Section 29-33
Match the IPsec component with its category. AES ECDSA IKE SHA-2 a. Authentication b. Confidentiality c. Data Integrity d. Key management
Authentication>ECDSA Confidentiality>AES Data Integrity>SHA-2 Key management>IKE
Match the example of threat vectors with its description. Cognitive threats via social networks Consumer electronics exploits Hardware hacking Memory scraping Virtualization exploits a. Attackers target operating systems on consumer devices, such as smartphones, tablets, and so on. b. Attackers perform bus sniffing, altering firmware, memory dumping to find crypto keys, utilize hardware-based keyloggers, etc. c. Attackers targeting virtual servers, virtual switches, and trust relationships at the hypervisor level. d. Attackers create false identities on social networks, building and exploiting friend relationships with others on the social network. e. Attackers try to exploit operating systems and applications that leave traces of data in memory, to fetch information directly from the volatile memory.
Cognitive threats via social networks- Attackers create false identities on social networks, building and exploiting friend relationships with others on the social network. Consumer electronics exploits- Attackers target operating systems on consumer devices, such as smartphones, tablets, and so on. Hardware hacking- Attackers perform bus sniffing, altering firmware, memory dumping to find crypto keys, utilize hardware-based keyloggers, etc. Memory scraping- Attackers try to exploit operating systems and applications that leave traces of data in memory, to fetch information directly from the volatile memory. Virtualization exploits- Attackers targeting virtual servers, virtual switches, and trust relationships at the hypervisor level.
Match the concept with the appropriate description. Confidentiality Data integrity Non-repudiation Origin authentication a. Ensuring that any changes to data in transit will be detected and rejected b. Ensuring that any messages received were actually sent from the perceived origin c. Ensuring that only authorized parties can read a message d. Ensuring that the original source of a secured message cannot deny having produced the message
Confidentiality- Ensuring that only authorized parties can read a message Data Integrity- Ensuring that any changes to data in transit will be detected and rejected Non-repudiation- Ensuring that the original source of a secured message cannot deny having produced the message Origin Authentication- Ensuring that any messages received were actually sent from the perceived origin
Match the key security concept with its description. Exploit Mitigation Techniques Risk Threat Vulnerabilities a. Any circumstance or event with the potential to cause harm to an asset b. Weakness that compromises either the security or the functionality of a system c. Mechanism that is used to leverage a vulnerability to compromise the security or functionality of a system d. Likelihood that a particular threat using a specific attack will exploit particular vulnerability e. Methods and corrective actions that you can take to protect against threats, specific exploits, etc.
Exploit- Mechanism that is used to leverage a vulnerability to compromise the security or functionality of a system Mitigation techniques- Methods and corrective actions that you can take to protect against threats, specific exploits, etc. Risk- Likelihood that a particular threat using a specific attack will exploit particular vulnerability Threat- Any circumstance or event with the potential to cause harm to an asset Vulnerability- Weakness that compromises either the security or the functionality of a system
Even though the structure of an APT attack does not follow a blueprint and scenarios vary with circumstance, order each action in a sequence according to the APT common methodology. Escalation of privileges Initial compromise Internal reconnaissance Later propagation, compromising other systems on track towards its goal Mission completion
Initial Compromise Escalation of privileges Internal reconnaissance Later propagation, compromising other systems on track towards its goal Mission completion
Match the type of attack with its description. Pharming Smishing Spear Phishing Vishing Watering hole Whaling a. Emails sent to smaller, more targeted groups, even a single individual b. Emails sent to targeted groups of high-profile individuals such as top executives c. Victims are lured by compromising name services. d. Leverages a compromised web server to target select group that visits this website regularly e. Uses voice and the phone system as its medium f. Uses SMS texting as its medium
Pharming-Victims are lured by compromising name services. Smishing-Uses SMS texting as its medium Spear Phishing-Emails sent to smaller, more targeted groups, even a single individual Vishing-Uses voice and the phone system as its medium Watering hole-Leverages a compromised web server to target select group that visits this website regularly Whaling-Emails sent to targeted groups of high-profile individuals such as top executives
Order the SSH configuration on a Cisco switch or router step-by-step. Configure support for SSH version 2. Configure the hostname, the DNS domain, and create a user with a secret on the device. Configure the vty line to allow access to the device via SSH. Generate new RSA keys with the crypto key generate rsa modulus 2048 command.
Step 1: Configure the hostname, the DNS domain, and create a user with a secret on the device. Step 2: Generate new RSA keys with the crypto key generate rsa modulus 2048 command. Step 3: Configure the vty line to allow access to the device via SSH. Step 4: Configure support for SSH version 2.
