FedVTE Cisco CCNA Security Self-Study Prep 33 Questions with Verified Answers
Ensuring that several individuals are able to perform a specific function
... [Show More] in order to have oversight and eliminate single points of failure, is which of the following Operations Security principles? - CORRECT ANSWER C. Rotation of duties
A standard ACL: - CORRECT ANSWER C. Identifies the source network to be blocked
Which form of risk analysis uses a mathematical model that assigns a monetary figure? - CORRECT ANSWER B. Quantitative
Enabling SSH on a router requires all of the following except: - CORRECT ANSWER D. Installing a PuTTY client
The RADIUS protocol hides passwords during transmission but the rest of the packet is sent in plaintext. - CORRECT ANSWER TRUE
Signatures attributes have all the following attributes EXCEPT: - CORRECT ANSWER D. Exceptions
A stateful firewall: - CORRECT ANSWER C. Monitors outbound traffic and permits only reply traffic that properly matches the outbound traffic
Ensuring that several individuals are able to perform a specific function in order to have oversight and eliminate single points of failure, is which of the following Operations Security principles? - CORRECT ANSWER C. Rotation of duties
ACLs have a policy of which of the following? - CORRECT ANSWER A. first match
IOS 12.3 and later, passwords can be: - CORRECT ANSWER C. 0 to 16 characters in length
Which VPN listed below DOES NOT encrypt traffic: - CORRECT ANSWER D.
All of the following are best practices when configuring router login banner messages EXCEPT: - CORRECT ANSWER C. Use the word "welcome"
Enabling SSH on a router requires all of the following except - CORRECT ANSWER D. Installing a PuTTY client
Granting a user access to a requested service only if the information in the user profile allows it, is an example of what? - CORRECT ANSWER B. Authorization
Enabling PortFast on a switchport: - CORRECT ANSWER B. Disables Spanning Tree on the switchport
Symmetric encryption has all the following advantages EXCEPT: - CORRECT ANSWER A. Simplified key distribution
Cisco Port Security action options include all the following EXCEPT: - CORRECT ANSWER A.
A packet-filtering firewall typically can filter up to which layer, while a stateful firewall can filter up to: - CORRECT ANSWER B. transport, session
PKI is a framework that supports: - CORRECT ANSWER A. Symmetric key distribution
A Virtual Private Network provides the same network connectivity for remote users over a public infrastructure as they would have over a private network. - CORRECT ANSWER A. True
Cisco ACS is a single solution that offers AAA services using: - CORRECT ANSWER C. TACACS+ or RADIUS
IPSec VPNs are the preferred method for: - CORRECT ANSWER B. Site-to-Site VPN connections
In comparing RADIUS servers and TACACS+ servers, - CORRECT ANSWER C. TACACS+ servers can list authorized router commands per user or per group
When using Cisco IOS global command to enforce minimum password length, it applies to all new and existing router passwords. - CORRECT ANSWER B. False
Which of the following Cisco IOS commands would be utilized to enforce minimum password length? - CORRECT ANSWER C. security passwords min-length
The Cisco autosecure feature is used to: - CORRECT ANSWER B. Lock down routers
It is a best practice to place general ACL statements higher in the ACL and more specific statements near the end. - CORRECT ANSWER B. False
All Cisco ACLs end with which implicit statement? - CORRECT ANSWER "B. deny all
"
Once a user has authenticated, authorization services: - CORRECT ANSWER A. determine which resources the user can access
The ACL is processed top-down based on the sequence numbers of the statements - CORRECT ANSWER A. lowest to highest
Which VPN listed below DOES NOT encrypt traffic: - CORRECT ANSWER D. MPLS VPNs
Cisco AAA is: - CORRECT ANSWER B. Able to connect to many RADIUS servers, but not always on Cisco UDP ports 1812 and 1813
Modular Policy Framework (MPF), defines a set of rules for applying firewall features and allows granular classification of traffic flows. - CORRECT ANSWER A. True [Show Less]