Network Security V1.0 Chapters 1-10
What is a requirement to use the Secure Copy Protocol feature? At least one user with privilege level 1 has to be configured for local authentication. A command must be issued to enable the SCP server side functionality. A transfer can only originate from SCP clients that are routers. The Telnet protocol has to be configured on the SCP server side.
A command must be issued to enable the SCP server side functionality.
A network administrator configures an ACL with the command R1(config)# access-list 1 permit 172.16.0.0 0.0.15.255 . Which two IP addresses will match this ACL statement? (Choose two.) 172.16.0.255 172.16.15.36 172.16.16.12 172.16.31.24 172.16.65.21
172.16.0.255 172.16.15.36
Which two UDP port numbers may be used for server-based AAA RADIUS authentication? (Choose two.) 1812 1645 1813 1646 49
1812 1645
When implementing components into an enterprise network, what is the purpose of a firewall? A firewall is a system that inspects network traffic and makes forwarding decisions based solely on Layer 2 Ethernet MAC addresses. A firewall is a system that is designed to secure, monitor, and manage mobile devices, including corporate-owned devices and employee-owned devices. A firewall is a system that stores vast quantities of sensitive and business-critical information. A firewall is a system that enforces an access control policy between internal corporate networks and external networks.
A firewall is a system that enforces an access control policy between internal corporate networks and external networks.
What are two possible limitations of using a firewall in a network? (Choose two.) It provides accessibility of applications and sensitive resources to external untrusted users. It increases security management complexity by requiring off-loading network access control to the device. A misconfigured firewall can create a single point of failure. Network performance can slow down. It cannot sanitize protocol flows.
A misconfigured firewall can create a single point of failure. Network performance can slow down.
What are two differences between stateful and stateless firewalls? (Choose two.) A stateless firewall is able to filter sessions that use dynamic port negotiations while a stateful firewall cannot. A stateless firewall will examine each packet individually while a stateful firewall observes the state of a connection. A stateless firewall will provide more logging information than a stateful firewall. A stateful firewall will prevent spoofing by determining whether packets belong to an existing connection while a stateless firewall follows pre-configured rule sets. A stateless firewall provides more stringent control over security than a stateful firewall.
A stateless firewall will examine each packet individually while a stateful firewall observes the state of a connection. A stateful firewall will prevent spoofing by determining whether packets belong to an existing connection while a stateless firewall follows pre-configured rule sets.
What is the result in the self zone if a router is the source or destination of traffic? No traffic is permitted. All traffic is permitted. Only traffic that originates in the router is permitted. Only traffic that is destined for the router is permitted.
All traffic is permitted.
Which three statements describe ACL processing of packets? (Choose three.) An implicit deny any rejects any packet that does not match any ACE. A packet can either be rejected or forwarded as directed by the ACE that is matched. A packet that has been denied by one ACE can be permitted by a subsequent ACE. A packet that does not match the conditions of any ACE will be forwarded by default. Each statement is checked only until a match is detected or until the end of the ACE list. Each packet is compared to the conditions of every ACE in the ACL before a forwarding decision is made.
An implicit deny any rejects any packet that does not match any ACE. A packet can either be rejected or forwarded as directed by the ACE that is matched. Each statement is checked only until a match is detected or until the end of the ACE list.
Refer to the exhibit. What is the result of adding the established argument to the end of the ACE? Any traffic is allowed to reach the 192.168.254.0 255.255.254.0 network. Any IP traffic is allowed to reach the 192.168.254.0 255.255.254.0 network as long as it is in response to an originated request. 192.168.254.0 /23 traffic is allowed to reach any network. Any TCP traffic is allowed to reach the 192.168.254.0 255.255.254.0 network if it is in response to an originated request.
Any TCP traffic is allowed to reach the 192.168.254.0 255.255.254.0 network if it is in response to an originated request.
Which two characteristics are shared by both standard and extended ACLs? (Choose two.) Both kinds of ACLs can filter based on protocol type. Both can permit or deny specific services by port number. Both include an implicit deny as a final statement. Both filter packets for a specific destination host IP address. Both can be created by using either a descriptive name or number.
