Mohamed Yuosef
Test por , creado hace más de 1 año

Some of the new questions

316
0
0
Sin etiquetas
Mohamed Yuosef
Creado por Mohamed Yuosef hace alrededor de 7 años
Cerrar

CCNA Security v3.0

Pregunta 1 de 20

1

1.Which NAT type allows only objects or groups to reference an IP address?

Selecciona una de las siguientes respuestas posibles:

  • A. Dynamic NAT

  • B. Dynamic PAT

  • C. Identity NAT

  • D. Static NAT

Explicación

Pregunta 2 de 20

1

2. Which of these are characteristics of DHCP spoofing? (Choose three)

Selecciona una o más de las siguientes respuestas posibles:

  • A. ARP poisoning

  • B. Physically modify the network gateway

  • C. Can access most network devices

  • D. Protect the identity of the attacker by masking their DHCP address

  • E. Man-in-the-middle attack

  • F. Modify traffic in transit

Explicación

Pregunta 3 de 20

1

3. Which NAT option is executed first in the case of multiple NAT translations?

Selecciona una de las siguientes respuestas posibles:

  • A. Static NAT with shortest prefix

  • B. Static NAT with longest prefix

  • C. Dynamic NAT with shortest prefix

  • D. Dynamic NAT with longest prefix

Explicación

Pregunta 4 de 20

1

4. How can firepower block malicious email attachments?

Selecciona una de las siguientes respuestas posibles:

  • A. It forwards email requests to an external signature engine

  • B. It scans inbound email messages for known bad URLs

  • C. It sends an alert to the administrator to verify suspicious email messages

  • D. It sends the traffic through a file policy

Explicación

Pregunta 5 de 20

1

5. Which firewall configuration must you perform to allow traffic to flow in both directions between two zones?

Selecciona una de las siguientes respuestas posibles:

  • A. Configure a single zone pair that allows bidirectional traffic flows from any zone except the self-zone

  • B. Configure two zone pairs, one for each direction

  • C. Configure a single zone pair that allows bidirectional traffic flows from any zone

  • D. Configure a single zone pair that allows bidirectional traffic flows only if the source zone is the less secure zone

Explicación

Pregunta 6 de 20

1

6. What mechanism does asymmetric cryptography use to secure data?

Selecciona una de las siguientes respuestas posibles:

  • A. An MD5 hash

  • B. A public/private key pair

  • C. An RSA nonce

  • D. Shared secret keys

Explicación

Pregunta 7 de 20

1

7. Which statement about IOS privilege levels is true?

Selecciona una de las siguientes respuestas posibles:

  • A. Each privilege level is independent of all other privilege levels

  • B. Each privilege level supports the commands at its own level and all levels above it

  • C. Privilege-level commands are set explicitly for each user

  • D. Each privilege level supports the commands at its own level and all levels below it

Explicación

Pregunta 8 de 20

1

8. Your security team has discovered a malicious program that has been harvesting the CEO's email messages and the company's user database for the last 6 months. What type of attack did your team discover? (Choose two)

Selecciona una o más de las siguientes respuestas posibles:

  • A. Social activism

  • B. Targeted malware

  • C. Drive-by spyware

  • D. Polymorphic virus

  • E. Advanced persistent threat

Explicación

Pregunta 9 de 20

1

9. What is a valid implicit permit rule for traffic that is traversing the ASA firewall?

Selecciona una de las siguientes respuestas posibles:

  • A. Unicast IPv6 traffic from a higher security interface to a lower security interface is permitted in transparent mode only

  • B. Only BPDUs from a higher security interface to a lower security interface are permitted in routed mode

  • C. Unicast IPv4 traffic from a higher security interface to a lower security interface is permitted in routed mode only

  • D. Only BPDUs from a higher security interface to a lower security interface are permitted in transparent mode

  • E. ARPs in both directions are permitted in transparent mode only

Explicación

Pregunta 10 de 20

1

10. What is the effect of the following command: “Crypto ipsec transform-set my set esp-md5-hmac esp-aes-256”

Selecciona una o más de las siguientes respuestas posibles:

