Which type of malicious software can create a back-door into a device or network?
A. Worm B. Trojan C. Virus D. Bot
Which command enables authentication at the OSPFv2 routing process level?
A. area 0 authentication message-digest B. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF C. ip ospf authentication message-digest D. ip ospf message-digest-key 1 md5 C1sc0!
switch(config)# router ospf 201
switch(config-router)# area 0 authentication message-digest switch(config-router)# interface ethernet 1/1 switch(config-if)# no switchport switch(config-if)# ip ospf area 0 switch(config)-if# ip ospf message-digest-key 10 md5 0 adcdefgh switch(config-if)#
Command Description copy running-config startup- Saves the configuration changes to the startup config configuration file. ip ospf authentication-key Assigns a password for simple password authentication for OSPF. ip ospf message-digest-key Assigns a password for OSPF MD5 authentication. show ip ospf interface Displays OSPF interface-related information.
What is the maximum number of methods that a single method list can contain? A. 4 B. 3 C. 2 D. 5
Which IPS detection method examines network traffic for preconfigured patterns? A. Signature-based detection B. Policy-based detection C. Anomaly-based detection D. Honey-pot detection
Which statement about interface and global access rules is true?
A. Interface access rules are processed before global access rules. B. The implicit allow is processed after both the global and interface access rules. C. If an interface access rule is applied, the global access rule is ignored. D. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction. Which type of firewall monitors and protects a specific system? A. Proxy firewall B. Stateless firewall C. Application Firewall D. Personal Firewall
DRAG DROP Select and Place:
HIDE ANSWERS Correct Answer:
When would you configure the ip dhcp snooping trust command on a switch? A. when the switch is connected to a client system B. when the switch is connected to a DHCP server C. when the switch is working in an edge capacity D. when the switch is serving as an aggregator
What does the policy map do in CoPP?
A. defines service parameters B. defines the packet filter C. defines packet selection parameters D. defines the action to be performed
Which two parameters can you view in the Cisco ASDM Protocol Statistics window? (Choose two.) A. the number of active tunnels B. the number of rejected connection attempts C. the number of tunnels that have been established since the Cisco ASA was rebooted D. the number of closed tunnels E. the user attempting the connection Which two advantages does the on-premise model for MDM deployment have over the cloud- based model? (Choose two.) A. The on-premise model is easier and faster to deploy than the cloud-based model B. The on-premise model is more scalable than the cloud-based model C. The on-premise model is generally less expensive than the cloud-based model D. The on-premise model provides more control of the MDM solution than the cloud-based model E. The on-premise model generally has less latency than the cloud-based model
How is management traffic isolated on a Cisco ASR 1002?
A. Traffic is isolated based upon how you configure routing on the device B. Traffic isolation is done on the VLAN level C. There is no management traffic isolation on a Cisco ASR 1002 D. The management interface is configured in a special VRF that provides traffic isolation from the default routing table
Refer to the exhibit. What is the effect of the given configuration?
A. The two devices are able to pass the message digest to one another B. It enables authentication C. The two routers receive normal updates from one another D. It prevents keychain authentication
A user on your network inadvertently activates a botnet program that was received as an email attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack? A. user-based access control rule B. reputation-based C. botnet traffic filter D. network-based access control rule
Which two attack types can be prevented with the implementation of a Cisco IPS solution? (Choose two.) A. VLAN hopping B. DDoS C. ARP spoofing D. worms E. man-in-the-middle How can you prevent NAT rules from sending traffic to incorrect interfaces? A. Assign the output interface in the NAT statement B. Add the no-proxy-arp command to the nat line C. Configure twice NAT instead of object NAT D. Use packet-tracer rules to reroute misrouted NAT entries
Which security principle has been violated if data is altered in an unauthorized manner? A. accountability B. availability C. confidentiality D. integrity
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU? A. PortFast B. BPDU guard C. BPDU filtering D. root guard
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared key? A. authentication B. encryption C. hash D. group
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates? A. EAP-GTC B. EAP-TLS C. EAP-PEAP D. EAP-MSCHAPv2
