security-2 Flashcards
Question 1 How do you maintain security in multiple websites? A. VPN B. DMVPN C. other D. other
Answer: A
Question 2 Which of the following encrypts the traffic on a leased line? A. telnet B. ssh C. vtp D. vpn E. dmvpn
Answer: B
Question 3 Which command is necessary to permit SSH or Telnet access to a Cisco switch that is otherwise configured for these vty line protocols? A. transport type all B. transport output all C. transport preferred all D. transport input all
Answer: D
Question 4 How to verify SSH connections were secured? A. ssh -v 1 -l admin IP B. ssh -v 2 -l admin IP C. ssh -l admin IP D. ssh -v 2 admin IP
Answer: B
Question 5 In order to comply with new auditing standards, a security administrator must be able to correlate system security alert logs directly with the employee who triggers the alert. Which of the following should the security administrator implement in order to meet this requirement? A. Access control lists on file servers B. Elimination of shared accounts C. Group-based privileges for accounts D. Periodic user account access reviews
Answer: D
Question 6 Which three feature are represented by A letter in AAA? (Choose three) A. authorization B. accounting C. authentication D. accountability E. accessibility F. authority
Answer: A B C
Question 7 What are two characteristics of SSH? (Choose two) A. use port 22 B. unsecured C. encrypted D. most common remote-access method E. operate at transport
Answer: A C
Question 8
Which two statements about TACACS+ are true? (Choose two)
A. It can run on a UNlX server.
B. It authenticates against the user database on the local device.
C. It is more secure than AAA authentication.
D. It is enabled on Cisco routers by default. E. It uses a managed database.
Answer: A E
Question 9
Refer to the exhibit. Which user-mode password has just been set?
R1#config R1(config)#line vty 0 4 R1(config-line)#password C1scO R1(config-line)#login
A. Telnet
B. Auxiliary
C. SSH
D. Console
Answer: A
Question 10 Which two passwords must be supplied in order to connect by Telnet to a properly secured Cisco switch and make changes to the device configuration? (Choose two) A. tty password B. enable secret password C. vty password D. aux password E. console password F. username password
Answer: B C
Question 11
Which two statements about firewalls are true?
A. They can be used with an intrusion prevention system. B. They can limit unauthorized user access to protect data. C. Each wireless access point requires its own firewall
D. They must be placed only at locations where the private network connects to the internet.
E. They can prevent attacks from the internet only.
Answer: A B
Question 12 Which three options are types of Layer 2 network attack? (Choose three) A. Spoofing attacks B. VLAN Hopping C. Botnet attacks D. DDOS attacks E. ARP Attacks F. Brute force attacks
Answer: A B E
Question 13 Which IEEE mechanism is responsible for the authentication of devices when they attempt to connect to a local network? A. 802.1x B. 802.11 C. 802.2x D. 802.3x
Answer: A
Question 14 Which IPsec security protocol should be used when confidentiality is required? A. AH B. MD5 C. PSK D. ESP
Answer: D