Security-1 Flashcards Preview

CCNA > Security-1 > Flashcards

Flashcards in Security-1 Deck (13)
Loading flashcards...
1
Q

Question 1
Which statement about RADIUS security is true?
A. It supports EAP authentication for connecting to wireless networks.
B. It provides encrypted multiprotocol support.
C. Device-administration packets are encrypted in their entirety.
D. It ensures that user activity is fully anonymous.

A

Answer: A

2
Q

Question 2
Which condition indicates that service password-encryption is enabled?
A. The local username password is in clear text in the configuration.
B. The enable secret is in clear text in the configuration.
C. The local username password is encrypted in the configuration.
D. The enable secret is encrypted in the configuration.

A

Answer: C

3
Q

Question 3
Which command can you enter to configure a local username with an encrypted password and EXEC mode user privileges?
A. Router(config)#username jdone privilege 1 password 7 08314D5D1A48
B. Router(config)#username jdone privilege 1 password 7 PASSWORD1
C. Router(config)#username jdone privilege 15 password 0 08314D5D1A48 D. Router(config)#username jdone privilege 15 password 0 PASSWORD1

A

Answer: A

4
Q
Question 4
Which command sets and automatically encrypts the privileged enable mode password?
A. enable password c1sco 
B. secret enable c1sco 
C. password enable c1sco 
D. enable secret c1sco
A

Answer: D

5
Q
Question 5
The enable secret command is used to secure access to which CLI mode?
A. user EXEC mode 
B. global configuration mode 
C. privileged EXEC mode 
D. auxiliary setup mode
A

Answer: C

6
Q

Question 6
Refer to the exhibit. What is the result of setting the no login command?
Router#config t Router(config)#line vty 0 4 Router(config-line)#password c1sc0 Router(config-line)#no login
A. Telnet access is denied.
B. Telnet access requires a new password at the first login. C. Telnet access requires a new password.
D. no password is required for telnet access.

A

Answer: D

7
Q

Question 7
What is a difference between TACACS+ and RADIUS in AAA?
A. Only TACACS+ allows for separate authentication.
B. Only RADIUS encrypts the entire access-request packet.
C. Only RADIUS uses TCP.
D. Only TACACS+ couples authentication and authorization.

A

Answer: A

8
Q
Question 8
Which protocol authenticates connected devices before allowing them to access the LAN?
A. 802.1d 
B. 802.11 
C. 802.1w 
D. 802.1x
A

Answer: D

9
Q

Question 9
Which three options are benefits of using TACACS+ on a device? (Choose three)
A. It ensures that user activity is untraceable.
B. It provides a secure accounting facility on the device.
C. device-administration packets are encrypted in their entirely.
D. It allows the user to remotely access devices from other vendors.
E. It allows the users to be authenticated against a remote server.
F. It supports access-level authorization for commands.

A

Answer: C E F

10
Q
Question 10
A security administrator wants to profile endpoints and gain visibility into attempted authentications. Which 802.1x mode allows these actions?
A. Monitor mode 
B. High-Security mode 
C. Low-impact mode 
D. Closed mode
A

Answer: A

11
Q

Question 11
What should be part of a comprehensive network security plan?
A. Allow users to develop their own approach to network security
B. Physically secure network equipment from potential access by unauthorized individuals
C. Encourage users to use personal information in their passwords to minimize the likelihood of passwords being forgotten
D. Delay deployment of software patches and updates until their effect on end-user equipment is well known and widely reported
E. Minimize network overhead by deactivating automatic antivirus client updates

A

Answer: B

12
Q
Question 12
Which password types are encrypted?
A. SSH 
B. Telnet 
C. enable secret
 D. enable password
A

Answer: C

13
Q

Which IPsec security protocol should be used when confidentiality is required?

A. MD5

B. PSK

C. AH

D. ESP

A

Hide Answer

Correct Answer: D