Both include an implicit deny as a final statement. Both can be created by using either a descriptive name or number.
What are three characteristics of superviews in the Cisco role-based CLI access feature? (Choose three.) A user uses the command enable view superview-name to enter a superview. A user uses a superview to configure commands inside associated CLI views. Commands cannot be configured for a superview. Level 15 privilege access is used to configure a new superview. Deleting a superview does not delete the associated CLI views. A single CLI view can be shared within multiple superviews.
Commands cannot be configured for a superview. Deleting a superview does not delete the associated CLI views. A single CLI view can be shared within multiple superviews.
Refer to the exhibit. A student uses the show parser view all command to see a summary of all views configured on router R1. What is indicated by the symbol * next to JR-ADMIN? It is a root view. It is a CLI view without a command configured. It is a superview. It is a CLI view.
It is a superview.
An administrator defined a local user account with a secret password on router R1 for use with SSH. Which three additional steps are required to configure R1 to accept only encrypted SSH connections? (Choose three.) Configure DNS on the router. Configure the IP domain name on the router. Generate two-way pre-shared keys. Configure a host name other than "Router". Enable inbound vty Telnet sessions. Generate crypto keys.
Configure the IP domain name on the router. Configure a host name other than "Router". Generate crypto keys.
Which task is necessary to encrypt the transfer of data between the ACS server and the AAA-enabled router? Configure the key exactly the same way on the server and the router. Specify the single-connection keyword. Create a VPN tunnel between the server and the router. Use identical reserved ports on the server and the router.
Configure the key exactly the same way on the server and the router.
What is the first step in configuring a Cisco IOS zone-based policy firewall via the CLI? Define traffic classes. Assign router interfaces to zones. Define firewall policies. Assign policy maps to zone pairs. Create zones.
Create zones.
Which security feature or device would more likely be used within a CAN than a SOHO or data center? security trap ESA/WSA virtual security gateway wireless router exit sensors
ESA/WSA
What are two characteristics of ACLs? (Choose two.) Extended ACLs can filter on destination TCP and UDP ports. Standard ACLs can filter on source TCP and UDP ports. Extended ACLs can filter on source and destination IP addresses. Standard ACLs can filter on source and destination IP addresses. Standard ACLs can filter on source and destination TCP and UDP ports.
Extended ACLs can filter on destination TCP and UDP ports. Extended ACLs can filter on source and destination IP addresses.
Which two rules about interfaces are valid when implementing a Zone-Based Policy Firewall? (Choose two.) If neither interface is a zone member, then the action is to pass traffic. If one interface is a zone member, but the other is not, all traffic will be passed. If both interfaces belong to the same zone-pair and a policy exists, all traffic will be passed. If both interfaces are members of the same zone, all traffic will be passed. If one interface is a zone member and a zone-pair exists, all traffic will be passed.
If neither interface is a zone member, then the action is to pass traffic. If both interfaces are members of the same zone, all traffic will be passed.
Which security measure is best used to limit the success of a reconnaissance attack from within a campus area network? Implement restrictions on the use of ICMP echo-reply messages. Implement a firewall at the edge of the network. Implement access lists on the border router. Implement encryption for sensitive traffic.
Implement encryption for sensitive traffic.
To facilitate the troubleshooting process, which inbound ICMP message should be permitted on an outside interface? echo request echo reply time-stamp request time-stamp reply router advertisement
excho reply
What is the purpose of mobile device management (MDM) software? It is used to create a security policy. It is used to implement security policies, setting, and software configurations on mobile devices. It is used to identify potential mobile device vulnerabilities. It is used by threat actors to penetrate the system.
It is used to implement security policies, setting, and software configurations on mobile devices.
What are two characteristics of the Cisco IOS Resilient Configuration feature? (Choose two.) It maintains a mirror image of the configuration file in RAM. It sends a backup copy of the IOS image to a TFTP server. It saves a secure copy of the primary image and device configuration that cannot be removed by a user. It minimizes the downtime of a device that has had the image and configuration deleted. It is a universal feature that can be activated on all Cisco devices.