Which number represents the default encryption type of the protected password used to restrict access to the Privileged EXEC mode? a. 4 b. 5 c. 8 d. 9
a. 4
Which network capability ensures that an endpoint, such as an IP phone, connects to the company network in a secure and automatic way? a. 802.1x b. ACL c. DHCP d. VLAN
a. 802.1x
Which statement is correct regarding traditional firewalls? a. A traditional firewall can be deployed as a hardware or a virtual appliance. b. Traditional firewalls have URL filtering capabilities. c. Traditional firewalls can enforce policies based on the type of application. d. Traditional firewalls identify malware activity.
a. A traditional firewall can be deployed as a hardware or a virtual appliance.
Which three characteristics correctly describe wireless protected access for enterprise? (Choose 3.) a. An authentication server is required. b. It offers centralized access control. c. Encryption uses broadcast key rotation and AES. d. RADIUS is used for backup authentication. e. Encryption uses TKIP and optional AES.
a. An authentication server is required. b. It offers centralized access control. e. Encryption uses TKIP and optional AES.
In a WLAN, a common key can be used for which three things? (Choose 3.) a. Authentication only b. Authorization only c. Accounting only d. Authentication and encryption e. Encryption only
a. Authentication only d. Authentication and encryption e. Encryption only
Which three options are important services that network security aims to provide to manage risk? (Choose 3.) a. Confidentiality b. Availability c. Defense in depth d. Accounting e. Integrity
a. Confidentiality b. Availability e. Integrity
Which command can you use to merge the configuration in RAM with a saved configuration file on a TFTP server? a. Copy tftp running-config b. Copy tftp startup-config c. Copy running-config startup-config d. Copy startup-config tftp
a. Copy tftp running-config
Which command generates RSA keys for user authentication, used when connecting via SSH? a. Crypto key generate rsa b. Crypto generate key rsa c. Crypto rsa generate key d. Crypto generate rsa key
a. Crypto key generate rsa
You plan to implement an iACL on the internet router in your company to protect the infrastructure devices. Which three options should you use when configuring the iACL? (Choose 3.) a. Deny all non-initial fragments. b. Permit all non-initial fragments. c. Permit RFC 1918 IPv4 address space. d. Implement ingress filtering according to RFC 2827. e. Deny the flow of transit traffic to non-infrastructure destination. f. Permit protocols that are used on the devices, such as BGP, SSH, and SNMP, from specific source addresses.
a. Deny all non-initial fragments. d. Implement ingress filtering according to RFC 2827. f. Permit protocols that are used on the devices, such as BGP, SSH, and SNMP, from specific source addresses.
Referring to the command output, in what state is the port? SwitchX# show port-security interface FastEthernet 0/5 Port Security :Enabled Port Status :Secure-up Violation Mode :Shutdown Aging Time :0 mins Aging Type :Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 1 Total MAC Addresses : 1 Configured MAC Addresses : 0 Sticky MAC Addresses : 0 Last Source Address:Vlan : fc99.47e5.2598:1 Security Violation Count : 0 a. Forwarding b. Error-disabled c. Shutdown d. Listening
a. Forwarding
Which series of phases correctly represents a common attack methodology? a. Initial Compromise>Escalation of Privileges> Reconnaissance of internal hosts>Lateral movement>Exfiltration b. Lateral movement>Escalation of Privileges>Reconnaissance of internal hosts>Initial Compromise>Exfiltration c. Lateral movement> Reconnaissance of internal hosts> Escalation of Privileges> Initial Compromise>Exfiltration d. Reconnaissance of internal hosts> Escalation of Privileges> Initial Compromise> Lateral movement>Exfiltration
a. Initial Compromise>Escalation of Privileges> Reconnaissance of internal hosts>Lateral movement>Exfiltration
Which two statements are true about Cisco Discovery Protocol? (Choose 2.) a. It enables Cisco network devices to announce themselves to their neighbors. b. It is disabled by default. c. It provides an easy reconnaissance vector to any attacker with an Ethernet connection. d. It can be useful for network troubleshooting when checking connectivity to non-Cisco devices. e. You can use the no cdp enable command to disable it globally.
a. It enables Cisco network devices to announce themselves to their neighbors. c. It provides an easy reconnaissance vector to any attacker with an Ethernet connection.
Which three statements are true about Layer 2 of the OSI model? (Choose 3.) a. Layer 2 provides MAC address-based connectivity within a broadcast domain. b. Layer 2 can communicate with all other layers of the OSI model. c. Other layers depend on it to perform their duties. d. Ethernet, the most commonly deployed Layer 2 technology, provides several mechanisms for security. e. Technologies that are built on top of Ethernet, and depend on Ethernet, typically have robust security features. f. It is important to configure Layer 2 security in network devices.
a. Layer 2 provides MAC address-based connectivity within a broadcast domain. c. Other layers depend on it to perform their duties. f. It is important to configure Layer 2 security in network devices.
