Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Networking Security > 1.5 > Flashcards

1.5 Flashcards

1
Q
  1. On what switch ports should BPDU guard be enabled to enhance STP stability?
    only ports that attach to a neighboring switch
    all PortFast-enabled ports Correct
    all trunk ports that are not root ports
    only ports that are elected as designated ports
A

all PortFast-enabled ports Correct

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q 
82.	Which feature is specific to the Security Plus upgrade license of an ASA 5505 and provides increased availability?
redundant ISP connections
routed mode
transparent mode
stateful packet inspection
A

redundant ISP connections

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q 
83.	A company deploys a hub-and-spoke VPN topology where the security appliance is the hub and the remote VPN networks are the spokes. Which VPN method should be used in order for one spoke to communicate with another spoke through the single public interface of the security appliance?
split tunneling
MPLS
GRE
Hairpinning
A

Hairpinning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. What are two drawbacks in assigning user privilege levels on a Cisco router? (Choose two.)
    Privilege levels must be set to permit access control to specific device interfaces, ports, or slots.
    Assigning a command with multiple keywords allows access to all commands using those keywords.
    Only a root user can add or remove commands.
    Commands from a lower level are always executable at a higher level.
    AAA must be enabled.
A

Assigning a command with multiple keywords allows access to all commands using those keywords.
Commands from a lower level are always executable at a higher level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q 
85.	Which two types of hackers are typically classified as grey hat hackers? (Choose two.)
script kiddies
vulnerability brokers
cyber criminals
state-sponsored hackers
hacktivists
A

vulnerability brokers

hacktivists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
86.	What is the default preconfigured interface for the outside network on a Cisco ASA 5505?
VLAN 2
Ethernet 0/2
Ethernet 0/1
VLAN 1
A

VLAN 2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
87.	A user successfully logs in to a corporate network via a VPN connection. Which part of the AAA process records that a certain user performed a specific operation at a particular date and time?
authentication
accounting
access
authorization
A

accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q 
88.	What determines which switch becomes the STP root bridge for a given VLAN?
the lowest bridge ID
the highest MAC address
the highest priority
the lowest IP address
A

lowest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. What is a function of the GRE protocol?
    to configure the set of encryption and hashing algorithms that will be used to transform the data sent through the IPsec tunnel
    to provide encryption through the IPsec tunnel
    to configure the IPsec tunnel lifetime
    to encapsulate multiple OSI Layer 3 protocol packet types inside an IP tunnel
A

to encapsulate multiple OSI Layer 3 protocol packet types inside an IP tunnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. What is used to determine the root bridge when the priority of the switches are the same?
    the MAC address with the highest hexadecimal value
    the lowest ip address
    the layer 2 address with the lowest hexadecimal value
    the highest BID
A

the layer 2 address with the lowest hexadecimal value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. What is algorithm-type to protect the data in transit?
A

Hashing algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q 
92.	What type of ACL is designed for use in the configuration of an ASA to support filtering for clientless SSL VPN’s?
Webtype
Standard
Ethertype
Extended
A

Webtype

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. The following authentication configuration is applied to a router.
    aaa authentication login default tacacs+ local enable none
    Several days later the TACACS+ server goes off-line. Which method will be used to authenticate users?
    none
    manually configured vty line password
    local username/password database
    default
A

none

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. A security technician is evaluating a new operations security proposal designed to limit access to all servers. What is an advantage of using network security testing to evaluate the new proposal?
    Network security testing proactively evaluates the effectiveness of the proposal before any real threat occurs.
    Network security testing is most effective when deploying new security proposals.
    Network security testing is specifically designed to evaluate administrative tasks involving server and workstation access.
    Network security testing is simple because it requires just one test to evaluate the new proposal.
A

Network security testing proactively evaluates the effectiveness of the proposal before any real threat occurs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Networking Security (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions