CCNA Security Final v1.1 part 9

Ace your homework & exams now with Quizwiz!

Which three statements describe SSL-based VPNs? (Choose three.) - A symmetric algorithms are used for authentication and key exchange. - It is impossible to configure SSL and IPsec VPNs concurrently on the same router. - Special-purpose client software is required on the client machine. - Symmetric algorithms are used for bulk encryption. - The authentication process uses hashing technologies. - The application programming interface is used to extensively modify the SSL client software. - The primary restriction of SSL VPNs is that they are currently supported only in hardware.

- A symmetric algorithms are used for authentication and key exchange. - Symmetric algorithms are used for bulk encryption. - The authentication process uses hashing technologies.

Which two guidelines relate to in-band network management? (Choose two.) - Apply in-band management only to devices that must be managed on the production network. - Implement separate network segments for the production network and the management network. - Attach all network devices to the same management network. - Use IPSec, SSH,or SSL

- Apply in-band management only to devices that must be managed on the production network. - Use IPSec, SSH,or SSL

Refer to the exhibit. When configuring SSH on a router using SDM from the Configure menu, which two steps are required? (Choose two.) - Choose Additional Tasks > Router Access > SSH to generate the RSA keys. - Choose Additional Tasks > Router Access > VTY to specify SSH as the input and output protocol. - Choose Additional Tasks > Router Properties > Netflow to generate the RSA keys. - Choose Additional Tasks > Router Properties > Logging to specify SSH as the input and output protocol. - Choose Additional Tasks > Router Access > AAA to generate the RSA keys. - Choose Additional Tasks > Router Access > Management Access to specify SSH as the input and output protocol

- Choose Additional Tasks > Router Access > SSH to generate the RSA keys. - Choose Additional Tasks > Router Access > VTY to specify SSH as the input and output protocol.

Which two Cisco IPS management and monitoring tools are examples of GUI-based, centrally managed IPS solutions? (Choose two.) - Cisco Adaptive Security Device Manager - Cisco IPS Device Manager - Cisco Router and Security Device Manager - Cisco Security Manager - Cisco Security Monitoring, Analysis, and Response System.

- Cisco Security Manager - Cisco Security Monitoring, Analysis, and Response System.

Refer to the exhibit.Which AAA function and protocol is in use in the network? - The client is authorizing commands using the TACACS+ protocol. - The client is authorizing commands using the RADIUS protocol. - The client is authenticating using the RADIUS protocol. - The client is authenticating using the TACACS+ protocol

- The client is authenticating using the TACACS+ protocol

Which type of SDM rule is created to govern the traffic that can enter and leave the network based on protocol and port number? - NAC rule - NAT rule - IPsec rule - access rule

- access rule

Which three principles are enabled by a Cisco Self-Defending Network? (Choose three.) - adaptability - collaboration - insulation - integration - mitigation - scalability

- adaptability - collaboration - integration

Which three commands are required to configure SSH ona Cisco router? (Choose three.) - ip domain-name name in global configuration mode - transport input ssh on a vty line - no ip domain-lookup in global configuration mode - password password on a vty line - service password-encryption in global configuration mode - crypto keygenerate rsa in global configuration mode

- ip domain-name name in global configuration mode - transport input ssh on a vty line - crypto keygenerate rsa in global configuration mode

An administrator needs to create a user account with custom access to most privileged EXEC commands. Which privilege command is used to create this custom account? - privilege exec level 0 - privilege exec level 1 - privilege exec level 2 - privilege exec level 15

- privilege exec level 2

An organization has mobile workers who use corporate-owned laptops at customer sites to view inventory and place orders.Which type of VPN allows these workers to securely access all of the client/server applications of the organization? - clientless SSL VPN - remote-access IPsec VPN - site-to-site IPsec VPN - HTTPS-enabled SSL VPN

- remote-access IPsec VPN


Related study sets

프랑스 필수 단어(amical-1)

View Set

Unit 5 revision, Module 46 Health Care Systems

View Set

Econ - Demand, Supply, & Equilibrium

View Set

Diversity in Criminal justice Midterm

View Set

College Physics II: Module 3 & Module 4

View Set

NUR 145 - Module A: Practice Questions

View Set