Which command enables you to configure the parameters for the console access? a. Line console 0 b. Line console c. Login console 0 d. Login console
a. Line console 0
Which option enables you to check if the Cisco IOS image on a router is corrupt or compromised? a. MD5 digests b. HTTPS c. SSL d. SSH
a. MD5 digests
You want to display public information regarding your company's domain from the public DNS registries so you can see what information can be gathered by a reconnaissance attack on the DNS. Which two command-line tools can you use on a Microsoft Windows computer? (Choose 2.) a. Dig b. Nslookup c. Ns-lookup d. Whois e. Grep
a. Nslookup b. Whois
Which statement regarding online and offline password attacks is true? a. Offline attacks are more dangerous because there is no external authentication system. b. Offline attacks are more dangerous because they target out-of-band management assets. c. Online attacks are more dangerous because distributed sources can deliver them. d. Online attacks are more dangerous because they can target resources connected on the network.
a. Offline attacks are more dangerous because there is no external authentication system.
You are asked to conduct a training session in your company to educate employees about social engineering attacks. Which is a common social engineering technique? a. Phishing b. Password cracking c. MAC address spoofing d. UDP flood
a. Phishing
What is the purpose of root guard feature on Cisco Switches? a. Prevents a switch from becoming a root bridge on configured ports. b. Provides immediate transition to the forwarding state. c. If a BPDU is received, it errdisables the port. d. To minimize the time that ports must wait for spanning tree to converge
a. Prevents a switch from becoming a root bridge on configured ports.
Which type of traffic inspection uses pattern matching? a. Signature-based inspection b. Statistical-anomaly detection c. Protocol verification d. Policy-based inspection
a. Signature-based inspection
Where will a router search for the startup configuration if the startup configuration file does not exist in NVRAM? a. TFTP server b. RAM c. ROM d. SSH server
a. TFTP server
Which statement correctly describes the authenticator and its responsibility? a. The authenticator, which is usually the switch, acts as an intermediary between the authentication server and the client. b. The authenticator is the server that is responsible for authenticating the client. c. Both the authenticator and authentication server act as the login server. d. The authenticator is usually a switch which authenticates the newly connected client to access the network.
a. The authenticator, which is usually the switch, acts as an intermediary between the authentication server and the client.
Which two actions represent common vectors of data loss and exfiltration in a company? (Choose 2.) a. Using an unauthorized cloud storage service as a file storage and synchronization service of company data b. Browsing a website of partner company to locate relevant information c. Using an unencrypted USB drive to transfer company data to work at home d. Using an encrypted USB drive with your own certificate to transfer company data to work at home e. Sending email with encrypted attachment using a certificate of the intended receiver.
a. Using an unauthorized cloud storage service as a file storage and synchronization service of company data c. Using an unencrypted USB drive to transfer company data to work at home
The anti-malware software in your company has discovered malicious software that replicated itself on several computers with functional copies that can cause the same type of damage. Which two malware types can compromise other systems? (Choose 2.) a. Worm b. Virus c. Trojan horse d. APT e. ARP
a. Worm b. Virus
You need to limit the access to a Cisco router so only the computers from the management network can access it. The management network is 10.10.10.0 with the network mask 255.255.255.0. Which command configures the appropriate access list? a. access-list 1 permit 10.10.10.0 0.0.0.255 b. access-group 1 permit 10.10.10.0 0.0.0.255 c. access-list 1 permit 10.10.10.0 255.255.255.0 d. access-class 1 permit 10.10.10.0 0.0.0.255 e. access-class 1 permit 10.10.10.0 255.255.255.0
a. access-list 1 permit 10.10.10.0 0.0.0.255
Which two attack categories does the smurf attack belong to? (Choose two.) a. amplification b. brute-force c. man-in-the-middle d. exfiltration e. reflection
a. amplification e. reflection
Which option describes how port security operates? a. by limiting and identifying the MAC addresses of the systems that are allowed to access a port b. by limiting and identifying the IP addresses of the systems that are allowed to access a port c. by instructing the switch to inspect the ARP entries passing through it in real time d. by putting a port into a listening state. e. by error-disabling any access port on which a BPDU is received
a. by limiting and identifying the MAC addresses of the systems that are allowed to access a port
Which option mitigates VLAN hopping and double-tagging VLAN hopping attacks? a. ensuring that the native VLAN of the trunk ports is different from the native VLAN of the user ports b. ensuring that the native VLAN of the trunk ports is the same as the native VLAN of the user ports c. setting the trunk port to "off" d. enabling auto-trunking negotiations
a. ensuring that the native VLAN of the trunk ports is different from the native VLAN of the user ports
