Network Auth & Security Chapter 2

¡Supera tus tareas y exámenes ahora con Quizwiz!

If AAA is already enabled, which three CLI steps are required to configure a router with a specific view (Choose three.) Question options: Assign a secret password to the view. Assign commands to the view. Assign users who can use the view. Associate the view with the root view. Create a superview using the parser view view-name command. Create a view using the parser view view-name command.

Assign a secret password to the view. Assign commands to the view. Create a view using the parser view view-name command.

Which service is enabled on a Cisco router by default that can reveal significant information about the router and potentially make it more vulnerable to attack? Question options: HTTP CDP FTP LLDP LMNOP

CDP

What tool is available through the Cisco IOS CLI to initiate security audits and to make recommended configuration changes with or without administrator input? Question options: Cisco ACS Control Plane Policing Cisco AutoSecure Simple Network Management Protocol Cisco CLI Secure Plus

Cisco AutoSecure

Which two options provide secure remote access to a router? (Choose two.) Question options: CHAP HTTP HTTPS SSH Telnet

HTTPS SSH

Why is the username name algorithm-type scrypt secret password command preferred over the username name secret password command? Question options: It uses the MD5 algorithm for encrypting passwords. It uses the standard type 7 algorithm for encrypting passwords. It uses the SCRYPT algorithm for encrypting passwords. It does not require the login local command to enable the local database for authentication. It requires an already encrypted password to be accepted.

It uses the SCRYPT algorithm for encrypting passwords.

Which of the following can be used to falsify routing information, cause DoS attacks, or cause traffic to be redirected? Question options: Spooing Routing Protocol (SRP) Routing Protocol Flooding Spoofing Protocol Routing (SPR) Routing Protocol Spoofing Routing Protocol Detour

Routing Protocol Spoofing

Which OSPF authentication should be used wherever possible, because MD5 authentication is considered vulnerable to attacks? Question options: SHA The MC5 WEP SSH There is no authentication is OSPF

SHA

Which element of an SNMP implementation can be configured to respond to requests as well as to forward notifications? Question options: MIB SNMP manager SNMP agent OID O-SNMP

SNMP agent

What three configuration steps must be performed to implement SSH access to a router? (Choose three.) Question options: a password on the console line an IP domain name a user account an enable mode password a unique hostname an encrypted password

an IP domain name a user account a unique hostname

Which packet type is user-generated and forwarded by a router? Question options: data plane packet control plane packet management plane packet routing protocol update packet HTTPS packet

data plane packet

What IOS privilege levels are available to assign for custom user-level privileges? Question options: levels 1 through 15 levels 0, 1, and 15 levels 2 through 14 levels 0 and 1 five

levels 2 through 14

A network administrator needs to protect a router against brute force login attempts. What is the correct login-block-for command syntax to disable login for 3 minutes if more than 3 failed attempts are made within a 2 minute period? Question options: Login block-for 3 min 3 att 2 min login block-for within 180 attempts 3, 120 login block-for within 120 attempts 3, 180 login block-for 180 attempts 3 within 120 login block-for attempts 180 3 120

login block-for 180 attempts 3 within 120

Which three areas of router security must be maintained to secure an edge router at the network perimeter? (Choose three.) Question options: physical security flash security operating system security remote access security router hardening zone isolation

physical security operating system security router hardening

Which two tasks are associated with router hardening? (Choose two.) Question options: installing the maximum amount of memory possible placing the router in a secure room using uninterruptible power supplies disabling unused ports and interfaces securing administrative access Installing the Cisco Steel Router protocol

disabling unused ports and interfaces securing administrative access

When role-based CLI is used, which view is the only view that has the ability to add or remove commands from existing views? Question options: admin super user root sudo commander Cisco

root


Conjuntos de estudio relacionados

Chapter 08: Pain Lewis: Medical-Surgical Nursing, 10th Edition

View Set

Ch 49 Business Development and Networking

View Set

The Age of Exploration and Conquest of the Americas

View Set

Psychological Development Ch. 6/7/8 Quiz

View Set