1. Which component is designed to protect against unauthorized communications to and from a computer?
6. Match the type of information security threat to the scenario. (Not all options are used.)
7. Which example of malicious code would be classified as a Trojan horse?
12. What is the purpose of the network security authentication function?
16. What feature of SSH makes it more secure than Telnet for a device management connection?
Which command has to be configured on the router to complete the SSH configuration?
* minimum of 8 characters, preferably 10.
* use complex combinations of numbers, special characters, and upper and lower case letters.
* avoid repetition, common dictionary words, letter or number sequences.
* avoid names of children, relatives, pets, birthdays, or any easily identifiable personal information.
* can be created by misspelling words or replacing vowels with numbers or special characters.
58. A network technician is troubleshooting an issue and needs to verify the IP addresses of all interfaces on a router. What is the best command to use to accomplish the task?
- security center
- port scanner
- antimalware
- antivirus
- firewall
- RouterA(config)# login block-for 10 attempts 2 within 30
- RouterA(config)# login block-for 30 attempts 2 within 10
- RouterA(config)# login block-for 2 attempts 30 within 10
- RouterA(config)# login block-for 30 attempts 10 within 2
- to require users to prove who they are
- to determine which resources a user can access
- to keep track of the actions of a user
- to provide challenge and response questions
- access attack
- reconnaissance attack
- denial of service attack
- worm attack
6. Match the type of information security threat to the scenario. (Not all options are used.)
7. Which example of malicious code would be classified as a Trojan horse?
- malware that was written to look like a video game
- malware that requires manual user intervention to spread between systems
- malware that attaches itself to a legitimate program and spreads to other programs when launched
- malware that can automatically spread from one system to another by exploiting a vulnerability in the target
- Viruses self-replicate but worms do not.
- Worms self-replicate but viruses do not.
- Worms require a host file but viruses do not.
- Viruses hide in legitimate programs but worms do not.
- denial-of-service
- man-in-the-middle attack
- extraction of security parameters
- username enumeration
- reconnaissance
- DoS
- dictionary
- man-in-the-middle
12. What is the purpose of the network security authentication function?
- to require users to prove who they are
- to determine which resources a user can access
- to keep track of the actions of a user
- to provide challenge and response questions
- stateful packet inspection
- URL filtering
- application filtering
- packet filtering
- exec-timeout 30
- service password-encryption
- banner motd $Max failed logins = 5$
- login block-for 60 attempts 5 within 60
16. What feature of SSH makes it more secure than Telnet for a device management connection?
- confidentiality with IPsec
- stronger password requirement
- random one-time port connection
- login information and data encryption
- SSH is easier to use.
- SSH operates faster than Telnet.
- SSH provides secure communications to access hosts.
- SSH supports authentication for a connection request.
- detecting and blocking of attacks in real time
- connecting global threat information to Cisco network security devices
- authenticating and validating traffic
- filtering of nefarious websites
- attack based
- risk based
- structured
- layered
- configuring a router with a complete MAC address database to ensure that all frames can be forwarded to the correct destination
- configuring a switch with proper security to ensure that all traffic forwarded through an interface is filtered
- designing a network to use multiple virtual devices to ensure that all traffic uses the best path through the internetwork
- designing a network to use multiple paths between switches to ensure there is no single point of failure
- voice
- video
- instant messaging
- FTP
- SNMP
- to identify the source and destination of local network traffic
- to capture the Internet connection bandwidth requirement
- to document and analyze network traffic requirements on each network segment
- to establish a baseline for security analysis after the network is upgraded
- Connectivity to the remote device was successful.
- A router along the path did not have a route to the destination.
- A ping packet is being blocked by a security device along the path.
- The connection timed out while waiting for a reply from the remote device.
- Issue the ping command from within interface configuration mode.
- Issue the ping command without specifying a destination IP address.
- Issue the ping command without extended commands.
- Issue the ping command after shutting down un-needed interfaces.
- a change in the bandwidth according to the show interfaces output
- a next-hop timeout from a traceroute
- an increase in host-to-host ping response times
- a change in the amount of RAM according to the show version output
- ‘!’ indicates that the ping was unsuccessful and that the device may have issues finding a DNS server.
- ‘U’ may indicate that a router along the path did not contain a route to the destination address and that the ping was unsuccessful.
- ‘.’ indicates that the ping was successful but the response time was longer than normal.
- A combination of ‘.’ and ‘!’ indicates that a router along the path did not have a route to the destination address and responded with an ICMP unreachable message.
- The NIC in the PC is bad.
- The TCP/IP protocol is not enabled.
- The router that is attached to the same network as the workstation is down.
- Nothing can be determined for sure at this point.
- It forces the trace to use IPv6.
- It limits the trace to only 6 hops.
- It sets a 6 milliseconds timeout for each replay.
- It sends 6 probes within each TTL time period.
- to determine the active TCP connections on a PC
- to check information about a DNS name in the DNS server
- to identify where a packet was lost or delayed on a network
- to display the IP address, default gateway, and DNS server address for a PC
- The network administrator suspects a virus because the ping command did not work.
- The network administrator wants to verify Layer 2 connectivity.
- The network administrator wants to verify the IP address configured on router R2.
- The network administrator wants to determine if connectivity can be established from a non-directly connected network.
