Modules 11-12 group exam cyberops
What are two disadvantages of using an IDS? (Choose two.) a. the IDS has no impact on traffic b. the IDS does not stop malicious traffic c. the IDS works offline using copies of network traffic d. the IDS requires other devices to respond to attacks e. the IDS analyzes actual forwarded packets.
b, d
Which AAA component can be established using token cards? a. accounting b. authorization c. auditing d. authentication
d
In which memory location is the routing table of a router maintained? a. RAM b. NVRAM c. flash d. ROM
a
What action does an Ethernet switch take when it receives a frame with an unknown Layer 2 source address? a. it records the source address in the address table of the switch b. it drops the frame c. it forwards the frame out all interfaces except the interface on which it was received d. it forwards the frame to the default gateway
a
What is a characteristic of a hub? a. regenerates signals received on one port out all other ports b. operates at Layer 2 c. uses CSMA/CA to avoid collisions d. subdivides the network into collision domains
a
What is a characteristic of a routed port that is configured on a Cisco switch? a. it is assigned an IP address b. it runs STP to prevent loops c. it supports subinterfaces d. it is associated with a single VLAN
a
What is a characteristic of the WLAN passive discover mode? a. the AP periodically sends beacon frames containing the SSID b. the beaconing feature on the AP is disabled c. the client begins the discover process by sending a probe request d. the client must know the name of the SSID to begin the discover process
a
What is the first step in the CSMA/CA process when a wireless client is attempting to communicate on the wireless network? a. the client listens for traffic on the channel b. the client sends an RTS message to the AP c. the AP sends a CTS message to the client d. the client sends a test frame onto the channel
a
What is used on WLANs to avoid packet collisions? a. CSMA/CA b. STP c. VLANs d. SVIs
a
What network security device enforces an access control policy on packet content? a. packet filter firewall b. IPS c. application gateway d. stateful firewall
a
What type of route is created when a network administrator manually configures a route that has an active exit interface? a. static b. directly connected c. local d. dynamic
a
Which firewall feature is used to ensure that packets coming into a network are legitimate responses to requests initiated from internal hosts? a. stateful packet inspection b. URL filtering c. application filtering d. packet filtering
a
Which security service is a series of commands that control whether a device forwards or drops packets? a. ACL b. SNMP c. NetFlow d. port mirroring
a
A Cisco router is running IOS 15. what are the two routing table entry types that will be added when a network administrator brings an interface up and assigns an IP address to the interface? (Choose two.) a. directly connected interface b. local route interface c. route that is learned via EIGRP d. route that is learned via OSPF e. route that is manually entered by a network administrator
a, b
Lightweight access points forward data between which two devices on the network? (Choose two.) a. wireless client b. wireless LAN controller c. wireless router d. default gateway e. autonomous access point
a, b
What are two types of addresses found on network end devices? (choose two) a. IP b. MAC c. return d. TCP e. UDP
a, b
Which two protocols are link-state routing protocols? (choose two) a. OSPF b. ISIS c. BGP d. RIP e. EIGRP
a, b
What are the three parts of all Layer 2 frames? (Choose three.) a. header b. payload c. frame check sequence d. time-to-live e. sequence number f. source and destination IP address
a, b, c
Which two devices would commonly be found at the access layer of the hierarchical enterprise LAN design model? (choose two) a. access point b. firewall c. Layer 2 switch d. Layer 3 device e. modular switch
a, c
Which of the following are intermediary devices? a. firewall b. PC c. printer d. router e. smart device f. switch
a, d, f
What Wi-Fi management frame is regularly broadcast by APs to announce their presence? a. probe b. beacon c. association d. authentication
b
What information within a data packet does a router use to make forwarding decisions? a. the destination MAC address b. the destination IP address c. the destination host name d. the destination service requested
b
What is a function of SNMP? a. provides statistical analysis on packets flowing through a Cisco router or multilayer switch b. provides a message format for communication between network device managers and agents c. captures packets entering and exiting the network interface card d. synchronizes the time across all devices on the network
