FedVTE Cisco CCNA Security Self-Study Prep 33 Questions with Verified Answers,100% CORRECT

Document Content and Description Below

FedVTE Cisco CCNA Security Self-Study Prep 33 Questions with Verified Answers Ensuring that several individuals are able to perform a specific function in order to have oversight and eliminate sing... le points of failure, is which of the following Operations Security principles? - CORRECT ANSWER C. Rotation of duties A standard ACL: - CORRECT ANSWER C. Identifies the source network to be blocked Which form of risk analysis uses a mathematical model that assigns a monetary figure? - CORRECT ANSWER B. Quantitative Enabling SSH on a router requires all of the following except: - CORRECT ANSWER D. Installing a PuTTY client The RADIUS protocol hides passwords during transmission but the rest of the packet is sent in plaintext. - CORRECT ANSWER TRUE Signatures attributes have all the following attributes EXCEPT: - CORRECT ANSWER D. Exceptions A stateful firewall: - CORRECT ANSWER C. Monitors outbound traffic and permits only reply traffic that properly matches the outbound traffic Ensuring that several individuals are able to perform a specific function in order to have oversight and eliminate single points of failure, is which of the following Operations Security principles? - CORRECT ANSWER C. Rotation of duties ACLs have a policy of which of the following? - CORRECT ANSWER A. first match IOS 12.3 and later, passwords can be: - CORRECT ANSWER C. 0 to 16 characters in length Which VPN listed below DOES NOT encrypt traffic: - CORRECT ANSWER D. All of the following are best practices when configuring router login banner messages EXCEPT: - CORRECT ANSWER C. Use the word "welcome" Enabling SSH on a router requires all of the following except - CORRECT ANSWER D. Installing a PuTTY client Granting a user access to a requested service only if the information in the user profile allows it, is an example of what? - CORRECT ANSWER B. Authorization Enabling PortFast on a switchport: - CORRECT ANSWER B. Disables Spanning Tree on the switchport Symmetric encryption has all the following advantages EXCEPT: - CORRECT ANSWER A. Simplified key distribution Cisco Port Security action options include all the following EXCEPT: - CORRECT ANSWER A. A packet-filtering firewall typically can filter up to which layer, while a stateful firewall can filter up to: - CORRECT ANSWER B. transport, session PKI is a framework that supports: - CORRECT ANSWER A. Symmetric key distribution A Virtual Private Network provides the same network connectivity for remote users over a public infrastructure as they would have over a private network. - CORRECT ANSWER A. True Cisco ACS is a single solution that offers AAA services using: - CORRECT ANSWER C. TACACS+ or RADIUS IPSec VPNs are the preferred method for: - CORRECT ANSWER B. Site-to-Site VPN connections In comparing RADIUS servers and TACACS+ servers, - CORRECT ANSWER C. TACACS+ servers can list authorized router commands per user or per group When using Cisco IOS global command to enforce minimum password length, it applies to all new and existing router passwords. - CORRECT ANSWER B. False Which of the following Cisco IOS commands would be utilized to enforce minimum password length? - CORRECT ANSWER C. security passwords min-length The Cisco autosecure feature is used to: - CORRECT ANSWER B. Lock down routers It is a best practice to place general ACL statements higher in the ACL and more specific statements near the end. - CORRECT ANSWER B. False All Cisco ACLs end with which implicit statement? - CORRECT ANSWER "B. deny all " Once a user has authenticated, authorization services: - CORRECT ANSWER A. determine which resources the user can access The ACL is processed top-down based on the sequence numbers of the statements - CORRECT ANSWER A. lowest to highest Which VPN listed below DOES NOT encrypt traffic: - CORRECT ANSWER D. MPLS VPNs Cisco AAA is: - CORRECT ANSWER B. Able to connect to many RADIUS servers, but not always on Cisco UDP ports 1812 and 1813 Modular Policy Framework (MPF), defines a set of rules for applying firewall features and allows granular classification of traffic flows. - CORRECT ANSWER A. True [Show More]

Last updated: 8 months ago

Preview 1 out of 3 pages