It saves a secure copy of the primary image and device configuration that cannot be removed by a user. It minimizes the downtime of a device that has had the image and configuration deleted.
Which two practices are associated with securing the features and performance of router operating systems? (Choose two.) Install a UPS. Keep a secure copy of router operating system images. Configure the router with the maximum amount of memory possible. Disable default router services that are not necessary. Reduce the number of ports that can be used to access the router.
Keep a secure copy of router operating system images. Configure the router with the maximum amount of memory possible.
Which privilege level is predefined for the privileged EXEC mode? level 0 level 1 level 15 level 16
Level 15
What functional area of the Cisco Network Foundation Protection framework is responsible for device-generated packets required for network operation, such as ARP message exchanges and routing advertisements? data plane control plane management plane forwarding plane
control plane
What is the one major difference between local AAA authentication and using the login local command when configuring device access authentication? The login local command requires the administrator to manually configure the usernames and passwords, but local AAA authentication does not. Local AAA authentication allows more than one user account to be configured, but login local does not. Local AAA authentication provides a way to configure backup methods of authentication, but login local does not. The login local command uses local usernames and passwords stored on the router, but local AAA authentication does not.
Local AAA authentication provides a way to configure backup methods of authentication, but login local does not.
What is the biggest issue with local implementation of AAA? Local implementation supports only TACACS+ servers. Local implementation cannot provide secure authentication. Local implementation does not scale well. Local implementation supports only RADIUS servers.
Local implementation does not scale well.
Refer to the exhibit. What information in the syslog message identifies the facility? ADJCHG Loading Done OSPF level 5
OSPF
What two steps provide the quickest way to completely remove an ACL from a router? (Choose two.) Removal of the ACEs is the only step required. Modify the number of the ACL so that it doesn't match the ACL associated with the interface. Copy the ACL into a text editor, add no before each ACE, then copy the ACL back into the router. Remove the inbound/outbound reference to the ACL from the interface. Use the no access-list command to remove the entire ACL. Use the no keyword and the sequence number of every ACE within the named ACL to be removed.
Remove the inbound/outbound reference to the ACL from the interface. Use the no access-list command to remove the entire ACL.
A student is learning role-based CLI access and CLI view configurations. The student opens Packet Tracer and adds a router. Which command should be used first for creating a CLI view named TECH-View? Router# enable view Router(config)# aaa new-model Router# enable view TECH-view Router(config)# parser view TECH-view
Router(config)# aaa new-model
Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds? RouterA(config)# login block-for 10 attempts 2 within 30 RouterA(config)# login block-for 30 attempts 2 within 10 RouterA(config)# login block-for 2 attempts 30 within 10 RouterA(config)# login block-for 30 attempts 10 within 2
RouterA(config)# login block-for 30 attempts 2 within 10
Which two statements describe the two configuration models for Cisco IOS firewalls? (Choose two.) ZPF must be enabled in the router configuration before enabling an IOS Classic Firewall. The IOS Classic Firewall and ZPF cannot be combined on a single interface. IOS Classic Firewalls and ZPF models can be enabled on a router concurrently. Both IOS Classic Firewall and ZPF models require ACLs to define traffic filtering policies. IOS Classic Firewalls must be enabled in the router configuration before enabling ZPF.
The IOS Classic Firewall and ZPF cannot be combined on a single interface. IOS Classic Firewalls and ZPF models can be enabled on a router concurrently.
Refer to the exhibit. What two statements describe the NTP status of the router? (Choose two.) The router is serving as an authoritative time source. The software clock for the router must be configured with the set clock command so that NTP will function properly. The router is attached to a stratum 2 device. The router is serving as a time source for the device at 192.168.1.1. The IP address of the time source for the router is 192.168.1.1.
The IP address of the time source for the router is 192.168.1.1. The router is attached to a stratum 2 device.
