WAN Tech EXAM Chapter 3,4,5
Which objective of secure communications is achieved by encrypting data? A. Confidentiality B. Authentication C. Integrity D. Availability
A. Confidentiality
To which category of security attacks does man-in-the-middle belong? A. Social Engineering B. Access C. DoS D. Reconnaissance
B. Access
The IT department is reporting that a company web server is receiving an abnormally high number of web page requests from different locations simultaneously. Which type of security attack is occurring? A. Phishing B. Social Engineering C. DDoS D. Adware E. Spyware
C. DDoS
What two ACEs could be used to deny IP traffic from a single source host 10.1.1.1 to the 192.168.0.0/16 network? (Choose two.) A. access-list 100 deny ip 192.168.0.0 0.0.255.255 host 10.1.1.1 B. access-list 100 deny ip 192.168.0.0 0.0.255.255 10.1.1.1 255.255.255.255 C. access-list 100 deny ip 192.168.0.0 0.0.255.255 10.1.1.1 0.0.0.0 D. acces-list 100 deny ip 10.1.1.1 255.255.255.255 192.168.0.0 0.0.255.255 E. access-list 100 deny ip 10.1.1.1 0.0.0.0 192.168.0.0 0.0.255.255 F. access-list 100 deny ip host 10.1.1.1 192.168.0.0 0.0.255.255
E. access-list 100 deny ip 10.1.1.1 0.0.0.0 192.168.0.0 0.0.255.255 F. access-list 100 deny ip host 10.1.1.1 192.168.0.0 0.0.255.255
An administrator has configured an access list on R1 to allow SSH administrative access from host 172.16.1.100. Which command correctly applies the ACL? A. R1(config-line)# access-class 1 in B. R1(config-line)# access-class 1 out C. R1(config-if)# ip access-group 1 out D. R1(config-if)# ip access-group 1 in
A. R1(config-line)# access-class 1 in
When creating an ACL, which keyword should be used to document and interpret the purpose of the ACL statement on a Cisco device? A. Remark B. Established C. EQ D. Description
A. Remark
What three items are components of the CIA triad? (Choose three.) A. Access B. Availability C. Intervention D. Confidentiality E. Integrity F. Scalability
B. Availability D. Confidentiality C. Integrity
Which scenario would cause an ACL misconfiguration and deny all traffic? A. Apply an ACL that has all deny ACE statements B. Apply a named ACL to a VTY line C. Apply a standard ACL in the inbound direction D. Apply a standard ACL using the IP access-group out command
A. Apply an ACL that has all deny ACE statements
Which location is recommended for extended numbered or extended named ACLs? A. A location centered between traffic destinations and sources to filter as much traffic as possible B. A location as close to the destination of traffic as possible C. A location as close to the source of traffic as possible D. If using the established keyword, a location close to the destination to ensure that return traffic is allowed
C. A location as close to the source of traffic as possible
Which type of DNS attack involves the cybercriminal compromising a parent domain and creating multiple subdomains to be used during the attacks? A. Cache poisoning B. Tunneling C. Shadowing D. Amplification and reflection
C. Shadowing
Which command will verify the number of packets that are permitted or denied by an ACL that restricts SSH access? A. show running-config B. show ip ssh C. show ip interface brief D. show access-lists
D. show access-lists
Which three statements describe ACL processing of packets? (Choose three.) A. Each statement is checked only until a match is detected or until the end of the ACE list B. An implicit deny any rejects any packets that does not match any ACE C. A packet that does not match the conditions of any ACE will be forwarded by default D. A packet that has been denied by one ACE can be permitted by a subsequent ACE E. A packet can either be rejected or forwarded as directed by the ACE that is matched
A, B, and E
A network administrator configures an ACL with the command R1(config)# access-list 1 permit 172.16.0.0 0.0.15.255. Which two IP addresses will match this ACL statement? (Choose two.) A. 172.16.15.36 B. 172.16.31.24 C. 172.16.0.255 D. 172.16.65.21 E. 172.16.16.12
A. 172.16.15.36 B. 172.16.0.255
What causes a buffer overflow? A. Attempting to write more data to a memory location than that location can hold B. Launching a security countermeasure to mitigate a Trojan horse C. Sending repeated connections as Telnet to a particular device, thus denying other data sources D. Sending too much information to two or more interfaces of the same device, thereby causing dropped packets E. Downloading and installing too many software updates at one time
A. Attempting to write more data to a memory location than that location can hold
A college student is studying for the Cisco CCENT certification and is visualizing extended access lists. Which three keywords could immediately follow the keywords permit or deny as part of an extended access list? (Choose three.) A. ICMP B. Telnet C. TCP D. WWW E. UDP F. FTP
A. ICMP C. TCP E. UDP
A cleaner attempts to enter a computer lab but is denied entry by the receptionist because there is no scheduled cleaning for that day. What type of attack was just prevented? A. Social engineering B. Trojan C. War driving D. Shoulder surfing E. Phishing
A. Social engineering