Which command is recommended to be used when securing the console line? a. login local b. login c. service password-encryption d. username cisco password C1sco123
a. login local
In which two situations will a security violation occur on a secured port? (Choose 2.) a. when a secured port receives a source MAC address that has been assigned to another secured port b. when a secured port receives a source IP address that has been assigned to another secured port c. when a host whose MAC address is not in the address table attempts to access the port after the maximum number of secure MAC addresses has been reached d. when the content-addressable memory has been set to read-only e. when a host that was connected to a port in one VLAN attempts to connect to a port that is assigned to a different VLAN
a. when a secured port receives a source MAC address that has been assigned to another secured port c. when a host whose MAC address is not in the address table attempts to access the port after the maximum number of secure MAC addresses has been reached
Which configuration register boot field values cause the router to check the startup configuration file for boot system commands during the Cisco router boot process? a. 0x0 and 0x1 b. 0x2 to 0xF c. 0x1 and 0x2 d. 0x1 to 0Xf
b. 0x2 to 0xF
You are reading an article in the news regarding a DNS amplification attack to a specific organization. The attack caused DDoS that made it impossible for anyone to resolve the organization's website IP address and access the website. Which statement regarding an amplification attack is correct? a. A small forged packet elicits a small reply from the reflectors. b. A small forged packet elicits a large reply from the reflectors. c. A large forged packet elicits a small reply from the reflectors. d. A large forged packet elicits a large reply from the reflectors.
b. A small forged packet elicits a large reply from the reflectors.
What is the purpose of Web reputation filters? a. Ensure that only authorized parties can read a message b. Analyze web server behavior and assign a reputation score to a URL c. Scan email traffic d. Monitor and inspect FTP traffic
b. Analyze web server behavior and assign a reputation score to a URL
How does Unicast Reverse Path Forwarding help with DoS and DDoS attacks mitigation? a. By distributing the footprint of DDoS attacks. b. By verifying the "reachability" of the source address in packets being forwarded. c. By monitoring connection states and maintaining a state table. d. By monitoring interface packet counters.
b. By verifying the "reachability" of the source address in packets being forwarded.
Dynamic ARP Inspection depends on which of the following options in environments that use DHCP? a. Port Security b. DHCP snooping binding c. Cisco Discovery Protocol d. HTTP Services
b. DHCP snooping binding
You have detected that there is a rogue DHCP server in the local area network that replies to client DHCP requests before they reach the authentic DHCP server in the company. Which two options describe this type of attack? (Choose 2.) a. DHCP DoS attack b. DHCP spoofing attack c. DHCP authentication attack d. IP address spoofing e. Application/service spoofing
b. DHCP spoofing attack e. Application/service spoofing
Which two practices would you follow to prevent VLAN attacks on a network? (Choose 2.) a. Set all ports to STP portfast. b. Disable DTP on all ports. c. Disable Cisco Discovery Protocol on all ports. d. Change the default VLAN settings. e. Disable the HTTP service.
b. Disable DTP on all ports. d. Change the default VLAN settings.
From which two components could the router obtain Cisco IOS Software image? (Choose 2.) a. ROM b. Flash c. TFTP server d. NVRAM e. Console
b. Flash c. TFTP server
Which service or services that are enabled by default should be disabled on Cisco routers? a. HTTPS b. HTTP c. Both SSH and Telnet d. Both HTTP and SSH.
b. HTTP
Which two of the following security measures can help block password brute force attacks? (Choose 2.) a. Use multiple authentication servers. b. Implement account lock-out after a number of bad guesses. c. Specify a minimum length of a password, such as 8 to 12 characters. d. Specify a maximum length of a password, such as 8 to 12 characters. e. Implement password complexity, such as all upper-case characters in the password.
b. Implement account lock-out after a number of bad guesses. c. Specify a minimum length of a password, such as 8 to 12 characters.
Which statement is correct regarding how ESP modes protect an IP packet? a. In the transport mode, security is provided only for the transport layer and below. b. In the tunnel mode, security is provided for the complete original IP packet. c. In the tunnel mode, security is provided only for the transport layer and above. d. In the transport mode, security is provided for the entire IP packet.
b. In the tunnel mode, security is provided for the complete original IP packet.
Which statement is true when using the enable password command with the service password-encryption command? a. It offers a stronger encryption than using the enable secret command. b. It offers a weaker encryption than using the enable secret command. c. The enable password command provides protection by the MD5 hashing algorithm. d. It is not possible to use the two commands simultaneously and will cause an error.
b. It offers a weaker encryption than using the enable secret command.
