Mohamed Yuosef
Quiz von , erstellt am more than 1 year ago

Some of the new questions

316
0
0
Keine Merkmale angegeben
Mohamed Yuosef
Erstellt von Mohamed Yuosef vor etwa 7 Jahre
Schließen

CCNA Security v3.0

Frage 1 von 20

1

1.Which NAT type allows only objects or groups to reference an IP address?

Wähle eine der folgenden:

  • A. Dynamic NAT

  • B. Dynamic PAT

  • C. Identity NAT

  • D. Static NAT

Erklärung

Frage 2 von 20

1

2. Which of these are characteristics of DHCP spoofing? (Choose three)

Wähle eine oder mehr der folgenden:

  • A. ARP poisoning

  • B. Physically modify the network gateway

  • C. Can access most network devices

  • D. Protect the identity of the attacker by masking their DHCP address

  • E. Man-in-the-middle attack

  • F. Modify traffic in transit

Erklärung

Frage 3 von 20

1

3. Which NAT option is executed first in the case of multiple NAT translations?

Wähle eine der folgenden:

  • A. Static NAT with shortest prefix

  • B. Static NAT with longest prefix

  • C. Dynamic NAT with shortest prefix

  • D. Dynamic NAT with longest prefix

Erklärung

Frage 4 von 20

1

4. How can firepower block malicious email attachments?

Wähle eine der folgenden:

  • A. It forwards email requests to an external signature engine

  • B. It scans inbound email messages for known bad URLs

  • C. It sends an alert to the administrator to verify suspicious email messages

  • D. It sends the traffic through a file policy

Erklärung

Frage 5 von 20

1

5. Which firewall configuration must you perform to allow traffic to flow in both directions between two zones?

Wähle eine der folgenden:

  • A. Configure a single zone pair that allows bidirectional traffic flows from any zone except the self-zone

  • B. Configure two zone pairs, one for each direction

  • C. Configure a single zone pair that allows bidirectional traffic flows from any zone

  • D. Configure a single zone pair that allows bidirectional traffic flows only if the source zone is the less secure zone

Erklärung

Frage 6 von 20

1

6. What mechanism does asymmetric cryptography use to secure data?

Wähle eine der folgenden:

  • A. An MD5 hash

  • B. A public/private key pair

  • C. An RSA nonce

  • D. Shared secret keys

Erklärung

Frage 7 von 20

1

7. Which statement about IOS privilege levels is true?

Wähle eine der folgenden:

  • A. Each privilege level is independent of all other privilege levels

  • B. Each privilege level supports the commands at its own level and all levels above it

  • C. Privilege-level commands are set explicitly for each user

  • D. Each privilege level supports the commands at its own level and all levels below it

Erklärung

Frage 8 von 20

1

8. Your security team has discovered a malicious program that has been harvesting the CEO's email messages and the company's user database for the last 6 months. What type of attack did your team discover? (Choose two)

Wähle eine oder mehr der folgenden:

  • A. Social activism

  • B. Targeted malware

  • C. Drive-by spyware

  • D. Polymorphic virus

  • E. Advanced persistent threat

Erklärung

Frage 9 von 20

1

9. What is a valid implicit permit rule for traffic that is traversing the ASA firewall?

Wähle eine der folgenden:

  • A. Unicast IPv6 traffic from a higher security interface to a lower security interface is permitted in transparent mode only

  • B. Only BPDUs from a higher security interface to a lower security interface are permitted in routed mode

  • C. Unicast IPv4 traffic from a higher security interface to a lower security interface is permitted in routed mode only

  • D. Only BPDUs from a higher security interface to a lower security interface are permitted in transparent mode

  • E. ARPs in both directions are permitted in transparent mode only

Erklärung

Frage 10 von 20

1

10. What is the effect of the following command: “Crypto ipsec transform-set my set esp-md5-hmac esp-aes-256”

Wähle eine oder mehr der folgenden:

