🗑
|
||||
| show | The Cisco IOS image and configuration files have been properly secured.*
The Cisco IOS Resilient Configuration feature is enabled.*
🗑
|
||||
| show | network devices configured to accommodate SSH*
encryption of all remote access management traffic*
connection to network devices through a production network or the Internet*
🗑
|
||||
| Why is the usernamenamesecretpassword command preferred over the usernamenamepasswordpassword command? | show 🗑
|
||||
| show | ICMP unreachable notifications are enabled by default but should be disabled on untrusted interfaces.*
TCP keepalives are disabled by default but should be enabled globally to prevent certain DoS attacks.*
🗑
|
||||
| Which command is used to verify the existence of a secure Cisco IOS image file? | show 🗑
|
||||
| Which three types of views are available when configuring the Role-Based CLI Access feature? (Choose three.) | show 🗑
|
||||
| show | It uses the MD5 algorithm for encrypting passwords.*
🗑
|
||||
| Which statement describes the operation of the CCP Security Audit wizard? | show 🗑
|
||||
| Which three services does CCP One-Step Lockdown enable? (Choose three.) | show 🗑
|
||||
| show | Subsequent virtual login attempts from the user are blocked for 60 seconds.*
A message is generated that indicates the username and source IP address of the user.*
During the quiet mode, an administrator can log in from host 172.16.1.2.*
🗑
|
||||
| show | BAC*
Security banner*
Enable secret password*
🗑
|
||||
| Which statement describes the CCP Security Audit wizard? | show 🗑
|
||||
| show | Ntp master 1*
🗑
|
||||
| show | It provides for authentication and accountability.*
🗑
|
||||
| Which authentication method stores usernames and passwords in the router and is ideal for small networks? | show 🗑
|
||||
| In regards to Cisco Secure ACS, what is a client device? | show 🗑
|
||||
| When configuring a Cisco Secure ACS, how is the configuration interface accessed? | show 🗑
|
||||
| What is a difference between using the login local command and using local AAA authentication for authenticating administrator access? | show 🗑
|
||||
| Due to implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this? | show 🗑
|
||||
| show | Character mode provides users with administrative privilege EXEC access and requires use of the console, vty, or tty ports.*
Packet mode provides remote users with access to network resources and requires use of dialup or VPN.*
🗑
|
||||
| show | TACACS+ provides authorization of router commands on a per-user or per-group basis.*
🗑
|
||||
| . Refer to the exhibit. Router R1 is configured as shown. An administrative user attempts to use Telnet from router R2 to router R1 using the interface IP address 10.10.10.1. However, Telnet access is denied. Which option corrects this problem? | show 🗑
|
||||
| efer to the exhibit. In the network shown, which AAA command logs the use of EXEC session commands? | show 🗑
|
||||
| show | It accepts a locally configured username, regardless of case.*
🗑
|
||||
| What is the result if an administrator configures the aaa authorization command prior to creating a user with full access rights? | show 🗑
|
||||
| Which statement identifies an important difference between TACACS+ and RADIUS? | show 🗑
|
||||
| show | Cisco Secure ACS supports LDAP.*
Cisco Secure ACS supports both TACACS+ and RADIUS protocols.*
🗑
|
||||
| show | reduces delays in the authorization queries by using persistent TCP sessions*
🗑
|
||||
| How does a Cisco Secure ACS improve performance of the TACACS+ authorization process? | show 🗑
|
||||
| show | Authenticated users are granted full access rights.*
🗑
|
||||
| Refer to the exhibit. Router R1 has been configured as shown, with the resulting log message. On the basis of the information presented, which two AAA authentication statements are true? (Choose two.) | show 🗑
|
||||
| show | authentication, authorization, and accounting*
🗑
|
||||
| show | character mode*
packet mode*
🗑
|
||||
| show | password encryption*
utilization of transport layer protocols*
🗑
|
||||
| After accounting is enabled on an IOS device, how is a default accounting method list applied? | show 🗑
|
||||
| A company is deploying user device access control through a NAC appliance as part of the Cisco TrustSec solution. Which device is needed to serve as the central management for the access control? | show 🗑
|
||||
| show | to accommodate any difference in the authorization process between the ACS and an external database.*
🗑
|
||||
| show | Pa$$w0rD*
🗑
|
||||
| Which component of AAA is used to determine which resources a user can access and which operations the user is allowed to perform? | show 🗑
|
||||
| . Refer to the exhibit. A network administrator configures AAA authentication on R1. Which statement describes the effect of the keyword single-connection in the configuration? | show 🗑
|
||||
| show | Security Intelligence Operations
🗑
|
||||
| The Cisco Network Foundation Protection framework has three functional areas. The data plane of a router is responsible for routing packets correctly. | show 🗑
|
||||
| What is hyperjacking? | show 🗑
|
||||
| show | antivirus software
🗑
|
||||
| show | worm
🗑
|
||||
| show | by continuously sending packets of unexpected size or unexpected data
🗑
|
||||
| show | Devices in networks should not access and use one another unnecessarily and unconditionally.