Which type of threat is posed when password recovery is allowed by weak physical security policies? a. Environmental threat b. Local access and physical threat c. Electrical threat d. Maintenance threat
b. Local access and physical threat
Which of the following is not true in regard to the login banner? a. Login banners must be configured before the username and password prompt. b. Login banners cannot be customized. c. To configure a login banner, use the banner login command in global configuration mode. d. The MOTD banner is displayed to all terminals that are connected.
b. Login banners cannot be customized.
Which command encrypts plaintext passwords on routers? a. Password encryption b. Service password-encryption c. Service encryption d. Enable secret
b. Service password-encryption
What is the purpose of shutting down a VLAN? a. Shutting down a VLAN disables all interfaces that are part of the VLAN. b. Shutting down a VLAN prevents data exchange between the ports in a VLAN. c. Shutting down a VLAN makes all the ports routed ports. d. Shutting down a VLAN disables all interfaces that are not part of that VLAN.
b. Shutting down a VLAN prevents data exchange between the ports in a VLAN.
Which command protects a switched network from a hacker who is trying to preempt an election of STP? a. Spanning-tree portfast default b. Spanning-tree guard root c. Switchport port-security violation d. Spanning-tree guard
b. Spanning-tree guard root
When you copy configuration files from another source, such as TFTP, into RAM on a Cisco router, what will happen to the previous configuration? a. The copied file will overwrite the previous configuration. b. The configuration file merges with any existing configurations in RAM. c. On all platforms, except the Class A flash file system platforms, the previous copy of the configuration will be stored in NVRAM. d. The router will keep only the previous configuration.
b. The configuration file merges with any existing configurations in RAM.
Which two statements are true regarding asymmetric encryption algorithms? (Choose 2.) a. Examples of asymmetric encryption algorithms are DES, 3DES, and AES. b. The key that is used for encryption is different from the key that is used for decryption. c. Asymmetric algorithms are substantially slower than symmetric algorithms. d. The key management of symmetric algorithms tends to be simpler than the key management of asymmetric algorithms.
b. The key that is used for encryption is different from the key that is used for decryption. c. Asymmetric algorithms are substantially slower than symmetric algorithms.
What is the result of issuing the no switchport port-security mac-address sticky command on an interface with port security configured? a. The sticky secure MAC addresses are removed from the address table and from the running configuration. b. The sticky secure MAC addresses remain part of the address table but are removed from the running configuration. c. The port stops with sticky learning. Already learned addresses remain in the address table and in the running configuration. d. The command disables port security sticky learning on all device ports.
b. The sticky secure MAC addresses remain part of the address table but are removed from the running configuration.
Which option regarding man-in-the-middle attacks is true? a. They are the simplest form of attack b. They can be implemented in many different scenarios c. Their intent is always to modify data in transit d. Their intent is always to replace the destination device completely
b. They can be implemented in many different scenarios
You received an email from a vendor that you use in your company's IT system, stating that there is a discovered weakness in their software that compromises its functionality, and you must install a patch to resolve these issues. Which term defines this weakness? a. Threat b. Vulnerability c. Exploit d. Mitigation technique
b. Vulnerability
Which WPA3 feature uses 802.1X for authentication? a. Open Networks b. WPA3-Enterprise c. IoT secure onboarding (DPP) d. WPA3-Personal
b. WPA3-Enterprise
Which type of password attack is performed by computer programs called "password crackers" that systematically try every possible password until they succeed? a. online password attack b. brute force attack c. dictionary attack d. guessing attack
b. brute force attack
Which bits of the configuration register make up the boot field? a. least-significant octet b. least-significant 4 bits c. most-significant octet d. most-significant 4 bits
b. least-significant 4 bits
Which three actions are examples of a social engineering attack? (Choose 3.) a. TCP SYN flood attack against company's website b. leaving a USB key infected with auto-run malware in a public area c. developing fictitious personalities on social networking sites to obtain information from employees d. employing password crackers techniques to guess employees' username and password e. visual hacking, where the attacker physically observes the victim entering credentials f. DHCP spoofing attack where false DHCP server configures employees IP address