b
What is the function of the distribution layer of the three-layer network design model? a. providing direct access to the network b. aggregating access layer connections c. providing secure access to the Internet d. providing high speed connection to the network edge
b
What network security device uses signatures to detect patterns in network traffic? a. packet filter firewall b. IPS c. application gateway d. stateful firewall
b
Which characteristic describes a wireless client operating in active mode? a. ability to dynamically change channels b. must know the SSID to connect to an AP c. must be configured for security before attaching to an AP d. broadcasts probes that request the SSID
b
Which security service allows administrators to manage network devices? a. ACL b. SNMP c. NetFlow d. port mirroring
b
Which technique is necessary to ensure a private transfer of data using a VPN? a. authorization b. encryption c. scalability d. virutalization
b
What two components of traditional web security appliances are examples of functions integrated into a Cisco Web Security Appliance? (Choose two.) a. firewall b. URL filtering c. web reporting d. VPN connection e. email virus and spam filtering
b, c
Which of the following are end devices? (Choose three) a. firewall b. PC c. printer d. router e. smart device f. switch
b, c, e
In the data gathering process, which type of device will listen for traffic, but only gather traffic statistics? a. NMS b. syslog server c. NetFlow collector d. SNMP agent
c
What network security device filters traffic on Layer 7 information? a. packet filter firewall b. IPS c. application gateway d. stateful firewall
c
Which routing protocol is used to exchange routes between internet service providers? a. ISIS b. OSPF c. BGP d. RIP
c
Which security service provides statistics on packets flowing through a Cisco router or multilayer switch? a. ACL b. SNMP c. NetFlow d. port mirroring
c
Which statement describes a difference between RADIUS and TACACS+? a. RADIUS uses TCP whereas TACACS+ uses UDP b. RADIUS is supported by the Cisco Secure ACS software whereas TACACS+ is not c. RADIUS encrypts only the password whereas TACACS+ encrypts all communication d. RADIUS separates authentication and authorization whereas TACACS+ combines them as one process
c
Which statement describes one of the rule that govern interface behavior in the context of implementing a zone-based policy firewall configuration? a. an administrator can assign an interface to multiple security zones b. an administrator can assign interfaces to zones, regardless of whether the zone has been configured c. by default, traffic is allowed to flow among interfaces that are members of the same zone d. by default, traffic is allowed to flow between a zone member interface and any interface that is not a zone member
c
Which two statements are true about NTP servers in an enterprise network? (Choose two) a. there can only be one NTP server on an enterprise network b. all NTP servers synchronize directly to a stratum 1 time source c. NTP servers at stratum 1 are directly connected to an authoritative time source d. NTP servers ensure an accurate time stamp on logging and debugging information e. NTP servers control the mean time between failures (MTBF) for key network devices
c, d
What is a host-based intrusion detection system (HIDS)? a. it is an agentless system that scans files on a host for potential malware b. it identifies potential attacks and sends alerts but does not stop the traffic c. it detects and stops potential direct attacks but does not scan for malware d. it combines the functionalities of antimalware applications with firewall protection
d
What is an advantage of HIPS that is not provided by IDS? a. HIPS provides quick analysis of events through detailed logging b. HIPS deploys sensors at network entry points and protects critical network segments c. HIPS monitors network processes and protects critical files d. HIPS protects critical system resources and monitors operating system processes
d
What network security device filters traffic based on defined rules as well as connection context? a. packet filter firewall b. IPS c. application gateway d. stateful firewall
d
Which security service allows a switch to make duplicate copies of traffic that is sent to a traffic analyzer? a. ACL b. SNMP c. NetFlow d. port mirroring
d
Which statement describes a VPN? a. VPNs use dedicated physical connections to transfer data between remote users b. VPNs use logical connections to create public networks through the Internet c. VPNs use open source virtualization software to create the tunnel through the Internet d. VPNs use virtual connections to create a private network through a public network
d