10.6.2 Module Quiz - LAN Security Concepts

What three services are provided by the AAA framework? (Choose three.)

- Authentication - Authorization - Accounting

Which three Cisco products focus on endpoint security solutions? (Choose three.)

- Email Security Appliance - Web Security Appliance - NAC Appliance

What two protocols are supported on Cisco devices for AAA communications? (Choose two.)

- TACACS - RADIUS

What is involved in an IP address spoofing attack?

A legitimate network IP address is hijacked by a rogue node.

Because of implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this?

Authorization

Which service is enabled on a Cisco router by default that can reveal significant information about the router and potentially make it more vulnerable to attack?

CDP

Which Layer 2 attack will result in legitimate users not getting valid IP addresses?

DHCP starvation

What mitigation plan is best for thwarting a DoS attack that is creating a MAC address table overflow?

Enable port security.

Which Cisco solution helps prevent MAC and IP address spoofing attacks?

IP Source Guard

Why is authentication with AAA preferred over a local database method?

It provides a fallback authentication method if the administrator forgets the username or password

When security is a concern, which OSI Layer is considered to be the weakest link in a network system?

Layer 2

Which Layer 2 attack will result in a switch flooding incoming frames to all ports?

MAC address overflow

In a server-based AAA implementation, which protocol will allow the router to successfully communicate with the AAA server?

RADIUS

True or False? In the 802.1X standard, the client attempting to access the network is referred to as the supplicant.

True

What is the purpose of AAA accounting?

to collect and report application usage