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious? A. Verify that the company IPS blocks all known malicious websites. B. Implement URL filtering on the perimeter firewall. C. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores. D. Verify that antivirus software is installed and up to date for all users on your network Which command can you enter to configure OSPF to use hashing to authenticate routing updates? A. ip ospf authentication message-digest B. neighbor 192.168.0.112 cost md5 C. ip ospf authentication-key D. ip ospf priority 1
Which feature of the Cisco Email Security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attacks? A. reputation based filtering B. signature-based IPS C. graymail management and filtering D. contextual analysis
QUESTION 20 Which four tasks are required when you configure Cisco IOS IPS using the Cisco Configuration Professional IPS wizard? 210-260 dumps (Choose four.) A. Select the interface(s) to apply the IPS rule. B. Select the traffic flow direction that should be applied by the IPS rule. C. Add or remove IPS alerts actions based on the risk rating. D. Specify the signature file and the Cisco public key. E. Select the IPS bypass mode (fail-open or fail-close). F. Specify the configuration location and select the category of signatures to be applied to the selected interface(s). Correct Answer: ABDF Explanation: Step 11. At the `Select Interfaces’ screen, select the interface and the direction that IOS IPS will be applied to, then click `Next’ to continue. Step 12. At the `IPS Policies Wizard’ screen, in the `Signature File’ section, select the first radio button “Specify the signature file you want to use with IOS IPS”, then click the “…” button to bring up a dialog box to specify the location of the signature package file, which will be the directory specified in Step 6. In this example, we use tftp to download the signature package to the router.
Step 13. In the `Configure Public Key’ section, enter `realm-
cisco.pub’ in the `Name’ text field, then copy and paste the following public key’s key-string in the `Key’ text field. This public key can be downloaded from Cisco.com.
NEW QUESTION 522
Which path do you follow to enable AAA through the SDM?
A. Configure > Tasks > AAA
B. Configure > Authentication > AAA C. Configure > Additioonal Authentication > AAA D. Configure > Additional Tasks > AAA E. Configure > AAA
Answer: D
NEW QUESTION 523
What aims to remove the ability to deny an action?
A. Integrity B. Deniability C. Accountability D. Non-Repudiation
Answer: D
NEW QUESTION 524
In which two models can the Cisco Web Security Appliance be deployed? (Choose two.)
A. as a transparent proxy using the Secure Sockets Layer Protocol
B. as a transparent proxy using the HyperText Transfer Protocol C. explicit active mode D. as a transparent proxy using the Web Cache Communication Protocol E. explicit proxy mode
Answer: DE
NEW QUESTION 525
Which two statements about hardware-based encryption are true? (Choose two.)
A. It is potentially easier to compromise than software-based encryption.
B. It requires minimal configuration. C. It can be implemented without impacting performance. D. It is widely accessible. E. It is highly cost-effective.
Answer: CE
NEW QUESTION 526
What is the main purpose of Control Plane Policing?
A. to prevent exhaustion of route-processor resources
B. to organize the egress packet queues C. to define traffic classes D. to maintain the policy map
Answer: A
NEW QUESTION 527
What is the best definition of hairpinning?
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters and exits a device through the same interface C. traffic that enters one interface on a device and that exits through another interface D. traffic that tunnels through a device interface
Answer: B
NEW QUESTION 528
How can you mitigate DCE/RPC evasion techniques while allowing access to the DCE/RPC service?
A. Update the IPS signature for HTTPS to validate DCE/RPC connections.
B. Block suspicious hosts from DCE/RPC port 593. C. Tunnel DCE/RPC traffic through GRE. D. Configure the DCE/RPC preprocessor.
Answer: B
NEW QUESTION 529
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?
A. authPriv B. authNoPriv C. noAuthPriv D. noAuthNoPriv
Answer: B
NEW QUESTION 530
Which type of firewall can perform deep packet inspection?
A. application firewall B. stateless firewall C. packet-filtering firewall D. personal firewall
Answer: A
NEW QUESTION 531
Which type of mechanism does Cisco FirePOWER deploy to protect against email threats that are detected moving across other networks?
A. signature-based B. reputation-based C. antivirus scanning D. policy-based
Answer: B
NEW QUESTION 532
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for business purposes. Which action can you take to retain the blacklist while allowing users to access the approved sites?
A. Create a whitelist and manually add the approved addresses.
B. Edit the dynamic blacklist to remove the approved addresses. C. Disable the dynamic blacklist and deny the specific address on a whitelist while permitting the others. D. Disable the dynamic blacklist and create a static blacklist in its place.