A user is curious about how someone might know a computer has been infected with malware. What are two common malware behaviors? (Choose two.) The computer emits a hissing sound every time the pencil sharpener is used. The computer beeps once during the boot process. The computer gets increasingly slower to respond. No sound emits when an audio CD is played. The computer freezes and requires reboots.
The computer gets increasingly slower to respond. The computer freezes and requires reboots.
Which statement describes Cisco IOS Zone-Based Policy Firewall operation? The pass action works in only one direction. Router management interfaces must be manually assigned to the self zone. A router interface can belong to multiple zones. Service policies are applied in interface configuration mode.
The pass action works in only one direction.
What two statements describe characteristics of IPv6 access control lists? (Choose two.) They permit ICMPv6 router advertisements by default. They can be named or numbered. They include two implicit permit statements by default. They are applied to an interface with the ip access-group command . They use prefix lengths to indicate how much of an address to match.
They include two implicit permit statements by default. They use prefix lengths to indicate how much of an address to match.
A network administrator enters the service password-encryption command into the configuration mode of a router. What does this command accomplish? This command encrypts passwords as they are transmitted across serial WAN links. This command prevents someone from viewing the running configuration passwords. This command enables a strong encryption algorithm for the enable secret password command. This command automatically encrypts passwords in configuration files that are currently stored in NVRAM. This command provides an exclusive encrypted password for external service personnel who are required to do router maintenance.
This command prevents someone from viewing the running configuration passwords.
When implementing a ZPF, what is the default security setting when forwarding traffic between two interfaces in the same zone? Traffic between interfaces in the same zone is selectively forwarded based on Layer 3 information. Traffic between interfaces in the same zone is not subject to any policy and passes freely. Traffic between interfaces in the same zone is blocked. Traffic between interfaces in the same zone is selectively forwarded based on the default policy restrictions.
Traffic between interfaces in the same zone is not subject to any policy and passes freely.
How does a firewall handle traffic when it is originating from the public network and traveling to the private network? Traffic that is originating from the public network is not inspected when traveling to the private network. Traffic that is originating from the public network is usually blocked when traveling to the private network. Traffic that is originating from the public network is usually permitted with little or no restrictions when traveling to the private network. Traffic that is originating from the public network is selectively permitted when traveling to the private network.
Traffic that is originating from the public network is usually blocked when traveling to the private network.
Which statement describes a typical security policy for a DMZ firewall configuration? Traffic that originates from the DMZ interface is selectively permitted to the outside interface. Return traffic from the inside that is associated with traffic originating from the outside is permitted to traverse from the inside interface to the outside interface. Return traffic from the outside that is associated with traffic originating from the inside is permitted to traverse from the outside interface to the DMZ interface. Traffic that originates from the inside interface is generally blocked entirely or very selectively permitted to the outside interface. Traffic that originates from the outside interface is permitted to traverse the firewall to the inside interface with few or no restrictions.
Traffic that originates from the DMZ interface is selectively permitted to the outside interface.
