security-2 Flashcards Preview

CCNA > security-2 > Flashcards

Flashcards in security-2 Deck (14)
Loading flashcards...
1

Question 1
How do you maintain security in multiple websites?
A. VPN
B. DMVPN
C. other
D. other

Answer: A

2

Question 2
Which of the following encrypts the traffic on a leased line?
A. telnet
B. ssh
C. vtp
D. vpn
E. dmvpn

Answer: B

3

Question 3
Which command is necessary to permit SSH or Telnet access to a Cisco switch that is otherwise configured for these vty line protocols?
A. transport type all
B. transport output all
C. transport preferred all
D. transport input all

Answer: D

4

Question 4
How to verify SSH connections were secured?
A. ssh -v 1 -l admin IP
B. ssh -v 2 -l admin IP
C. ssh -l admin IP
D. ssh -v 2 admin IP

Answer: B

5

Question 5
In order to comply with new auditing standards, a security administrator must be able to correlate system security alert logs directly with the employee who triggers the alert. Which of the following should the security administrator implement in order to meet this requirement?
A. Access control lists on file servers
B. Elimination of shared accounts
C. Group-based privileges for accounts
D. Periodic user account access reviews

Answer: D

6

Question 6
Which three feature are represented by A letter in AAA? (Choose three)
A. authorization
B. accounting
C. authentication
D. accountability
E. accessibility
F. authority

Answer: A B C

7

Question 7
What are two characteristics of SSH? (Choose two)
A. use port 22
B. unsecured
C. encrypted
D. most common remote-access method
E. operate at transport

Answer: A C

8

Question 8
Which two statements about TACACS+ are true? (Choose two)
A. It can run on a UNlX server.
B. It authenticates against the user database on the local device.
C. It is more secure than AAA authentication.
D. It is enabled on Cisco routers by default. E. It uses a managed database.

Answer: A E

9

Question 9
Refer to the exhibit. Which user-mode password has just been set?
R1#config R1(config)#line vty 0 4 R1(config-line)#password C1scO R1(config-line)#login
A. Telnet
B. Auxiliary
C. SSH
D. Console

Answer: A

10

Question 10
Which two passwords must be supplied in order to connect by Telnet to a properly secured Cisco switch and make changes to the device configuration? (Choose two)
A. tty password
B. enable secret password
C. vty password
D. aux password
E. console password
F. username password

Answer: B C

11

Question 11
Which two statements about firewalls are true?
A. They can be used with an intrusion prevention system. B. They can limit unauthorized user access to protect data. C. Each wireless access point requires its own firewall
D. They must be placed only at locations where the private network connects to the internet.
E. They can prevent attacks from the internet only.

Answer: A B

12

Question 12
Which three options are types of Layer 2 network attack? (Choose three)
A. Spoofing attacks
B. VLAN Hopping
C. Botnet attacks
D. DDOS attacks
E. ARP Attacks
F. Brute force attacks

Answer: A B E

13

Question 13
Which IEEE mechanism is responsible for the authentication of devices when they attempt to connect to a local network?
A. 802.1x
B. 802.11
C. 802.2x
D. 802.3x

Answer: A

14

Question 14
Which IPsec security protocol should be used when confidentiality is required?
A. AH
B. MD5
C. PSK
D. ESP

Answer: D