Answer: A
NEW QUESTION 533
Which command enables port security to use sticky MAC addresses on a switch?
A. switchport port-security mac-address sticky
B. switchport port-security C. switchport port-security violation protect D. switchport port-security violation restrict
Answer: A
NEW QUESTION 534
Which attack can be prevented by OSPF authentication?
A. smurf attack B. IP spoofing attack C. Denial of service attack D. buffer overflow attack
Answer: B
NEW QUESTION 535
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?
A. CTA B. AMP C. DLP D. DCA
Answer: C
Drag and Drop
Shutdown – The interface is error-disabled Shutdown Vlan – The virtual layer 2 segment is disabled Restrict – When the number of secure MAC address on the port reaches a specified maximum limit, the port drops packet and sends an SNMP trap Protect – When the number of secure MAC addresses on the port reaches a special maximum, the port drops packets without notification.
NEW QUESTION 529
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?
A. authPriv B. authNoPriv C. noAuthPrsqiv D. noAuthNoPriv
Answer: B There’s a question about EAP. Not exactly but the question is like this: Which component is responsible for network access policy? a. RADIUS server b. authentication server c. authenticator d. supplicant
I am not sure of the answer but I answered d. supplicant.
Which component is responsible for network access policy?
a. RADIUS server b. authentication server c. authenticator d. supplicant
I Think the correct answer is B, Authentication Server.
Authentication Server: A server that validates the credentials sent by the supplicant and determines what level of network access the end user or device should receive. Not only RADIUS is an authentication server.
I passed with 948/1000
67 q’s , 1 d&d and 1 lab question from Coachgreece & new question by dk2019 and Alex comments I found 5 new exams that I have never seen. Questions about Questions about The table is on the ASA. I answer is NAT Table Questions about privilege exec level I answer is 0-15 Questions about IKE and VPN I answer is Authorization Questions about action stateful firewall I answer is DROP 1 more I can’t remember.
Please help, below are the question which need to verify correct answer. I have an exam on tuesday.
Q01 Which next-generation encryption algorithms support four variants?
A. SHA2 B. SHA1 C. MD5 D. HMAC Answer: A
Q43 What are two major considerations when choosing between a SPAN and a TAP when implementing IPS? (Choose two.) A. the amount of bandwidth available B. the way in which dropped packets will be handled C. the type of analysis the IPS will perform D. whether RX and TX signals will use separate ports E. the way in which media errors will be handled Answer: AB
What are two default Cisco IOS privilege levels? (Choose two) A. 0 B. 5 C. 1 D. 7 E. 10 F. 15 Answer: CF
Which command can you enter to configure OSPF to use hashing to authenticate routing updates? A. ip ospf authentication message-digest B. ip ospf priority 1 C. neighbor 192.168.0.112 cost md5 D. ip ospf authentication-key Answer: C
Which information can you display by executing the show crypto ipsec sa command? A. proxy information for the connection between two peers B. IPsec SAs established between two peers C. recent changes to the IP address of a peer router D. ISAKMP SAs that are established between two peers Answer: B
Which type of VLANs can communicate to PVLANs? (or something like this) (Choose two.) A. promiscuous B. isolated C. community D. backup E. secondary Answer: AB
Which technology can be used to rate data fidelity and to provide an authenticated hash for data? A. file reputation B. file analysis C. signature updates D. network blocking Answer: A or C
When an administrator initiates a device wipe command from the ISE, what is the immediate effect? A. It requests the administrator to choose between erasing all device data or only managed corporate data. B. It requests the administrator to enter the device PIN or password before proceeding with the operation. C. It notifies the device user and proceeds with the erase operation. D. It immediately erases all data on the device. Answer: A or D
Which attack can be prevented by OSPF authentication?
A. smurf attack B. IP spoofing attack C. Denial of service attack D. buffer overflow attack Answer: B 1. Which 802.1x component enforces the network access policy? a. RADIUS Server b. Authentication server c. Supplicant d. Authenticator ANSWER: D
Which type of firewall can perform deep packet inspection?
A. application firewall B. stateless firewall C. packet-filtering firewall D. personal firewall
![Firewall [Repaired]](https://imgv2-2-f.scribdassets.com/img/document/398310436/149x198/80899597d5/1551379020?v=1)