Consider the configured access list. R1# show access-listsextended IP access list 100deny tcp host 10.1.1.2 host 10.1.1.1 eq telnetdeny tcp host 10.1.2.2 host 10.1.2.1 eq telnetpermit ip any any (15 matches) What are two characteristics of this access list? (Choose two.) A. The access list has been applied to an interface B. Any device can telnet to the 10.1.2.1 device C. The 10.1.2.1 device is not allowed to telnet to the 10.1.2.2 device D. Any device on the 10.1.1.0/24 network (except the 10.1.1.2 device) can telnet to router that has the IP address 10.1.1.1 assigned E. Only the 10.1.1.2 device can telnet to the router that has the 10.1.1.1 IP address assigned F. A network administrator would not be able to tell if the access list has been applied to an interface or not
A. The access list has been applied to an interface D. Any device on the 10.1.1.0/24 network (except the 10.1.1.2 device) can telnet to router that has the IP address 10.1.1.1 assigned
Which two statements describe appropriate general guidelines for configuring and applying ACLs? (Choose two.) A. The most specific ACL statements should be entered first because of the top-down sequential nature of ACLs B. If an ACL contains no permit statements, all traffic is denied by default C. If a single ACL is to be applied to multiple interfaces, it must be configured with a unique number for each interface D. Multiple ACLs per protocol and per direction can be applied to an interface E. Standard ACLs are placed the closest to the source, whereas extended ACLs are placed closest to the destination
A. The most specific ACL statements should be entered first because of the top-down sequential nature of ACLs B. If an ACL contains no permit statements, all traffic is denied by default
The computers used by the network administrators for a school are on the 10.7.0.0/27 network. Which two commands are needed at a minimum to apply an ACL that will ensure that only devices that are used by the network administrators will be allowed Telnet access to the routers? (Choose two.) A. access-list 5 permit 10.7.0.0 0.0.0.31 B. access-class 5 in C. access-list standard VTY permit 10.7.0.0 0.0.0.127 D. ip access-group 5 out E. access-list 5 deny any F. ip access-group 5 in
A. access-list 5 permit 10.7.0.0 0.0.0.31 B. access-class 5 in
What single access list statement matches all of the following networks? 192.168.16.0, 192.168.17.0, 192.168.18.0, 192.168.19.0 A. Access-list 10 permit 192.168.16.0 0.0.0.255 B. Access-list 10 permit 192.168.16.0 0.0.3.255 C. Access-list 10 permit 192.168.0.0 0.0.15.255 D. Access-list 10 permit 192.168.16.0 0.0.15.255
B. Access-list 10 permit 192.168.16.0 0.0.3.255
Which cyber attack involves a coordinated attack from a botnet of zombie computers? A. MITM B. DDoS C. Address Spoofing D. ICMP redirect
B. DDoS
What specialized network device is responsible for enforcing access control policies between networks? A. Bridge B. Firewall C. IDS D. Switch
B. Firewall
Consider the access list command applied outbound on a router serial interface. access-list 100 deny icmp 192.168.10.0 0.0.0.255 any echo reply What is the effect of applying this access list command? A. Users on the 192.168.10.0/24 network are not allowed to transmit traffic to any other destination B. No traffic will be allowed outbound on the serial interface C. The only traffic denied is echo-replies sourced from the 192.168.10.0/24 network. All other traffic is allowed D. The only traffic denied is ICMP-based traffic. All other traffic is allowed
B. No traffic will be allowed outbound on the serial interface
What packets would match the access control list statement that is shown below? access-list 110 permit tcp 172.16.0.0 0.0.0.255 any eq 22 A. SSH traffic from any source network to the 172.16.0.0 network B. SSH traffic from the 172.16.0.0 network to any destination network C. Any TCP traffic from the 172.16.0.0 network to any destination D. Any TCP traffic from any host to the 172.16.0.0 network
B. SSH traffic from the 172.16.0.0 network to any destination network
When configuring router security, which statement describes the most effective way to use ACLs to control Telnet traffic that is destined to the router itself? A. The ACL must be applied to each vty line individually B. The ACL should be applied to all vty lines in the in direction to prevent an unwanted user from connecting to an unsecured port C. The ACL is applied to the Telnet port with the IP access-group command D. Apply the ACL to the vty lines without the in or out option required when applying ACLs to interfaces
B. The ACL should be applied to all vty lines in the in direction to prevent an unwanted user from connecting to an unsecured port
What is the role of an IPS? A. To filter traffic based on defined rules and connection context B. To detect patterns of malicious traffic by the use of signature files C. To enforce access control policies based on packet content D. To filter traffic based on Layer 7 information
B. To detect patterns of malicious traffic by the use of signature files