b. leaving a USB key infected with auto-run malware in a public area c. developing fictitious personalities on social networking sites to obtain information from employees e. visual hacking, where the attacker physically observes the victim entering credentials
What is the primary difference between a DoS attack and a DDoS attack? a. the manner in which they use botnets b. the number of hosts from which they emanate c. the ability to crash a group of systems d. the types of systems that are vulnerable to them
b. the number of hosts from which they emanate
What is the purpose of the setup utility? a. to enable you to set up a fault-tolerate boot plan b. to enable you to create a basic initial configuration c. to enable you to set up autoinstall d. to fully configure routing
b. to enable you to create a basic initial configuration
What are two types of switch ports that are used on Cisco switches as part of the defense against DHCP spoofing attacks? (Choose 2.) a. unknown port b. untrusted port c. unauthorized port d. trusted DHCP port e. established DHCP port
b. untrusted port d. trusted DHCP port
Which command can you use to check whether the Cisco IOS image has errors because of file transfer? a. check/md5 flash; image_name.bin b. verify/md5 flash; image_name.bin c. copy/md5 flash; image_name.bin d. verify/md1 flash; image_name.bin
b. verify/md5 flash; image_name.bin
What is the factory default value of the configuration register? a. 0x2100 b. 0x2142 c. 0x2102 d. 0x2101
c. 0x2102
Which method provides the strongest encryption in wireless networks? a. WEP b. TKIP c. AES d. DES
c. AES
Which two algorithms provide the confidentiality in a VPN? (Choose 2.) a. MD5 b. SHA-1 c. AES d. 3DES e. SHA-2
c. AES d. 3DES
Which two capabilities does an NGFW have that a traditional firewall does not have? (Choose 2.) a. Ability to enforce an access control policy between two or more security zones b. Traffic-filtering capabilities c. Ability to provide actionable indications of compromise to identify malware activity d. Comprehensive network visibility e. Resistance to attacks to the firewall itself
c. Ability to provide actionable indications of compromise to identify malware activity d. Comprehensive network visibility
How does remotely triggered black hole filtering help with DoS and DDoS attacks? a. By providing URL analysis and establishing a reputation for each URL b. By creating an ACL for filtering c. By dropping undesirable traffic before it enters a protected network d. By providing crisis management
c. By dropping undesirable traffic before it enters a protected network
Which two options represent man-in-the-middle attacks? (Choose 2.) a. DDoS b. Phishing c. DHCP spoofing d. Brute force password attack e. Impersonating public Wi-Fi network, while redirecting connected users to internet.
c. DHCP spoofing e. Impersonating public Wi-Fi network, while redirecting connected users to internet.
Which banner should be used to show information that is hidden from unauthorized users? a. MOTD b. Login c. EXEC d. Slip-ppp
c. EXEC
Which type of threat vector aims to attack power grids or nuclear plants? a. Virtualization exploits b. Consumer electronics exploits c. Infrastructure exploits d. Cognitive threats via social networks
c. Infrastructure exploits
Which two options are examples of a DDoS attack? (Choose two.) a. Email trying to entice users to access multiple malicious websites b. Attempts to crack username and password from different hosts c. Large amounts of traffic sent to a website from different hosts d. Large number of emails sent to an email service from a single host e. Large number of TCP connections to an email service from different hosts
c. Large amounts of traffic sent to a website from different hosts e. Large number of TCP connections to an email service from different hosts
Which option lowered the threshold of experience that is required for a novice attacker to perform sophisticated attacks? a. Nmap Project b. Kali Linux c. Metasploit d. Knoppix Security Tools Distribution
c. Metasploit
You are working as IT security engineer, and you are browsing through the sectools.org website to see the top network security tools, as well as find more details on each particular tool and read reviews for it. What is the initiative that runs this website? a. IEEE b. ITU-T c. Nmap Project d. Metasploit
c. Nmap Project
An attacker has bypassed physical security and was able to connect a laptop to an Ethernet interface on a switch. If all the switch ports are configured with port security and the violation mode is set to the default, which action is taken against the attacker? a. Packets with unknown source addresses are dropped and there is no notification that a security violation has occurred. b. Packets with unknown source addresses are dropped and there is a notification that a security violation has occurred. c. Packets with unknown source addresses are dropped, there is a notification that a security violation has occurred, and the interface becomes error-disabled. d. Packets with unknown source addresses are forwarded and there is a notification to the syslog server.
c. Packets with unknown source addresses are dropped, there is a notification that a security violation has occurred, and the interface becomes error-disabled.