Passwords can be used to restrict access to all or parts of the Cisco IOS. Select the modes and interfaces that can be protected with passwords. (Choose three.) VTY interface console interface Ethernet interface boot IOS mode privileged EXEC mode router configuration mode
VTY interface console interface privileged EXEC mode
A company has several sales offices distributed within a city. Each sales office has a SOHO network. What are two security features that are commonly found in such a network configuration? (Choose two.) biometric verifications WPA2 Virtual Security Gateway within Cisco Nexus switches Cisco ASA firewall port security on user facing ports
WPA2 port security on user facing ports
Which two pieces of information are required when creating a standard access control list? (Choose two.) access list number between 1 and 99 source address and wildcard mask destination address and wildcard mask subnet mask and wildcard mask access list number between 100 and 199
access list number between 1 and 99 source address and wildcard mask
What single access list statement matches all of the following networks? 192.168.16.0 192.168.17.0 192.168.18.0 192.168.19.0 access-list 10 permit 192.168.16.0 0.0.3.255 access-list 10 permit 192.168.16.0 0.0.0.255 access-list 10 permit 192.168.16.0 0.0.15.255 access-list 10 permit 192.168.0.0 0.0.15.255
access-list 10 permit 192.168.16.0 0.0.3.255
Which type of firewall makes use of a proxy server to connect to remote servers on behalf of clients? stateful firewall stateless firewall packet filtering firewall application gateway firewall
application gateway firewall
A network engineer is implementing security on all company routers. Which two commands must be issued to force authentication via the password 1A2b3C for all OSPF-enabled interfaces in the backbone area of the company network? (Choose two.) area 0 authentication message-digest ip ospf message-digest-key 1 md5 1A2b3C username OSPF password 1A2b3C enable password 1A2b3C area 1 authentication message-digest
area 0 authentication message-digest ip ospf message-digest-key 1 md5 1A2b3C
Which AAA component can be established using token cards? accounting authorization auditing authentication
authentication
Because of implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this? accessibility accounting auditing authentication authorization
authorization
What is one benefit of using a stateful firewall instead of a proxy server? ability to perform user authentication better performance ability to perform packet filtering prevention of Layer 7 attacks
better performance
On which two interfaces or ports can security be improved by configuring executive timeouts? (Choose two.) Fast Ethernet interfaces console ports serial interfaces vty ports loopback interfaces
console ports vty ports
Which two keywords can be used in an access control list to replace a wildcard mask or address and wildcard mask pair? (Choose two.) most host all any some gt
host any
A security service company is conducting an audit in several risk areas within a major corporation. What statement describes the risk of using social networking? sensitive data lost through access to the cloud that has been compromised due to weak security settings gaining illegal access to corporate data by stealing passwords or cracking weak passwords data loss through access to personal or corporate instant messaging and social media sites the retrieval of confidential or personal information from a lost or stolen device that was not configured to use encryption software
data loss through access to personal or corporate instant messaging and social media sites
Which syslog message type is accessible only to an administrator and only via the Cisco CLI? errors alerts debugging emergency
debugging
A security specialist designs an ACL to deny access to a web server from all sales staff. The sales staff are assigned addressing from the IPv6 subnet 2001:db8:48:2c::/64. The web server is assigned the address 2001:db8:48:1c::50/64. Configuring the WebFilter ACL on the LAN interface for the sales staff will require which three commands? (Choose three.) permit tcp any host 2001:db8:48:1c::50 eq 80 deny tcp host 2001:db8:48:1c::50 any eq 80 deny tcp any host 2001:db8:48:1c::50 eq 80 permit ipv6 any any deny ipv6 any any ip access-group WebFilter in ipv6 traffic-filter WebFilter in
deny tcp any host 2001:db8:48:1c::50 eq 80 permit ipv6 any any ipv6 traffic-filter WebFilter in
Designing a ZPF requires several steps. Which step involves dictating the number of devices between most-secure and least-secure zones and determining redundant devices? determine the zones design the physical infrastructure establish policies between zones identify subsets within zones and merge traffic requirements
design the physical infrastructure
What is the motivation of a white hat attacker? fine tuning network devices to improve their performance and efficiency taking advantage of any vulnerability for illegal personal gain studying operating systems of various platforms to develop a new system discovering weaknesses of networks and systems to improve the security level of these systems
discovering weaknesses of networks and systems to improve the security level of these systems
