12-11 Network Infrastructure Security Group

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which technique is necessary to ensure a private transfer of data using a VPN? A. Encryption B. Virtualization C. Scalability D. Authorization

A. Encryption

What is an advantage of HIPS that is not provided by IDS? A. HIPS protects critical system resources and monitors operating system processes. B. HIPS deploys sensors at network entry points and protects critical network segments. C. HIPS monitors network processes and protects critical files. D. HIPS provides quick analysis of events through detailed logging.

A. HIPS protects critical system resources and monitors operating system processes.

Which two protocols are link-state routing protocols? (Choose two.) A. IS-IS B. EIGRP C. BGP D. RIP E. OSPF

A. IS-IS and E. OSPF

Which two statements are true about NTP servers in an enterprise network? (Choose two.) A. NTP servers ensure an accurate time stamp on logging and debugging information. B. NTP servers control the mean time between failures (MTBF) for key network devices. C. NTP servers at stratum 1 are directly connected to an authoritative time source. D. All NTP servers synchronize directly to a stratum 1 time source. E. There can only be one NTP server on an enterprise network.

A. NTP servers ensure an accurate time stamp on logging and debugging information. C. NTP servers at stratum 1 are directly connected to an authoritative time source.

What are two disadvantages of using an IDS? (Choose two.) A. The IDS doesn't stop malicious traffic. B. The IDS works offline using copies of network traffic. C. The IDS has no impact on traffic. D. The IDS analyzes actual forwarded packets. E. The IDS requires other devices to respond to attacks.

A. The IDS doesn't stop malicious traffic. E. The IDS requires other devices to respond to attacks.

Which AAA component can be established using token cards? A. Authorization B. Authentication C. Auditing D. Accounting

B. Authentication

What Wi-Fi management frame is regularly broadcast by APs to announce their presence? A. Authentication B. Beacon C. Probe D. Association

B. Beacon

What are two types of addresses found on network end devices? (Choose two.) A. Return B. IP C. MAC D. TCP E. UDP

B. IP and C. MAC

What are the three parts of all Layer 2 frames? (Choose three.) A. Source and destination IP address B. Payload C. Frame check sequence D. Time-to-live E. Header

B. Payload, D. Frame check sequence, and E. Header

What is a characteristic of a hub? A. Operates at Layer 2 B. Regenerates signals received on one port out all other ports. C. Subdivides the network into collision domains. D. Uses CSMA/CA to avoid collisions.

B. Regenerates signals received on one port out all other ports.

Which firewall feature is used to ensure that packets coming into a network are legitimate responses initiated from internal hosts? A. Application filtering B. Stateful packet inspection C. URL filtering D. Packet filtering

B. Stateful packet inspection.

A Cisco router is running IOS 15. What are the two routing table entry types that will be added when a network admin brings an interface up and assigns an IP address to the interface? (Choose two.) A. Route that is manually entered by a network admin. B. Local route interface C. Route that is learned via OSPF D. Directly connected interface. E. Route that is learned via EIGRP

B. local route interface and D. Directly connected interface.

Which statement describes one of the rules that govern interface behavior in the context of implementing a zone-based policy firewall configuration? A. An admin can assign interfaces to zones, regardless of whether the zone has been configured. B. An admin can assign an interface to multiple security zones. C. By default, traffic is allowed to flow among interfaces that are members of the same zone. D. By default, traffic is allowed to flow between a zone member interface and any interface that is not a zone member.

C. By default, traffic is allowed to flow among interfaces that are members of the same zone.

What is used on WLANs to avoid packet collisions? A. SVIs B. STP C. CSMA/CA D. VLANs

C. CSMA/CA

What action does an Ethernet switch take when it receives a frame with an unknown Layer 2 source address? A. It forwards the frame out all interfaces except the interface on which it was received. B. It forwards the frame to the default gateway. C. It records the source address in the address table of the switch. D. It drops the frame.

C. It records the source address in the address table of the switch.

Which two devices would commonly be found at the access layer of the hierarchical enterprise LAN design model? (Choose two.) A. Modular switch B. Layer 3 device C. Layer 2 switch D. Firewall E. Access point

C. Layer 2 switch and E. Access point.

What is a function of SNMP? A. Synchronizes the time across all devices on the network. B. Captures packets entering and exiting the NIC. C. Provides message format for communication between network device managers and agents. D. Provides statistical analysis on packets flowing through a Cisco router or multilayer switch.

C. Provides a message format for communication between network device managers and agents.

What is the first step in the CSMA/CA process when a wireless client attempting to communicate on the wireless network? A. The client sends an RTS message to the AP. B. The client sends a test frame onto the channel. C. The client listens for traffic on the channel. D. The AP sends a CTS message to the client.

C. The client listens for traffic on the channel.

What is a host-based intrusion detection system (HIDS)? A. It detects and stops potential direct attacks but doesn't scan for malware. B. It is an agentless system that scans files on a host for potential malware. C. It identifies potential attacks and sends alerts but doesn't stop the traffic. D. It combines the functionalities of antimalware applications with firewall protection.

D. It combines the functionalities of antimalware applications with firewall protection.

Which statement describes a difference between RADIUS and TACACS+? A. RADIUS separates authentication and authorization whereas TACACS+ combines them as one process. B. RADIUS is supported by the Cisco Secure ACS software whereas TACACS+ is not. C. RADIUS uses TCP whereas TACACS+ uses UDP. D. RADIUS encrypts only the password whereas TACACS+ encrypts all communication.

D. RADIUS encrypts only the password whereas TACACS+ encrypts all communication.

In which memory location is the routing table of a router maintained? A. ROM B. flash C. NVRAM D. RAM

D. RAM

What is a characteristic of the WLAN passive discover mode? A. The client must know the name of the SSID to begin the discover process. B. The client begins the discover process by sending a probe request. C. The beaconing feature on the AP is disabled. E. The AP periodically sends beacon frames containing the SSID.

D. The AP periodically sends beacon frames containing the SSID.


Conjuntos de estudio relacionados

Chapters 7 10 11 12 Econ 410 Final Review

View Set

Wastewater Treatment Grade 1 - Part 1(Transcribed by Chuck)

View Set

Intro to Piping and Piping Fittings

View Set

The lost colony of Roanoke Island

View Set