Test 1

Is this your test? Login to manage it. If not, you can make an exam just like it.

This is a non-interactive preview of the quiz content.

1.
1 point
What are purposes of the Internet Key Exchange in an IPsec VPN? (Choose two.)
2.
1 point
Which syslog level is associated with LOG_WARNING?
3.
1 point
Which TACACS+ server-authentication protocols are supported on Cisco ASA firewalls? (Choose three.)
4.
1 point
Which security zone is automatically defined by the system?
5.
1 point
How can the administrator enable permanent client installation in a Cisco AnyConnect VPN firewall configuration?
6.
1 point
Which of the following statements about access lists are true? (Choose three.)
7.
1 point
Which countermeasures can mitigate ARP spoofing attacks? (Choose two.)
8.
1 point
Which statements about smart tunnels on a Cisco firewall are true? (Choose two.)
9.
1 point
What features can protect the data plane? (Choose three.)
10.
1 point
Which RADIUS server authentication protocols are supported on Cisco ASA firewalls? (Choose three.)
11.
1 point
Which actions can a promiscuous IPS take to mitigate an attack? (Choose three.)
12.
1 point
Which two characteristics represent a blended threat? (Choose two.)
13.
1 point
Which command initializes a lawful intercept view?
14.
1 point
Which command verifies phase 2 of an IPsec VPN on a Cisco router?
15.
1 point
Which command verifies phase 1 of an IPsec VPN on a Cisco router?
16.
1 point
On which Cisco Configuration Professional screen do you enable AAA
17.
1 point
What are the primary attack methods of VLAN hopping? (Choose two.)
18.
1 point
Which source port does IKE use when NAT has been detected between two
VPN gateways?
19.
1 point
Which three protocols are supported by management plane protection? (Choose three.)
20.
1 point
Which components does HMAC use to determine the authenticity and integrity of a message? (Choose two.)
21.
1 point
Which type of security control is defense in depth?
22.
1 point
QUESTION 6
What is the best way to prevent a VLAN hopping attack?
23.
1 point
Which two countermeasures can mitigate MAC spoofing attacks? (Choose two.)
24.
1 point
Which two countermeasures can mitigate STP root bridge attacks? (Choose two.)
25.
1 point
What is a possible reason for the error message?Router(config)#aaa server?% Unrecognized command
26.
1 point
Which type of mirroring does SPAN technology perform?
27.
1 point
Which address block is reserved for locally assigned unique local addresses?
28.
1 point
Which statement about rule-based policies in Cisco Security Manager is true?
29.
1 point
Which statements about reflexive access lists are true? (Choose three.)
30.
1 point
Which Cisco feature can help mitigate spoofing attacks by verifying symmetry of the traffic path?
31.
1 point
In which stage of an attack does the attacker discover devices on a target network?
32.
1 point
If you are implementing VLAN trunking, which additional configuration parameter should be added to the
trunking configuration?
33.
1 point
Which accounting notices are used to send a failed authentication attempt record to a AAA server? (Choose two.)
34.
1 point
What is the Cisco preferred countermeasure to mitigate CAM overflows?
35.
1 point
Which aaa accounting command is used to enable logging of the start and stop records for user terminal
sessions on the router?
36.
1 point
Which option describes information that must be considered when you apply an access list to a physical interface?
37.
1 point
Which represents a unique link-local address (IPv6)?
38.
1 point
Which options are filtering options used to display SDEE message types? (Choose two.)
39.
1 point
Which protocols use encryption to protect the confidentiality of data transmitted between two parties? (Choose two.)
40.
1 point
Which security measures can protect the control plane of a Cisco router? (Choose two.)
41.
1 point
Which type of IPS can identify worms that are propagating in a network?
42.
1 point
Which command will configure AAA accounting using the list of all RADIUS servers on a device to generate a
reload event message when the device reloads?
43.
1 point
Which tasks is the session management path responsible for? (Choose three.)
44.
1 point
Which sensor mode can deny attackers inline?
45.
1 point
Which option is the most effective placement of an IPS device within the infrastructure?
46.
1 point
Which two features are supported by Cisco IronPort Security Gateway? (Choose two.)
47.
1 point
Which statement about extended access lists is true?
48.
1 point
If a router configuration includes the line aaa authentication login default group tacacs+ enable, which events will occur when the TACACS+ server returns an error? (Choose two.)
49.
1 point
A clientless SSL VPN user who is connecting on a Windows Vista computer is missing the menu option for Remote Desktop Protocol on the portal web page. Which action should you take to begin troubleshooting?
50.
1 point
Which two services are provided by IPsec? (Choose two.)