In a reconnaissance attack, which type of activity typically follows a ping sweep? a. Internal reconnaissance b. Escalation of privileges c. Port scan d. Password attack e. DNS query
c. Port scan
Where does the decompressed Cisco IOS file reside before it is started? a. Flash b. NVRAM c. RAM d. TFTP
c. RAM
Which three represent common vectors that can inflict data loss and exfiltration regarding unauthorized transfer of company data? (Choose 3.) a. Monitoring systems b. Database servers c. Removeable storage devices d. Fixed storage devices e. Cloud storage services f. Email attachments
c. Removeable storage devices e. Cloud storage services f. Email attachments
Which option is a valid configuration to restrict remote users by applying an ACL to vty lines? a. Router (config) # line vty 0 15 router (config-line) # access-group 1 in b. Router (config) # line vty 0 15 router (config-line) # access-list 1 in c. Router (config) # line vty 0 15 router (config-line) # access-class 1 in d. Router (config) # line vty 0 15 router (config-line) # ip access-group 1 in
c. Router (config) # line vty 0 15 router (config-line) # access-class 1 in
What is the main functionality of the Cisco Secure Web Appliance? a. Scans email traffic b. Scans all TCP traffic c. Scans web traffic d. Scans STP traffic
c. Scans web traffic
Which Cisco IOS command can you use to examine the configuration register? a. Show running-config b. Show startup-config c. Show version d. Show config-register
c. Show version
Which type of traffic inspection observes network traffic over time and builds a normal profile of traffic behavior? a. Signature-based inspection b. Protocol verification c. Statistical anomaly detection d. Policy-based inspection
c. Statistical anomaly detection
Which of the commands would you use to quickly verify which interfaces have port security enabled? a. Switch# show port-security interface interface-id b. Switch# show interface status c. Switch# show port-security d. Switch# show port-security address
c. Switch# show port-security
Which statement regarding TLS is correct? a. TLS has to be installed on the computer by the user. b. HTTPS is the only application that uses TLS. c. TLS is natively supported in browsers. d. TLS relies on pre-shared keys for authentication and encryption.
c. TLS is natively supported in browsers.
How is spoofing used in a reflection attack? a. The attacker uses the MAC address of the intended target as the source address of the packets it transmits. b. The attacker uses the MAC address of the reflector as the source address of the packets it transmits. c. The attacker uses the IP address of the intended target as the source address of the packets it transmits. d. The attacker uses the IP address of the reflector as the source address of the packets it transmits.
c. The attacker uses the IP address of the intended target as the source address of the packets it transmits.
Which type of malware is known to create back doors to give malicious users access to a system? a. Worms b. Viruses c. Trojan horse d. APTs
c. Trojan horse
Which type of attack uses directed phone calls to employees to obtain relevant information? a. Spear phishing b. Whaling c. Vishing d. Pharming
c. Vishing
Which statement regarding a buffer overflow attack is correct? a. A buffer overflow attack cannot result in DoS attack. b. Buffer overflow attacks cannot be used for client-side attacks. c. When a buffer overflows due to buffer overflow attack, it overwrites adjacent memory. d. The memory space used to store user input in the application can never be flooded.
c. When a buffer overflows due to buffer overflow attack, it overwrites adjacent memory.
You are working for an internet service provider, and you need to bill your customers when they use data above a certain limit. Which service enables you to collect such information to a centralized server for billing? a. authentication b. authorization c. accounting d. billing
c. accounting
What does the no ip directed-broadcast command configured for an interface accomplish? a. unicasts destined to that interface will be dropped b. multicasts in the subnet to which that interface is attached will be dropped c. broadcasts destined for the subnet to which that interface is attached will be dropped d. multicasts and broadcasts in the subnet to which that interface is attached will be dropped
c. broadcasts destined for the subnet to which that interface is attached will be dropped
You want to send an email to a specific customer, while guaranteeing that only this customer receives it. Which security concept must the email system provide to prevent sensitive information from reaching the wrong people? a. availability b. integrity c. confidentiality d. anti-replay
c. confidentiality
Which statement is correct regarding iACLs? a. iACLs deny all traffic b. iACLs permit all traffic, so it can be filtered on other devices. c. iACLs permit only authorized traffic to the infrastructure equipment, as well as permit transit traffic. d. iACLs permit only authorized traffic to the infrastructure equipment, while denying transit traffic.
c. iACLs permit only authorized traffic to the infrastructure equipment, as well as permit transit traffic.
Which URL prefix for Cisco network devices contains the current running configuration? a. rcp: b. nvram: c. system: d. memory:
c. system:
Which port should be configured as a trusted port for DAI? a. the port where the ARP server is located b. the port where an end-user host is located c. the port where another switch is located d. none of the above: All ports are untrusted.
c. the port where another switch is located
What is a vulnerability that is susceptible to a buffer overflow attack? a. A DHCP client that can accept replies from any DHCP in the network. b. A user who receives an email enticing him to click a link to malicious website. c. A host that does not have a local firewall and has open ports that can be detected with port scans. d. An application that expects the input to be within a certain size, but does not verify the size of input upon reception.
d. An application that expects the input to be within a certain size, but does not verify the size of input upon reception.