Which three items are prompted for a user response during interactive AutoSecure setup? (Choose three.) IP addresses of interfaces content of a security banner enable secret password services to disable enable password interfaces to enable
enable secret password content of a security banner enable password
A network administrator is configuring an AAA server to manage TACACS+ authentication. What are two attributes of TACACS+ authentication? (Choose two.) TCP port 40 encryption for all communication single process for authentication and authorization UDP port 1645 encryption for only the password of a user separate processes for authentication and authorization
encryption for all communication separate processes for authentication and authorization
What IOS privilege levels are available to assign for custom user-level privileges? levels 1 through 15 levels 0, 1, and 15 levels 2 through 14 levels 0 and 1
levels 2 through 14
What is the primary function of the aaa authorization command? permit AAA server access to AAA client services limit authenticated user access to AAA client services permit authenticated user access to AAA client services limit AAA server access to AAA client services
limit authenticated user access to AAA client services
Which authentication method stores usernames and passwords in the router and is ideal for small networks? server-based AAA over TACACS+ local AAA over RADIUS server-based AAA local AAA over TACACS+ local AAA server-based AAA over RADIUS
local AAA
Which attack involves threat actors positioning themselves between a source and destination with the intent of transparently monitoring, capturing, and controlling the communication? man-in-the-middle attack SYN flood attack DoS attack ICMP attack
man-in-the-middle attack
A network administrator is analyzing the features supported by the multiple versions of SNMP. What are two features that are supported by SNMPv3 but not by SNMPv1 or SNMPv2c? (Choose two.) message encryption community-based security SNMP trap mechanism message source validation bulk retrieval of MIB information
message encryption message source validation
What is one limitation of a stateful firewall? weak user authentication cannot filter unnecessary traffic not as effective with UDP- or ICMP-based traffic poor log information
not as effective with UDP- or ICMP-based traffic
When a Cisco IOS zone-based policy firewall is being configured, which three actions can be applied to a traffic class? (Choose three.) pass shape reroute queue inspect drop
pass inspect drop
Refer to the exhibit. A network administrator created an IPv6 ACL to block the Telnet traffic from the 2001:DB8:CAFE:10::/64 network to the 2001:DB8:CAFE:30::/64 network. What is a command the administrator could use to allow only a single host 2001:DB8:CAFE:10::A/64 to telnet to the 2001:DB8:CAFE:30::/64 network? permit tcp 2001:DB8:CAFE:10::A/64 2001:DB8:CAFE:30::/64 eq 23 permit tcp 2001:DB8:CAFE:10::A/64 eq 23 2001:DB8:CAFE:30::/64 permit tcp host 2001:DB8:CAFE:10::A eq 23 2001:DB8:CAFE:30::/64 permit tcp host 2001:DB8:CAFE:10::A 2001:DB8:CAFE:30::/64 eq 23 sequence 5
permit tcp host 2001:DB8:CAFE:10::A 2001:DB8:CAFE:30::/64 eq 23 sequence 5
If the provided ACEs are in the same ACL, which ACE should be listed first in the ACL according to best practice? permit ip any any permit udp 172.16.0.0 0.0.255.255 host 172.16.1.5 eq snmptrap permit tcp 172.16.0.0 0.0.3.255 any established permit udp any any range 10000 20000 deny udp any host 172.16.1.5 eq snmptrap deny tcp any any eq telnet
permit udp 172.16.0.0 0.0.255.255 host 172.16.1.5 eq snmptrap
Which two types of addresses should be denied inbound on a router interface that attaches to the Internet? (Choose two.) private IP addresses any IP address that starts with the number 127 any IP address that starts with the number 1 NAT translated IP addresses public IP addresses
private IP addresses any IP address that starts with the number 127
An administrator needs to create a user account with custom access to most privileged EXEC commands. Which privilege command is used to create this custom account? privilege exec level 15 privilege exec level 0 privilege exec level 1 privilege exec level 2
privilege exec level 2
When creating an ACL, which keyword should be used to document and interpret the purpose of the ACL statement on a Cisco device? remark description established eq
remark
What are two data protection functions provided by MDM? (Choose two.) remote wiping PIN locking inoculation quarantine physical security
remote wiping PIN locking
What are two evasion methods used by hackers? (Choose two.) scanning access attack resource exhaustion phishing encryption
resource exhaustion encryption
Which security implementation will provide management plane protection for a network device? antispoofing routing protocol authentication role-based access control access control lists
role-based access control
Which command will move the show access-lists command to privilege level 14? router(config)# privilege level 14 command show access-lists router(config)# privilege exec level 14 show access-lists router(config)# set privilege level 14 show access-lists router(config)# show access-lists privilege level 14
router(config)# privilege exec level 14 show access-lists
