Network authentication and Security Exam 1
If AAA is already enabled, which three CLI steps are required to configure a router with a specific view (Choose three.)
Assign a secret password to the view. Assign commands to the view. Create a view using the�parser view�view-name�command.
Which statement describes a characteristic of authorization in an AAA solution?
It works similarly to privilege levels and role-based CLI.
After accounting is enabled on an IOS device, how is a default accounting method list applied?
The default accounting method list is automatically applied to all interfaces, except those with named accounting method lists.
What port state is used by 802.1X if a workstation fails authorization?
unauthorized
Which type of security threat can be described as software that attaches to another program to execute a specific unwanted function?
virus
What type of malware has the primary objective of spreading across the network?
worm
Which statement describes phone freaking?
A hacker mimics a tone using a whistle to make free long-distance calls on an analog telephone network.
Users report to the helpdesk that icons usually seen on the menu bar are randomly appearing on their computer screens. What could be a reason that computers are displaying these random graphics?
A virus has infected the computers.
What is a significant characteristic of virus malware?
A virus is triggered by an event on the host system.
Which task is necessary to encrypt the transfer of data between the ACS server and the AAA-enabled router?
Configure the key exactly the same way on the server and the router.
Which statement accurately characterizes the evolution of network security?
Internal threats can cause even greater damage than external threats.
Which OSPF authentication should be used wherever possible, because MD5 authentication is considered vulnerable to attacks?
SHA
Which element of an SNMP implementation can be configured to respond to requests as well as to forward notifications?
SNMP agent
Which Cisco network security tool is a cloud-based service that provides alerts to network professionals about current network attacks?
Security Intelligence Operations
What is a characteristic of TACACS+?
TACACS+ provides authorization of router commands on a per-user or per-group basis.
Which statement identifies an important difference between TACACS+ and RADIUS?
The TACACS+ protocol allows for separation of authentication from authorization.
What is the result if an administrator configures the aaa authorization command prior to creating a user with full access rights?
The administrator is immediately locked out of the system.
Which two are characteristics of DoS attacks? (Choose two.)
They attempt to compromise the availability of a network, host, or application. Examples include smurf attacks and ping of death attacks
What is a drawback of the local database method of securing device access that can be solved by using AAA with centralized servers?
User accounts must be configured locally on each device, which is an unscalable authentication solution.
What is hyperjacking?
taking over a virtual machine hypervisor as part of a data center attack
What are two reasons for securing the data plane in the Cisco NFP framework? (Choose two.)
to protect against DoS�attacks� to provide bandwidth control
What is a main purpose of launching an access attack on network systems?
to retrieve data
Which two statements are characteristics of a virus? (Choose two.)
A virus typically requires end-user activation. A virus can be dormant and then activate at a specific time or date.
What is an effect if AAA authorization on a device is not configured?
Authenticated users are granted full access rights.
Which service is enabled on a Cisco router by default that can reveal significant information about the router and potentially make it more vulnerable to attack?
CDP
What tool is available through the Cisco IOS CLI to initiate security audits and to make recommended configuration changes with or without administrator input?
Cisco AutoSecure
What is the meaning of the principle of minimum trust when used to design network security?
Devices in networks should not access and use one another unnecessarily and unconditionally.
What is the first required task when configuring server-based AAA authentication?
Enable AAA globally.
Antivirus software can prevent viruses from entering the network.
False
True or False: Antivirus software can prevent viruses from entering the network.
False
Which two options provide secure remote access to a router? (Choose two.)
HTTPS SSH
When configuring a method list for AAA authentication, what is the effect of the keyword local?
It accepts a locally configured username, regardless of case.
What is the purpose of the�none�keyword in an AAA authentication configuration?
It allows users to log into the device without credentials if all other authentication methods fail.
Why is the�username�name�algorithm-type scrypt secret�password�command preferred over the�username�name�secret�password�command?
It uses the SCRYPT algorithm for encrypting passwords.
What is the biggest issue with local implementation of AAA?
Local implementation does not scale well.
Which two statements describe access attacks? (Choose two.)
Password attacks can be implemented using brute-force attack methods, Trojan Horses, or packet sniffers. Buffer overflow attacks write data beyond the allocated buffer memory to overwrite valid data or exploit systems to execute malicious code.
Which statement describes a difference between RADIUS and TACACS+?
RADIUS encrypts only the password whereas TACACS+ encrypts all communication.
Which of the following can be used to falsify routing information, cause DoS attacks, or cause traffic to be redirected?
Routing Protocol Spoofing
Which three options describe the phases of worm mitigation? (Choose three.)
The containment phase requires the use of incoming and outgoing ACLs on routers and firewalls. The inoculation phase patches uninfected systems with the appropriate vendor patch for the vulnerability. The treatment phase disinfects actively infected systems.
What three configuration steps must be performed to implement SSH access to a router? (Choose three.)
an IP domain name a user account a unique hostname
Which two network security solutions can be used to mitigate DoS attacks? (Choose two.)
anti-spoofing technologies intrusion protection systems
What is the primary means for mitigating virus and Trojan horse attacks?
antivirus software
Which technology provides the framework to enable scalable access security?
authentication, authorization, and accounting
How does a DoS attack take advantage of the stateful condition of target systems?
by continuously sending packets of unexpected size or unexpected data
Which security measure is typically found both inside and outside a data center facility?
continuous video surveillance
The Cisco Network Foundation Protection framework has three functional areas. The ________ �plane of a router is responsible for routing packets correctly.
data
Which packet type is user-generated and forwarded by a router?
data plane packet
Which two tasks are associated with router hardening? (Choose two.)
disabling unused ports and interfaces securing administrative access
What IOS privilege levels are available to assign for custom user-level privileges?
levels 2 through 14
A network administrator needs to protect a router against brute force login attempts. What is the correct�login-block-for�command syntax to disable login for 3 minutes if more than 3 failed attempts are made within a 2 minute period?
login block-for 180 attempts 3 within 120
What functional area of the Cisco Network Foundation Protection framework uses protocols such as Telnet and SSH to manage network devices?
management plane
Which three areas of router security must be maintained to secure an edge router at the network perimeter? (Choose three.)
physical security operating system security router hardening
How does a Cisco Secure ACS improve performance of the TACACS+ authorization process?
reduces delays in the authorization queries by using persistent TCP sessions
When role-based CLI is used, which�view is the only view that has the ability to add or remove commands from existing views?
root
What is considered a valid method of securing the control plane in the Cisco NFP framework?
routing protocol�authentication
What are two purposes of launching a reconnaissance attack on a network? (Choose two.)
to scan for accessibility to gather information about the network and devices