CCNA Cybersecurity Operations (Version 1.1) - CyberOps Chapter 5 Exam
What are two uses of an access control list? (Choose two.) Standard ACLs can restrict access to specific applications and ports. ACLs provide a basic level of security for network access. ACLs can control which areas a host can access on a network. ACLs assist the router in determining the best path to a destination. ACLs can permit or deny traffic based upon the MAC address originating on the router.
ACLs can control which areas a host can access on a network. ACLs provide a basic level of security for network access.
Which protocol creates a virtual point-to-point connection to tunnel unencrypted traffic between Cisco routers from a variety of protocols? IPsec GRE IKE OSPF
GRE
What are two types of addresses found on network end devices? (Choose two.) MAC UDP IP return TCP
IP, MAC
Which protocol provides authentication, integrity, and confidentiality services and is a type of VPN? AES MD5 ESP IPsec
IPsec
What is a feature of the TACACS+ protocol? What is a feature of the TACACS+ protocol? It encrypts the entire body of the packet for more secure communications. It combines authentication and authorization as one process. It hides passwords during transmission using PAP and sends the rest of the packet in plaintext. It utilizes UDP to provide more efficient packet transfer.
It encrypts the entire body of the packet for more secure communications.
Which OSI layer header is rewritten with new addressing information by a router when forwarding between LAN segments? Layer 2 Layer 3 Layer 4 Layer 7
Layer 2
What is true concerning physical and logical topologies? Physical topologies are concerned with how a network transfers frames. The logical topology is always the same as the physical topology. Physical topologies display the IP addressing scheme of each network. Logical topologies refer to how a network transfers data between devices.
Logical topologies refer to how a network transfers data between devices.
Which protocol or service is used to automatically synchronize the software clocks on Cisco routers? SNMP DHCP DNS NTP
NTP
Which two statements are true about NTP servers in an enterprise network? (Choose two.) NTP servers control the mean time between failures (MTBF) for key network devices. NTP servers ensure an accurate time stamp on logging and debugging information. All NTP servers synchronize directly to a stratum 1 time source. There can only be one NTP server on an enterprise network. NTP servers at stratum 1 are directly connected to an authoritative time source.
NTP servers at stratum 1 are directly connected to an authoritative time source. NTP servers ensure an accurate time stamp on logging and debugging information.
End Device
Printer, PC, Smart Device
DMZ
Refer to the exhibit. The network "A" contains multiple corporate servers that are accessed by hosts from the Internet for information about the corporation. What term is used to describe the network marked as "A"?
Intermediary
Router, switch, firewall
Which parameter is commonly used to identify a wireless network name when a home wireless AP is being configured? SSID ESS ad hoc BESS
SSID
IPS and IDS
Security devices that use signatures to detect patterns in network traffic
Which device can control and manage a large number of corporate APs? switch WLC LWAP router
WLC
dynamic route
added when a protocol such as OSPF or EIGRP discovers a
What is the function of the distribution layer of the three-layer network design model? providing high speed connection to the network edge providing secure access to the Internet aggregating access layer connections providing direct access to the network
aggregating access layer connections
What does the TACACS+ protocol provide in a AAA deployment? AAA connectivity via UDP password encryption without encrypting the packet compatibility with previous TACACS protocols authorization on a per-user or per-group basis
authorization on a per-user or per-group basis
directly connected interface
automatically added when an interface is configured and active
What is a function of a proxy firewall? drops or forwards traffic based on packet header information filters IP traffic between bridged interfaces connects to remote servers on behalf of clients uses signatures to detect patterns in network traffic
connects to remote servers on behalf of clients
A Cisco router is running IOS 15. What are the two routing table entry types that will be added when a network administrator brings an interface up and assigns an IP address to the interface? (Choose two.) local route interface directly connected interface route that is manually entered by a network administrator route that is learned via OSPF route that is learned via EIGRP
directly connected interface local route interface
Which layer of the hierarchical design model is a control boundary between the other layers? access core network distribution
distribution
packet filter firewall
enforces an access control policy based on packet content
stateful firewall
filters traffic based on defined rules as well as connection context
application gateway
filters traffic on layer 7 information
local route interface
found only in routers running IOS 15+ or IPv6 routing
static route
manually configured by a network administrator
For which discovery mode will an AP generate the most traffic on a WLAN? mixed mode open mode passive mode active mode
passive mode
Which wireless parameter is used by an access point to broadcast frames that include the SSID? passive mode channel setting security mode active mode
passive mode
Which two features are included by both TACACS+ and RADIUS protocols? (Choose two.) 802.1X support password encryption SIP support utilization of transport layer protocols separate authentication and authorization processes
password encryption utilization of transport layer protocols
What is the only attribute used by standard access control lists to identify traffic? source MAC address protocol type source TCP port source IP address
source IP address
Which LAN topology requires a central intermediate device to connect end devices? mesh bus star ring
star
Which protocol or service allows network administrators to receive system messages that are provided by network devices? NetFlow SNMP NTP syslog
syslog
What information within a data packet does a router use to make forwarding decisions? the destination host name the destination MAC address the destination IP address the destination service requested
the destination IP address
What is the role of an IPS? to detect patterns of malicious traffic by the use of signature files to filter traffic based on defined rules and connection context to enforce access control policies based on packet content to filter traffic based on Layer 7 information
to detect patterns of malicious traffic by the use of signature files