Which statement is true about using the Device Provisioning Protocol (DPP) to provision wireless devices? a. DPP is a replacement of RADIUS with enhanced security. b. DPP is a replacement of WPA2 with enhanced security. c. DPP is used to provision an 802.1X-based clientless service. d. DPP is used with IoT devices to make the provisioning process easier.
d. DPP is used with IoT devices to make the provisioning process easier.
Assume that you are traveling and are connected to a public wireless network. Your company uses multiple tunneling policies for a VPN session. To ensure that your internet traffic and traffic when accessing internal resources remains confidential, which policy must you use? a. SSL-tunneling b. Split-tunneling c. TLS-tunneling d. Full-tunneling
d. Full-tunneling
What is the most common type of spoofing? a. application spoofing b. service spoofing c. DHCP spoofing d. IP address spoofing e. MAC address spoofing
d. IP address spoofing
What will be the next step in the boot sequence of the router if the bootstrap code cannot locate a complete Cisco IOS image? a. It terminates the boot sequence. b. It restarts the boot sequence. c. It copies a default version of Cisco IOS Software from flash memory into RAM. d. It copies a scaled-down version of Cisco IOS Software from ROM into RAM.
d. It copies a scaled-down version of Cisco IOS Software from ROM into RAM.
What kind of threat requires mitigation by ensuring that the cable runs are neat? a. Remote access threats b. Environmental threats c. Electrical threats d. Maintenance threats
d. Maintenance threats
After the Cisco IOS Software image is loaded and started from which three components can the device load its configuration? (Choose three.) a. DHCP server b. DNS server c. RAM d. NVRAM e. SCP server f. TFTP server
d. NVRAM e. SCP server f. TFTP server
Which protocol would you use if you wanted to copy the configuration from a remote server securely? a. TFTP b. HTTP c. FTP d. SCP
d. SCP
Which IPsec component ensures that data arrives unchanged to the destination? a. 3DES b. AES c. PSK d. SHA-2 e. RSA
d. SHA-2
Which statement regarding the SSL and TLS is true? a. TLS is the predecessor of SSL. b. Symmetric algorithms are used for authentication and the exchange of keys. c. Asymmetric algorithms are used for bulk encryption. d. SSL and TLs rely on PKI and digital certificates for authentication.
d. SSL and TLs rely on PKI and digital certificates for authentication.
Which is a classic example of a DoS attack? a. CDP SYN flood b. ICMP SYN flood c. UDP SYN flood d. TCP SYN flood
d. TCP SYN flood
You have restarted a router, which has the default booting procedure. During the reboot, the following messages appear on the console: %Error opening tftp://255.255.255.255/network-confg (Timed out) %Error opening tftp://255.255.255.255/cisconet.cfg (Timed out) What can you conclude based on the messages? a. The router will attempt to load the configuration from the NVRAM. b. The router configuration will be loaded from the TFTP server. c. The TFTP server URL is incorrect d. The configuration file is not found on the TFTP server.
d. The configuration file is not found on the TFTP server.
Which command should you use to restrict access to the privileged EXEC mode? a. service password secret b. service password encryption c. enable password secret d. enable secret
d. enable secret
Which of these options is a mitigation technique to prevent rogue DHCP servers from providing false IP configuration parameters? a. DHCP spoofing b. Dynamic ARP Inspection c. Port Security d. ARP spoofing e. DHCP snooping
e. DHCP snooping
The administrator is configuring a switch and chooses to enable port security on several ports. The configuration for the interface GigabitEthernet1/0/1 is shown below. Based on this configuration, is administrator planning to connect a network extension device, such as a switch or access point, to the interface? interface GigabitEthernet1/0/1 < --- output omitted --- > switchport port-security switchport port-security aging time 2 switchport port-security violation restrict switchport port-security aging type inactivity < --- output omitted --- > a. No, based on the aging time and type, he is limiting access to other devices. b. Yes, based on the limited aging time, the administrator expects many different MAC addresses on the port. c. No, because port security is never set on interfaces that connect to other network intermediary devices. d. Yes, because the violation mode is set to restrict and not left to default shutdown. e. No, because the administrator has not issued a port-security maximum command.
e. No, because the administrator has not issued a port-security maximum command.
Which protocol is used to allow Cisco IOS image and configuration uploads and downloads over the network? a. HTTP b. HTTPS c. Telnet d. SSH e. TFTP
e. TFTP
What does the pound symbol (#) indicate when it is displayed next to a file system entry in the output of the show file systems command? a. an available file system b. a read-only file system c. a file system with read and write permissions d. the current default file system e. a bootable disk
e. a bootable disk