- show version
- show ip route
- show interfaces
- show cdp neighbors detail
- the routing protocol version that is enabled
- the value of the configuration register
- the operational status of serial interfaces
- the administrative distance used to reach networks
- debug all
- logging synchronous
- show running-config
- terminal monitor
- terminal monitor
- logging console
- logging buffered
- logging synchronous
- Verify full system functionality.
- Test the theory to determine cause.
- Establish a theory of probable causes.
- Establish a plan of action to resolve the issue.
- netstat
- tracert
- nslookup
- ipconfig
- The PC cannot contact a DHCP server.
- The DNS server address is misconfigured.
- The default gateway address is not configured.
- The PC is configured to obtain an IP address automatically.
- The enterprise network is misconfigured for dynamic routing.
- traceroute
- show cdp neighbors
- Telnet
- an extended ping
- Connectivity between H1 and H3 is fine.
- H3 is not connected properly to the network.
- Something is causing interference between H1 and R1.
- Performance between the networks is within expected parameters.
- Something is causing a time delay between the networks.
- DHCP
- Telnet
- DNS
- traceroute
- show arp
- show interfaces
- show ip route
- show protocols
- Fast Ethernet interfaces
- console ports
- serial interfaces
- vty ports
- loopback interfaces
- Set the user privilege levels.
- Generate the asymmetric RSA keys.
- Configure the correct IP domain name.
- Configure role-based CLI access.
- Create a valid local username and password database.
- Manually enable SSH after the RSA keys are generated.
- Change system passwords every 30 days.
- Ensure that all systems have the most current virus definitions.
- Ensure that AAA is configured in the network.
- Download security updates from the operating system vendor and patch all vulnerable systems.
- Tracert shows each hop, while ping shows a destination reply only.
- Tracert uses IP addresses; ping does not.
- Both ping and tracert can show results in a graphical display.
- Ping shows whether the transmission is successful; tracert does not.
- FTP
- HTTP
- SSH
- Telnet
Which command has to be configured on the router to complete the SSH configuration?
- service password-encryption
- transport input ssh
- enable secret class
- ip domain-name cisco.com
- It is strong because it uses a passphrase.
- It is weak because it is often the default password on new devices.
- It is weak since it uses easily found personal information.
- It is weak since it is a word that is easily found in the dictionary.
- It is strong because it uses a minimum of 10 numbers, letters and special characters.
- It is weak because it is often the default password on new devices.
- It is weak since it uses easily found personal information.
- It is weak since it is a word that is easily found in the dictionary.
- It is strong because it contains 10 numbers and special characters.
- It is weak because it is often the default password on new devices.
- It is weak since it uses easily found personal information.
- It is strong because it uses a minimum of 10 numbers, letters and special characters.
- It is strong because it uses a minimum of 10 numbers, letters and special characters.
- It is weak since it is a word that is easily found in the dictionary.
- It is strong because it uses a passphrase.
- It is strong because it contains 10 numbers and special characters.
- It is weak because it uses a series of numbers or letters.
- It is strong because it uses a passphrase.
- It is weak since it is a word that is easily found in the dictionary.
- It is strong because it uses a minimum of 10 numbers, letters and special characters.
- It is weak because it is often the default password on new devices.
- It is strong because it uses a passphrase.
- It is strong because it uses a minimum of 10 numbers, letters and special characters.
- It is strong because it contains 10 numbers and special characters.
- It is weak because it uses easily found personal information.
- It is strong because it uses a passphrase.
- It is weak since it is a word that is easily found in the dictionary.
- It is strong because it uses a minimum of 10 numbers, letters and special characters.
- It is weak because it is a commonly used password.
- It is weak since it is a word that is easily found in the dictionary.
- It is strong because it uses a passphrase.
- It is strong because it uses a minimum of 10 numbers, letters and special characters.
- It is weak since it uses easily found personal information.
- It is strong because it uses a passphrase.
- It is strong because it uses a minimum of 10 numbers, letters and special characters.
- It is strong because it contains 10 numbers and special characters.
- It is weak because it uses easily found personal information.
- It is strong because it uses a passphrase.
- It is weak since it is a word that is easily found in the dictionary.
- It is strong because it uses a minimum of 10 numbers, letters and special characters.
* minimum of 8 characters, preferably 10.
* use complex combinations of numbers, special characters, and upper and lower case letters.
* avoid repetition, common dictionary words, letter or number sequences.
* avoid names of children, relatives, pets, birthdays, or any easily identifiable personal information.
* can be created by misspelling words or replacing vowels with numbers or special characters.
58. A network technician is troubleshooting an issue and needs to verify the IP addresses of all interfaces on a router. What is the best command to use to accomplish the task?
- show ip interface brief
- nslookup
- ipconfig getifaddr en0
- show ip route
- show interfaces
- ipconfig getifaddr en0
- copy running-config startup-config
- show ip nat translations
- ipconfig
- copy running-config startup-config
- show interfaces
- show ip nat translations
- copy running-config startup-config
- show interfaces
- show ip nat translations
- show ip route
- ipconfig getifaddr en0
- copy running-config startup-config
- show interfaces
- show ip nat translations
- show ipv6 interface
- show interfaces
- show ip nat translations
- show ip route
- ipconfig
- copy running-config startup-config
- show interfaces
- show ip nat translations
- show running-config
- show interfaces
- copy running-config startup-config
- show ip nat translations
- nslookup
- show ipv6 route
- show ipv6 interface
- copy startup-config running-config
- show running-config
- show ipv6 route
- show ipv6 interface
- copy startup-config running-config
0 commentaires:
Enregistrer un commentaire