🗑
|
||||
| show | A hacker mimics a tone using a whistle to make free long-distance calls on an analog telephone network.
🗑
|
||||
| Antivirus software can prevent viruses from entering the network. | show 🗑
|
||||
| show | A virus has infected the computers.
🗑
|
||||
| show | A virus is triggered by an event on the host system.
🗑
|
||||
| show | to scan for accessibility
to gather information about the network and devices
🗑
|
||||
| show | management plane
🗑
|
||||
| Which security measure is typically found both inside and outside a data center facility? | show 🗑
|
||||
| What is a main purpose of launching an access attack on network systems? | show 🗑
|
||||
| show | SNMP agent
🗑
|
||||
| show | login block-for 180 attempts 3 within 120
🗑
|
||||
| What three configuration steps must be performed to implement SSH access to a router? (Choose three.) | show 🗑
|
||||
| The is a Layer 2 open standard network discovery protocol. | show 🗑
|
||||
| show | CDP
🗑
|
||||
| What tool is available through the Cisco IOS CLI to initiate security audits and to make recommended configuration changes with or without administrator input? | show 🗑
|
||||
| Which packet type is user-generated and forwarded by a router? | show 🗑
|
||||
| Which two options provide secure remote access to a router? (Choose two.) | show 🗑
|
||||
| Why is the username name algorithm-type scrypt secret password command preferred over the username name secret password command? | show 🗑
|
||||
| What IOS privilege levels are available to assign for custom user-level privileges? | show 🗑
|
||||
| show | securing administrative access
disabling unused ports and interfaces
🗑
|
||||
| show | spoofing
🗑
|
||||
| show | Assign a secret password to the view.
Assign commands to the view.
Create a view using the parser view view-name command.
🗑
|
||||
| show | Root
🗑
|
||||
| What is the first required task when configuring server-based AAA authentication? | show 🗑
|
||||
| show | Configure the key exactly the same way on the server and the router.
🗑
|
||||
| show | authentication who are u
Authorzizatiion What u can do
accounting What has happened
🗑
|
||||
| What is the purpose of the none keyword in an AAA authentication configuration? | show 🗑
|
||||
| When 802.1X port-based authentication is enabled, only eap traffic will be allowed through the switch port that a workstation is connected to until the workstation is authenticated. | show 🗑
|
||||
| What port state is used by 802.1X if a workstation fails authorization? | show 🗑
|
||||
| Which statement describes a difference between RADIUS and TACACS+? | show 🗑
|
||||
| show | ISE
🗑
|
||||
| Refer to the exhibit. What part of the AAA status message helps a network administrator determine which method list is being referenced? | show 🗑
|
||||
| What is a drawback of the local database method of securing device access that can be solved by using AAA with centralized servers? | show 🗑
|
||||
| Which statement describes a characteristic of authorization in an AAA solution? | show 🗑
|
||||
| show | No configuration is necessary.
🗑
|
||||
| show | Local implementation does not scale well.
🗑
|
||||
| show | A user was successfully authenticated.
🗑
|
||||
| show | the administrative user should use the username Admin and password Str0ngPa55w0rd.
🗑
|
Review the information in the table. When you are ready to quiz yourself you can hide individual columns or the entire table. Then you can click on the empty cells to reveal the answer. Try to recall what will be displayed before clicking the empty cell.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Created by:
fluffyhuffy
Popular Engineering sets