Consider the following output for an ACL that has been applied to a router via the access-class in command. What can a network administrator determine from the output that is shown? R1# <output omitted>Standard IP access list 210 permit 192.168.10.0, wildcard bits 0.0.0.255 (2 matches)20 deny any (1 match) A. Traffic from one device was not allowed to come into one router port and be routed outbound a different router port B. Two devices were able to use SSH or Telnet to gain access to the router C. Two devices connected to the router have IP addresses of 192.168.10.x D. Traffic from two devices was allowed to enter one router port and be routed outbound to a different router port
B. Two devices were able to use SSH or Telnet to gain access to the router
Which two types of hackers are typically classified as grey hat hackers? (Choose two.) A. Cyber criminals B. Vulnerability brokers C. Hacktivists D. Script kiddies E. State-sponsored hackers
B. Vulnerability brokers C. Hacktivists
Which operator is used in an ACL statement to match packets of a specific application? A. Established B. eq C. gt D. lt
B. eq
Which two commands will configure a standard ACL? (Choose two.) A. router(config)# access-list 10 permit 10.20.5.0 0.255.255.255 any B. router(config)# access-list 35 permit host 172.31.22.7 C. router(config)# access-list 45 permit 192.168.200.4 host D. router(config)# access-list 90 permit 192.168.10.5 0.0.0.0 E. router(config)# access-list 20 permit host 192.168.5.5 any any
B. router(config)# access-list 35 permit host 172.31.22.7 D. router(config)# access-list 90 permit 192.168.10.5 0.0.0.0
Which two conditions would cause a router to drop a packet? (Choose two.) A. No inbound ACL exists on the interface where the packet enters the router B. No outbound ACL exists on the interface where the packet exits the router C. No routing table entry exists for the packet destination, but the packet matches a permitted address in an outbound ACL D. The ACL that is affecting the packet does not contain at least one deny ACE E. The packet source address does not match the source as permitted in a standard inbound ACE
C. No routing table entry exists for the packet destination, but the packet matches a permitted address in an outbound ACL E. The packet source address does not match the source as permitted in a standard inbound ACE
What type of malware has the primary objective of spreading across the network? A. Trojan horse B. Botnet C. Worm D. Virus
C. Worm
Which access list statement permits HTTP traffic that is sourced from host 10.1.129.100 port 4300 and destined to host 192.168.30.10? A. access-list 101 permit tcp host 192.168.30.10 eq 80 10.1.0.0 0.0.255.255 eq 4300 B. access-list 101 permit tcp 10.1.129.0 0.0.0.255 eq www 192.168.30.10 0.0.0.0 eq www C. access-list 101 permit tcp 10.1.128.0 0.0.1.255 eq 4300 192.168.30.0 0.0.0.15 eq www D. access-list 101 permit tcp 192.168.30.10 0.0.0.0 eq 80 10.1.0.0 0.0.255.255 E. access-list 101 permit tcp any eq 4300
C. access-list 101 permit tcp 10.1.128.0 0.0.1.255 eq 4300 192.168.30.0 0.0.0.15 eq www
Which range represents all the IP addresses that are affected when network 10.120.160.0 with a wildcard mask of 0.0.7.255 is used in an ACE? A. 10.120.160.0 to 10.127.255.255 B. 10.120.160.0 to 10.120.191.255 C. 10.120.160.0 to 10.120.168.0 D. 10.120.160.0 to 10.120.167.255
D. 10.120.160.0 to 10.120.167.255
What is a significant characteristic of virus malware? A. Once installed on a host system, a virus will automatically propagate itself to other systems B. A virus can execute independently of the host system C. Virus malware is only distributed over the internet D. A virus is triggered by an event on the host system
D. A virus is triggered by an event on the host system
A network administrator is configuring an ACL to restrict access to certain servers in the data center. The intent is to apply the ACL to the interface connected to the data center LAN. What happens if the ACL is incorrectly applied to an interface in the inbound direction instead of the outbound direction? A. The ACL will analyze traffic after it is routed to the outbound interface B. All traffic is denied C. All traffic is permitted D. The ACL does not perform as designed
D. The ACL does not perform as designed
In applying an ACL to a router interface, which traffic is designated as outbound? A. Traffic is going form the destination IP address into the router B. Traffic for which the router can find no routing table entry C. Traffic that is coming from the source IP address into the router D. Traffic that is leaving the router and going toward the destination host
D. Traffic that is leaving the router and going toward the destination host
To facilitate the troubleshooting process, which inbound ICMP message should be permitted on an outside interface? A. Time-stamp reply B. echo request C. router advertisement D. time-stamp request E. echo reply
E. echo reply
If the provided ACEs are in the same ACL, which ACE should be listed first in the ACL according to best practice? A. Deny tcp any any eq telnet B. deny udp any host 172.16.1.5 eq snmptrap C. Permit UDP any any range 10000 20000 D. permit ip any any E. permit TCP 172.16.0.0 0.0.3.255 any established F. Permit UDP 172.16.0.0 0.0.255.255 host 172.16.1.5 eq snmptrap
F. Permit UDP 172.16.0.0 0.0.255.255 host 172.16.1.5 eq snmptrap
