Network Security 1.0 Modules 5-7
What is a requirement to use the Secure Copy Protocol Feature?
A command must be issued to enable the SCP server side functionality.
Which two UDP ports numbers may be used for server-based AAA RADIUS authentication?(Choose Two)
1812 1645
Refer to the exhibit. What information in the syslog message identifies the facility?
OSPF
Which AAA component can be established using token cards?
Authentication
Because of implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this?
Authorization
What are three characteristics of super views in the Cisco role-based CLI access feature? (Choose three)
Commands cannot be configured for a superview. Deleting a superview does not delete the associated CLI views. A single CLI view can be shared within multiple superviews.
Which task is necessary to encrypt the transfer of data between the ACS server and the AAA-enabled router?
Configure the key exactly the same way on the server and the router.
Which three items are prompted for a user response during interactive AutoSecure Setup?
Content of a security banner Enable secret password Enable password
A network administrator is configuring an AAA server to manage TACAS+ authentication. What are two attributes of TACAS+ authentication? (Choose two)
Encryption for all communication Separate processes for authentication and authorization.
What are two characteristics of the RADIUS protocol? (Choose two)
Encryption of the password only The use of UDP ports for authentication and accounting
Refer to the exhibit. A student uses the show parser view all command to see a summary of all views configured on router R1. What is indicated by the symbol * next to JR-ADMIN.
It is a superview.
What are two characteristics of the CISCO IOS Resilient Configuration feature? (Choose two)
It saves a secure copy of the primary image and device configuration that cannot be removed by a user. It minimizes the downtime of a device that has had the image and configuration deleted.
Which Privilege level is predefined for the privileged EXEC Mode?
Level 15
What IOS privilege levels are available to assign for custom user-level privileges?
Levels 2 through 14
What is the one major difference between local AAA authentication and using the login local command when configuring device access authentication?
Local AAA authentication provides a way to configure backup methods of authentication, but login local does not.
What is the biggest issue with local implementation of AAA?
Local implementation does not scale well.
A student is learning role-based CLI access and CLI view configurations. The student opens Packet Tracer and adds a router. Which command should be used first for creating a CLI view name TECH-View?
Router (config)# aaa new-model
Refer to the exhibit. Based on the output of the show running-config command, which type of view is SUPPORT?
Superview, containing SHOWVIEW and VERIFYVIEW views
Refer to the exhibit. What two statements describe the NTP status of the router? (Choose two.)
The router is attached to a stratum 2 device. The IP address of the time source for the router is 192.168.1.1.
A network engineer is implementing security on all company router. Which two commands must be issued to force authentication via the password 1A2b3C for all OSPF-enabled interfaces in the backbone area of the company network? (Choose two)
area 0 authentication message-digest ip ospf message-digest-key 1 md5 1A2b3C
Which syslog message type is accessible only to an administrator and only via the Cisco CLI?
debugging
What is the primary function of the aaa authorization command?
limit authenticated user access to AAA client services.
Which authentication method stores usernames and passwords in the router and is ideal for small networks?
local AAA
A network administrator is analyzing the features supported by the multiple versions of SNMP. What are two features that are supported by SNMPv3 but not by SNMPv1 or SNMPv2c? (Choose two)
message encryption message source validation
An administrator needs to create a user account with custom access to most privileged EXEC commands. Which privilege command is used to create this custom account?
privilege exec level 2
Which command will move the show access-lists command to privilege level 14?
router(config)# privilege exec level 14 show access-lists
A student is learning about role-based views and role-based view configurations. The student enters the Router(config)# parser view TECH-view command. What is the purpose of this command?
to create a CLI view named TECH-view