Mohamed Yuosef
Quiz by , created more than 1 year ago

Some of the new questions

316
0
0
No tags specified
Mohamed Yuosef
Created by Mohamed Yuosef about 7 years ago
Close

CCNA Security v3.0

Question 1 of 20

1

1.Which NAT type allows only objects or groups to reference an IP address?

Select one of the following:

  • A. Dynamic NAT

  • B. Dynamic PAT

  • C. Identity NAT

  • D. Static NAT

Explanation

Question 2 of 20

1

2. Which of these are characteristics of DHCP spoofing? (Choose three)

Select one or more of the following:

  • A. ARP poisoning

  • B. Physically modify the network gateway

  • C. Can access most network devices

  • D. Protect the identity of the attacker by masking their DHCP address

  • E. Man-in-the-middle attack

  • F. Modify traffic in transit

Explanation

Question 3 of 20

1

3. Which NAT option is executed first in the case of multiple NAT translations?

Select one of the following:

  • A. Static NAT with shortest prefix

  • B. Static NAT with longest prefix

  • C. Dynamic NAT with shortest prefix

  • D. Dynamic NAT with longest prefix

Explanation

Question 4 of 20

1

4. How can firepower block malicious email attachments?

Select one of the following:

  • A. It forwards email requests to an external signature engine

  • B. It scans inbound email messages for known bad URLs

  • C. It sends an alert to the administrator to verify suspicious email messages

  • D. It sends the traffic through a file policy

Explanation

Question 5 of 20

1

5. Which firewall configuration must you perform to allow traffic to flow in both directions between two zones?

Select one of the following:

  • A. Configure a single zone pair that allows bidirectional traffic flows from any zone except the self-zone

  • B. Configure two zone pairs, one for each direction

  • C. Configure a single zone pair that allows bidirectional traffic flows from any zone

  • D. Configure a single zone pair that allows bidirectional traffic flows only if the source zone is the less secure zone

Explanation

Question 6 of 20

1

6. What mechanism does asymmetric cryptography use to secure data?

Select one of the following:

  • A. An MD5 hash

  • B. A public/private key pair

  • C. An RSA nonce

  • D. Shared secret keys

Explanation

Question 7 of 20

1

7. Which statement about IOS privilege levels is true?

Select one of the following:

  • A. Each privilege level is independent of all other privilege levels

  • B. Each privilege level supports the commands at its own level and all levels above it

  • C. Privilege-level commands are set explicitly for each user

  • D. Each privilege level supports the commands at its own level and all levels below it

Explanation

Question 8 of 20

1

8. Your security team has discovered a malicious program that has been harvesting the CEO's email messages and the company's user database for the last 6 months. What type of attack did your team discover? (Choose two)

Select one or more of the following:

  • A. Social activism

  • B. Targeted malware

  • C. Drive-by spyware

  • D. Polymorphic virus

  • E. Advanced persistent threat

Explanation

Question 9 of 20

1

9. What is a valid implicit permit rule for traffic that is traversing the ASA firewall?

Select one of the following:

  • A. Unicast IPv6 traffic from a higher security interface to a lower security interface is permitted in transparent mode only

  • B. Only BPDUs from a higher security interface to a lower security interface are permitted in routed mode

  • C. Unicast IPv4 traffic from a higher security interface to a lower security interface is permitted in routed mode only

  • D. Only BPDUs from a higher security interface to a lower security interface are permitted in transparent mode

  • E. ARPs in both directions are permitted in transparent mode only

Explanation

Question 10 of 20

1

10. What is the effect of the following command: “Crypto ipsec transform-set my set esp-md5-hmac esp-aes-256”

Select one or more of the following:

  • A. It configures encryption to use MD5 HMAC

  • B. It configures authentication to use MD5 HMAC

  • C. It configures encryption to use AES-256

  • D. It configured authentication to use AES-256

  • E. It configures authorization to use AES-256

Explanation

Question 11 of 20

1

11. Which of the following statements about access lists are true? (Choose three)

Select one or more of the following:

  • A. Extended access lists should be placed as near as possible to the destination

  • B. Standard access lists should be placed as near as possible to the source

  • C. Extended access lists should be placed as near as possible to the source

  • D. Standard access lists should be placed as near as possible to the destination

  • E. Standard access lists filter on the source address

  • F. Standard access lists filter on the destination address

Explanation

Question 12 of 20

1

12. In which two situations should you use in-band management? (Choose two)

Select one or more of the following:

  • A. When a network device fails to forward packets

  • B. When management applications need concurrent access to the device

  • C. When you require administrator access from multiple locations

  • D. When you require ROMMON access

  • E. When the control plane fails to respond

Explanation

Question 13 of 20

1

13. In which two situations should you use out-of-band management? (Choose two)

Select one or more of the following:

  • A. When a network device fails to forward packets

  • B. When management applications need concurrent access to the device

  • C. When you require administrator access from multiple locations

  • D. When you require ROMMON access

  • E. When the control plane fails to respond

Explanation

Question 14 of 20

1

14. Which command enable ospf authentication?

Select one of the following:

  • A. ip ospf authentication message-digest

  • B. network 192.168.10.0 0.0.0.255 area 0

  • C. area 20 authentication message-digest

  • D. ip ospf message-digest-key 1 md5 CCNA

Explanation

Question 15 of 20

1

15.Which command help user1 to use enable,disable,exit&etc commands?

Select one of the following:

  • A. catalyst1(config)#username user1 privilege 0 secret us1pass

  • B. catalyst1(config)#username user1 privilege 1 secret us1pass

  • C. catalyst1(config)#username user1 privilege 2 secret us1pass

  • D. catalyst1(config)#username user1 privilege 5 secret us1pass

Explanation

Question 16 of 20

1

16. Command ip ospf authentication key 1 is implemented in which level?

Select one of the following:

  • A. Interface

  • B. process

  • C. global

  • D. enable

Explanation

Question 17 of 20

1

17. Which line in the following OSPF configuration will not be required for MD5 authentication to work?

ip address 192.168.10.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 CCNA
!
router ospf 65000
router-id 192.168.10.1
area 20 authentication message-digest
network 10.1.1.0 0.0.0.255 area 10
network 192.168.10.0 0.0.0.255 area 0

Select one or more of the following:

  • A. ip ospf authentication message-digest

  • B. network 192.168.10.0 0.0.0.255 area 0

  • C. area 20 authentication message-digest

  • D. ip ospf message-digest-key 1 md5 CCNA

Explanation

Question 18 of 20

1

18. Which of the following pairs of statements is true in terms of configuring MD authentication?

Select one of the following:

  • A. Interface statements (OSPF, EIGRP) must be configured; use of key chain in OSPF

  • B. Router process (OSPF, EIGRP) must be configured; key chain in EIGRP

  • C. Router process (only for OSPF) must be configured; key chain in EIGRP

  • D. Router process (only for OSPF) must be configured; key chain in OSPF

Explanation

Question 19 of 20

1

19. which are two valid TCP connection states (pick 2) is the gist of the question?

Select one or more of the following:

  • A. SYN-RCVD

  • B. Closed

  • C. SYN-WAIT

  • D. RCVD

  • E. SENT

Explanation

Question 20 of 20

1

20. What is example of social engineering?

Select one or more of the following:

  • A. Gaining access to a building through an unlocked door.

  • B. something about inserting a random flash drive.

  • C. gaining access to server room by posing as IT

  • D. Watching other user put in username and password (something around there)

Explanation

Previous
Check answer
Next