A security service company is conducting an audit in several risk areas within a major corporation. What statement describes the risk of access to cloud storage devices? intercepted emails that reveal confidential corporate or personal information gaining illegal access to corporate data by stealing passwords or cracking weak passwords sensitive data lost through access to the cloud that has been compromised due to weak security settings the retrieval of confidential or personal information from a lost or stolen device that was not configured to use encryption software
sensitive data lost through access to the cloud that has been compromised due to weak security settings
Refer to the exhibit. Based on the output of the show running-config command, which type of view is SUPPORT? CLI view, containing SHOWVIEW and VERIFYVIEW commands superview, containing SHOWVIEW and VERIFYVIEW views secret view, with a level 5 encrypted password root view, with a level 5 encrypted secret password
superview, containing SHOWVIEW and VERIFYVIEW views
A security service company is conducting an audit in several risk areas within a major corporation. What statement describes an attack vector? data loss through access to personal or corporate instant messaging and social media sites the path by which a threat actor can gain access to a server, host, or network intercepted emails that reveal confidential corporate or personal information the unauthorized transfer of data containing valuable corporate information to a USB drive
the path by which a threat actor can gain access to a server, host, or network
A security service company is conducting an audit in several risk areas within a major corporation. What statement describes an internal threat? data loss through access to personal or corporate instant messaging and social media sites the unauthorized transfer of data containing valuable corporate information to a USB drive the potential of causing great damage because of direct access to the building and its infrastructure devices gaining illegal access to corporate data by stealing passwords or cracking weak passwords
the potential of causing great damage because of direct access to the building and its infrastructure devices
A security service company is conducting an audit in several risk areas within a major corporation. What statement describes the risk of access to removable media? the potential of causing great damage because of direct access to the building and its infrastructure devices intercepted emails that reveal confidential corporate or personal information the unauthorized transfer of data containing valuable corporate information to a USB drive data loss through access to personal or corporate instant messaging and social media sites
the unauthorized transfer of data containing valuable corporate information to a USB drive
What are two characteristics of the RADIUS protocol? (Choose two.) encryption of the entire body of the packet encryption of the password only the use of UDP ports for authentication and accounting the separation of the authentication and authorization processes the use of TCP port 49
the use of UDP ports for authentication and accounting encryption of the password only
When using Cisco IOS zone-based policy firewall, where is the inspection policy applied? to a global service policy to a zone to an interface to a zone pair
to a zone pair
In the creation of an IPv6 ACL, what is the purpose of the implicit final command entries, permit icmp any any nd-na and permit icmp any any nd-ns ? to allow forwarding of ICMPv6 packets to allow automatic address configuration to allow IPv6 to MAC address resolution to allow forwarding of IPv6 multicast packets
to allow IPv6 to MAC address resolution
A student is learning about role-based views and role-based view configurations. The student enters the Router(config)# parser view TECH-view command. What is the purpose of this command? to create a CLI view named TECH-view to enter the superview named TECH-view to check the current setup of the CLI view named TECH-view to enter the CLI view named TECH-view
to create a CLI view named TECH-view
What is the purpose of a reconnaissance attack on a computer network? to gather information about the target network and system to redirect data traffic so that it can be monitored to prevent users from accessing network resources to steal data from the network servers
to gather information about the target network and system
What are two characteristics of a stateful firewall? (Choose two.) uses static packet filtering techniques uses connection information maintained in a state table analyzes traffic at Layers 3, 4 and 5 of the OSI model uses complex ACLs which can be difficult to configure prevents Layer 7 attacks
uses connection information maintained in a state table analyzes traffic at Layers 3, 4 and 5 of the OSI model
Which condition describes the potential threat created by Instant On in a data center? when the primary firewall in the data center crashes when an attacker hijacks a VM hypervisor and then launches attacks against other devices in the data center when the primary IPS appliance is malfunctioning when a VM that may have outdated security policies is brought online after a long period of inactivity.
when a VM that may have outdated security policies is brought online after a long period of inactivity.