Ch. 10 - Security in Network Design

Question 1

To permit I C M P traffic from any IP address or network to any I P address or network

Answer 1

access-list acl_2 permit icmp any

Question 2

can be configured to evaluate all log data

Looking for significant events that require attention from the IT staff

Answer 2

SIEM (Security Information and Event Management)

Question 3

Another Cisco command (also used on Arista devices) to secure switch access ports

Answer 3

Switchport port-security (or just port-security on Huawei switches)

Question 4

On a Juniper switch:

The ____ command restricts the number of MAC addresses allowed in the MAC address table

Answer 4

mac-limit

Question 5

helps ensure data confidentiality with both encryption and packet authentication by providing:
Message integrity
Encryption

Answer 5

CCMP—Short for Counter Mode with CBC (Cipher Block Chaining) MAC (Message Authentication Code) Protocol

Question 6

Tunnel-based,

Creates an encrypted TLS tunnel between the supplicant and the server

Answer 6

PEAP (Protected EAP)

Question 7

A RADIUS server is used in cooperation with an authentication mechanism called

Answer 7

EAP (Extensible Authentication Protocol)