CCNA Security v2.0

CCNA Security Chapter 11 Exam v2

  • 07/07/2018 17:14
  • /
  • 34

CCNA Security Chapter 11 Exam Answer v2 Which security test is appropriate for detecting system weaknesses such as misconfiguration, default passwords, and potential DoS targets? vulnerability scanning network scanning integrity checkers penetration testing How does network scanning help assess operations security? It can simulate attacks from malicious sources. It can log abnormal activity. It can..Read More..

CCNA Security Final Exam v2

  • 07/07/2018 11:16
  • /
  • 36

Coming Soon Comments commentsRead More..

CCNA Security Practice Final Exam v2

  • 07/07/2018 11:15
  • /
  • 35

Coming Soon Comments commentsRead More..

CCNA Security Chapter 10 Exam v2

  • 07/07/2018 11:15
  • /
  • 37

CCNA Security Chapter 10 Exam Answer v2 Which statement describes the function provided to a network administratorwho uses the Cisco Adaptive Security Device Manager (ASDM) GUI that runs as a Java Web Start application? The administrator can connect to and manage a single ASA. The administrator can connect to and manage multiple ASA devices. The administrator can..Read More..

CCNA Security Chapter 9 Exam v2

  • 07/07/2018 11:15
  • /
  • 35

CCNA Security Chapter 9 Exam Answer v2 Refer to the exhibit. An administrator creates three zones (A, B, and C) in an ASA that filters traffic. Traffic originating from Zone A going to Zone C is denied, and traffic originating from Zone B going to Zone C is denied. What is a possible scenario for..Read More..

CCNA Security Chapter 8 Exam v2

  • 07/07/2018 11:15
  • /
  • 38

CCNA Security Chapter 8 Exam Answer v2 Refer to the exhibit. How will traffic that does not match that defined by access list 101 be treated by the router? It will be sent unencrypted. It will be sent encrypted. It will be blocked. It will be discarded. What three protocols must be permitted through the..Read More..

CCNA Security Chapter 7 Exam v2

  • 07/07/2018 11:15
  • /
  • 40

CCNA Security Chapter 7 Exam Answer v2 What is the focus of cryptanalysis? hiding secret codes developing secret codes breaking encrypted codes implementing encrypted codes How many bits does the Data Encryption Standard (DES) use for data encryption? 40 bits 56 bits 64 bits 72 bits Which statement describes the Software-Optimized Encryption Algorithm (SEAL)? SEAL..Read More..

CCNA Security Chapter 6 Exam v2

  • 07/07/2018 11:15
  • /
  • 37

CCNA Security Chapter 6 Exam Answer v2 Refer to the exhibit. The Fa0/2 interface on switch S1 has been configured with the switchport port-security mac-address 0023.189d.6456 command and a workstation has been connected. What could be the reason that the Fa0/2 interface is shutdown? The connection between S1 and PC1 is via a crossover cable...Read More..

CCNA Security Chapter 5 Exam v2

  • 07/07/2018 11:15
  • /
  • 37

What information must an IPS track in order to detect attacks matching a composite signature? the total number of packets in the attack the attacking period used by the attacker the network bandwidth consumed by all packets the state of packets related to the attack What is a disadvantage of a pattern-based detection mechanism? The..Read More..

CCNA Security Chapter 4 Exam v2

  • 07/07/2018 11:15
  • /
  • 32

CCNA Security Chapter 4 Exam Answer v2 Refer to the exhibit. If a hacker on the outside network sends an IP packet with source address 172.30.1.50, destination address 10.0.0.3, source port 23, and destination port 2447, what does the Cisco IOS firewall do with the packet? The initial packet is dropped, but subsequent packets are..Read More..

CCNA Security Chapter 3 Exam v2

  • 07/07/2018 11:15
  • /
  • 37

CCNA Security Chapter 3 Exam v2 Because of implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this? accounting accessibility auditing authorization authentication Why is authentication with AAA preferred over a local database method? It provides a fallback authentication method if the administrator forgets the username or password...Read More..

CCNA Security Chapter 2 Exam v2

  • 07/07/2018 11:15
  • /
  • 39

An administrator defined a local user account with a secret password on router R1 for use with SSH. Which three additional steps are required to configure R1 to accept only encrypted SSH connections? (Choose three.) Enable inbound vty SSH sessions. Generate two-way pre-shared keys. Configure DNS on the router. Configure the IP domain name on..Read More..

CCNA Security Chapter 1 Exam v2

  • 07/07/2018 11:15
  • /
  • 37

CCNA Security Chapter 1 Exam v2 What method can be used to mitigate ping sweeps? using encrypted or hashed authentication protocols installing antivirus software on hosts deploying antisniffer software on all network devices blocking ICMP echo and echo-replies at the network edge What are the three major components of a worm attack? (Choose three.) a..Read More..

CCNA Security v2.0 Final Exam Answers | CCNA5.NET

1. Which security implementation will provide control plane protection for a network device? encryption for remote access connections AAA for authenticating management access routing protocol authentication* NTP for consistent timestamps on logging messages 2. What is the one major difference between local AAA authentication and using the login local command when configuring device access authentication? Local AAA authentication provides a way to configure backup methods of authentication, but login local does not.* The login local command requires the administrator to manually configure the usernames and passwords, but local AAA authentication does not. Local AAA authentication allows more than one user account to be configured, but login local does not. The login local command uses local usernames and passwords stored on the router, but local AAA authentication does not. 3. Refer to the exhibit. A network administrator configures AAA authentication on R1. The administrator then

CCNA Security v2.0 Practice Final Exam Answers | CCNA5.NET

  • 29/06/2018 13:30
  • /
  • 74

1. Refer to the exhibit. Based on the output generated by the show monitor session 1 command, how will SPAN operate on the switch? All traffic received on VLAN 10 or transmitted from VLAN 20 is forwarded to FastEthernet 0/1.* Native VLAN traffic transmitted from VLAN 10 or received on VLAN 20 is forwarded to FastEthernet 0/1. All traffic transmitted from VLAN 10 or received on VLAN 20 is forwarded to FastEthernet 0/1. Native VLAN traffic received on VLAN 10 or transmitted from VLAN 20 is forwarded to FastEthernet 0/1. 2. Refer to the exhibit. The ISAKMP policy for the IKE Phase 1 tunnel was configured, but the tunnel does not yet exist. Which action should be taken next before IKE Phase 1 negotiations can begin? Configure the set of encryption and hashing algorithms that will be used to transform the data sent through the IPsec tunnel. Bind the transform set with the rest of the IPsec policy in a crypto map​. Configure the IPsec tunnel lifetime​. Configure an ACL to define

CCNA Security v2.0 Chapter 3 Exam | CCNA5.NET

  • 29/03/2018 21:53
  • /
  • 89

1. Because of implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this? accounting accessibility auditing authorization* authentication 2. Why is authentication with AAA preferred over a local database method? It provides a fallback authentication method if the administrator forgets the username or password.* It uses less network bandwidth. It specifies a different password for each line or port. It requires a login and password combination on the console, vty lines, and aux ports. 3. Which authentication method stores usernames and passwords in ther router and is ideal for small networks. local AAA over TACACS+ server-based AAA over TACACS+ local AAA* local AAA over RADIUS server-based AAA over RADIUS server-based AAA 4. Which component of AAA allows an administrator to track individuals who access network resources and any changes that are made to those resources? accounting* accessibility authentication

CCNA Security v2.0 Chapter 4 Exam | CCNA5.NET

  • 29/03/2018 20:52
  • /
  • 89

1. Refer to the exhibit. If a hacker on the outside network sends an IP packet with source address 172.30.1.50, destination address 10.0.0.3, source port 23, and destination port 2447, what does the Cisco IOS firewall do with the packet? The initial packet is dropped, but subsequent packets are forwarded. The packet is forwarded, and an alert is generated. The packet is forwarded, and no alert is generated. The packet is dropped.* 2. To facilitate the troubleshooting process, which inbound ICMP message should be permitted on an outside interface? echo request time-stamp request echo reply* time-stamp reply router advertisement 3. Which command is used to activate an IPv6 ACL named ENG_ACL on an interface so that the router filters traffic prior to accessing the routing table? ipv6 access-class ENG_ACL in ipv6 traffic-filter ENG_ACL out ipv6 traffic-filter ENG_ACL in* ipv6 access-class ENG_ACL out 4. Which statement describes a typical security policy for a DMZ

CCNA Security v2.0 Chapter 5 Exam | CCNA5.NET

  • 29/03/2018 19:50
  • /
  • 88

1. What information must an IPS track in order to detect attacks matching a composite signature? the total number of packets in the attack the attacking period used by the attacker the network bandwidth consumed by all packets the state of packets related to the attack* 2. What is a disadvantage of a pattern-based detection mechanism? The normal network traffic pattern must be profiled first. It cannot detect unknown attacks.* It is difficult to deploy in a large network. Its configuration is complex. 3. What is the purpose in configuring an IOS IPS crypto key when enabling IOS IPS on a Cisco router? to secure the IOS image in flash to enable Cisco Configuration Professional to be launched securely to encrypt the master signature file to verify the digital signature for the master signature file* 4. Refer to the exhibit. What is the result of issuing the Cisco IOS IPS commands on router R1? All traffic that is permitted by the ACL is subject to inspection by

CCNA Security v2.0 Chapter 6 Exam | CCNA5.NET

  • 29/03/2018 18:49
  • /
  • 79

1. Refer to the exhibit. The Fa0/2 interface on switch S1 has been configured with the switchport port-security mac-address 0023.189d.6456 command and a workstation has been connected. What could be the reason that the Fa0/2 interface is shutdown? The connection between S1 and PC1 is via a crossover cable. The Fa0/24 interface of S1 is configured with the same MAC address as the Fa0/2 interface. S1 has been configured with a switchport port-security aging command. The MAC address of PC1 that connects to the Fa0/2 interface is not the configured MAC address.* 2. Two devices that are connected to the same switch need to be totally isolated from one another. Which Cisco switch security feature will provide this isolation? PVLAN Edge* DTP SPAN BPDU guard 3. Which two functions are provided by Network Admission Control? (Choose two.) protecting a switch from MAC address table overflow attacks enforcing network security policy for hosts that connect to the network*

CCNA Security v2.0 Chapter 7 Exam | CCNA5.NET

  • 29/03/2018 17:48
  • /
  • 82

1. What is the focus of cryptanalysis? hiding secret codes developing secret codes breaking encrypted codes* implementing encrypted codes 2. How many bits does the Data Encryption Standard (DES) use for data encryption? 40 bits 56 bits* 64 bits 72 bits 3. Which statement describes the Software-Optimized Encryption Algorithm (SEAL)? SEAL is a stream cipher.* It uses a 112-bit encryption key. It is an example of an asymmetric algorithm. It requires more CPU resources than software-based AES does. 4. Which encryption algorithm is an asymmetric algorithm? DH* SEAL 3DES AES 5. An online retailer needs a service to support the nonrepudiation of the transaction. Which component is used for this service? the private key of the retailer the unique shared secret known only by the retailer and the customer the public key of the retailer the digital signatures* 6. In which situation is an asymmetric key algorithm used? Two Cisco routers authenticate each other with


About Us

CCNA v5 Answers, CCNA v5 Blog, CCNA 5 Blog, CCNA Blog

Articles

Our Contacts