  • A. It configures encryption to use MD5 HMAC

  • B. It configures authentication to use MD5 HMAC

  • C. It configures encryption to use AES-256

  • D. It configured authentication to use AES-256

  • E. It configures authorization to use AES-256

Erklärung

Frage 11 von 20

1

11. Which of the following statements about access lists are true? (Choose three)

Wähle eine oder mehr der folgenden:

  • A. Extended access lists should be placed as near as possible to the destination

  • B. Standard access lists should be placed as near as possible to the source

  • C. Extended access lists should be placed as near as possible to the source

  • D. Standard access lists should be placed as near as possible to the destination

  • E. Standard access lists filter on the source address

  • F. Standard access lists filter on the destination address

Erklärung

Frage 12 von 20

1

12. In which two situations should you use in-band management? (Choose two)

Wähle eine oder mehr der folgenden:

  • A. When a network device fails to forward packets

  • B. When management applications need concurrent access to the device

  • C. When you require administrator access from multiple locations

  • D. When you require ROMMON access

  • E. When the control plane fails to respond

Erklärung

Frage 13 von 20

1

13. In which two situations should you use out-of-band management? (Choose two)

Wähle eine oder mehr der folgenden:

  • A. When a network device fails to forward packets

  • B. When management applications need concurrent access to the device

  • C. When you require administrator access from multiple locations

  • D. When you require ROMMON access

  • E. When the control plane fails to respond

Erklärung

Frage 14 von 20

1

14. Which command enable ospf authentication?

Wähle eine der folgenden:

  • A. ip ospf authentication message-digest

  • B. network 192.168.10.0 0.0.0.255 area 0

  • C. area 20 authentication message-digest

  • D. ip ospf message-digest-key 1 md5 CCNA

Erklärung

Frage 15 von 20

1

15.Which command help user1 to use enable,disable,exit&etc commands?

Wähle eine der folgenden:

  • A. catalyst1(config)#username user1 privilege 0 secret us1pass

  • B. catalyst1(config)#username user1 privilege 1 secret us1pass

  • C. catalyst1(config)#username user1 privilege 2 secret us1pass

  • D. catalyst1(config)#username user1 privilege 5 secret us1pass

Erklärung

Frage 16 von 20

1

16. Command ip ospf authentication key 1 is implemented in which level?

Wähle eine der folgenden:

  • A. Interface

  • B. process

  • C. global

  • D. enable

Erklärung

Frage 17 von 20

1

17. Which line in the following OSPF configuration will not be required for MD5 authentication to work?

ip address 192.168.10.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 CCNA
!
router ospf 65000
router-id 192.168.10.1
area 20 authentication message-digest
network 10.1.1.0 0.0.0.255 area 10
network 192.168.10.0 0.0.0.255 area 0

Wähle eine oder mehr der folgenden:

  • A. ip ospf authentication message-digest

  • B. network 192.168.10.0 0.0.0.255 area 0

  • C. area 20 authentication message-digest

  • D. ip ospf message-digest-key 1 md5 CCNA

Erklärung

Frage 18 von 20

1

18. Which of the following pairs of statements is true in terms of configuring MD authentication?

Wähle eine der folgenden:

  • A. Interface statements (OSPF, EIGRP) must be configured; use of key chain in OSPF

  • B. Router process (OSPF, EIGRP) must be configured; key chain in EIGRP

  • C. Router process (only for OSPF) must be configured; key chain in EIGRP

  • D. Router process (only for OSPF) must be configured; key chain in OSPF

Erklärung

Frage 19 von 20

1

19. which are two valid TCP connection states (pick 2) is the gist of the question?

Wähle eine oder mehr der folgenden:

  • A. SYN-RCVD

  • B. Closed

  • C. SYN-WAIT

  • D. RCVD

  • E. SENT

Erklärung

Frage 20 von 20

1

20. What is example of social engineering?

Wähle eine oder mehr der folgenden:

  • A. Gaining access to a building through an unlocked door.

  • B. something about inserting a random flash drive.

  • C. gaining access to server room by posing as IT

  • D. Watching other user put in username and password (something around there)

Erklärung

Vorherige
Antwort prüfen
Nächste