  • A. It configures encryption to use MD5 HMAC

  • B. It configures authentication to use MD5 HMAC

  • C. It configures encryption to use AES-256

  • D. It configured authentication to use AES-256

  • E. It configures authorization to use AES-256

Explicación

Pregunta 11 de 20

1

11. Which of the following statements about access lists are true? (Choose three)

Selecciona una o más de las siguientes respuestas posibles:

  • A. Extended access lists should be placed as near as possible to the destination

  • B. Standard access lists should be placed as near as possible to the source

  • C. Extended access lists should be placed as near as possible to the source

  • D. Standard access lists should be placed as near as possible to the destination

  • E. Standard access lists filter on the source address

  • F. Standard access lists filter on the destination address

Explicación

Pregunta 12 de 20

1

12. In which two situations should you use in-band management? (Choose two)

Selecciona una o más de las siguientes respuestas posibles:

  • A. When a network device fails to forward packets

  • B. When management applications need concurrent access to the device

  • C. When you require administrator access from multiple locations

  • D. When you require ROMMON access

  • E. When the control plane fails to respond

Explicación

Pregunta 13 de 20

1

13. In which two situations should you use out-of-band management? (Choose two)

Selecciona una o más de las siguientes respuestas posibles:

  • A. When a network device fails to forward packets

  • B. When management applications need concurrent access to the device

  • C. When you require administrator access from multiple locations

  • D. When you require ROMMON access

  • E. When the control plane fails to respond

Explicación

Pregunta 14 de 20

1

14. Which command enable ospf authentication?

Selecciona una de las siguientes respuestas posibles:

  • A. ip ospf authentication message-digest

  • B. network 192.168.10.0 0.0.0.255 area 0

  • C. area 20 authentication message-digest

  • D. ip ospf message-digest-key 1 md5 CCNA

Explicación

Pregunta 15 de 20

1

15.Which command help user1 to use enable,disable,exit&etc commands?

Selecciona una de las siguientes respuestas posibles:

  • A. catalyst1(config)#username user1 privilege 0 secret us1pass

  • B. catalyst1(config)#username user1 privilege 1 secret us1pass

  • C. catalyst1(config)#username user1 privilege 2 secret us1pass

  • D. catalyst1(config)#username user1 privilege 5 secret us1pass

Explicación

Pregunta 16 de 20

1

16. Command ip ospf authentication key 1 is implemented in which level?

Selecciona una de las siguientes respuestas posibles:

  • A. Interface

  • B. process

  • C. global

  • D. enable

Explicación

Pregunta 17 de 20

1

17. Which line in the following OSPF configuration will not be required for MD5 authentication to work?

ip address 192.168.10.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 CCNA
!
router ospf 65000
router-id 192.168.10.1
area 20 authentication message-digest
network 10.1.1.0 0.0.0.255 area 10
network 192.168.10.0 0.0.0.255 area 0

Selecciona una o más de las siguientes respuestas posibles:

  • A. ip ospf authentication message-digest

  • B. network 192.168.10.0 0.0.0.255 area 0

  • C. area 20 authentication message-digest

  • D. ip ospf message-digest-key 1 md5 CCNA

Explicación

Pregunta 18 de 20

1

18. Which of the following pairs of statements is true in terms of configuring MD authentication?

Selecciona una de las siguientes respuestas posibles:

  • A. Interface statements (OSPF, EIGRP) must be configured; use of key chain in OSPF

  • B. Router process (OSPF, EIGRP) must be configured; key chain in EIGRP

  • C. Router process (only for OSPF) must be configured; key chain in EIGRP

  • D. Router process (only for OSPF) must be configured; key chain in OSPF

Explicación

Pregunta 19 de 20

1

19. which are two valid TCP connection states (pick 2) is the gist of the question?

Selecciona una o más de las siguientes respuestas posibles:

  • A. SYN-RCVD

  • B. Closed

  • C. SYN-WAIT

  • D. RCVD

  • E. SENT

Explicación

Pregunta 20 de 20

1

20. What is example of social engineering?

Selecciona una o más de las siguientes respuestas posibles:

  • A. Gaining access to a building through an unlocked door.

  • B. something about inserting a random flash drive.

  • C. gaining access to server room by posing as IT

  • D. Watching other user put in username and password (something around there)

Explicación

Anterior
Revisar respuesta
Siguiente