CCNA Security v2.0 Chapter 2 Exam Answers

Similar documents
2. When logging is used, which severity level indicates that a device is unusable?

CCNA Security v2.0 Chapter 3 Exam Answers

CCNA 1 Chapter v5.1 Answers 100%

CCNA 1 Chapter v5.1 Answers 100%

CCNA Security v2.0 Chapter 9 Exam Answers

Packet Tracer - Skills Integration Challenge Topology

CCNA Security v2.0 Chapter 10 Exam Answers

Packet Tracer - Configuring a Zone-Based Policy Firewall (ZPF)

CCNA 3 Chapter 8 v5.0 Exam Answers 2015 (100%) CCNA 5 Page 1

2. When an EIGRP-enabled router uses a password to accept routes from other EIGRP-enabled routers, which mechanism is used?

1. Which IOS 12.4 software package integrates full features, including voice, security, and VPN capabilities, for all routing protocols?

IT Essentials (ITE v6.0) Chapter 8 Exam Answers 100% 2016

2. What is the most cost-effective method of solving interface congestion that is caused by a high level of traffic between two switches?

CCNA 1 v5.1 Practice Final Exam Answers %

Smart Collector Embedded Assistant User Guide

Please contact technical support if you have questions about the directory that your organization uses for user management.

2. Which command can be used to view the cable type that is attached to a serial interface?

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

1. What is a characteristic of Frame Relay that provides more flexibility than a dedicated line?

CCNA 3 Chapter 2 v5.0 Exam Answers 2015 (100%)

CCNA 1 Chapter v5.1 Answers 100%

Pexip Infinity Secure Mode Deployment Guide

CCNA 3 Practice Final v5.0 Exam Answers 2015 (100%)

Launching Xacta 360 Marketplace AMI Guide June 2017

Pexip Infinity Secure Mode Deployment Guide

Dolby Conference Phone Support Frequently Asked Questions

USER MANUAL. RoomWizard Administrative Console

These tasks can now be performed by a special program called FTP clients.

Interoperability between ProCurve WESM zl and HP ipaq Voice Messenger smartphone

CCNA Voice ICOMM: (4 Day Course)

Log shipping is a HA option. Log shipping ensures that log backups from Primary are

Telkom VPN-Lite router setup User Manual Billion 810VGTX

Click Studios. Passwordstate. RSA SecurID Configuration

Felix Rohrer. Lab 5.5.3: Troubleshooting Access Control Lists. Topology Diagram

Max 8/16 and T1/E1 Gateway, Version FAQs

Telkom VPN-Lite router setup User Manual Billion 800VGT

Contents: Module. Objectives. Lesson 1: Lesson 2: appropriately. As benefit of good. with almost any planning. it places on the.

Questions and Answers

DIVAR IP 3000 Field Installation Guide

Managing Your Access To The Open Banking Directory How To Guide

Manual for installation and usage of the module Secure-Connect

CounterSnipe Software Installation Guide Software Version 10.x.x. Initial Set-up- Note: An internet connection is required for installation.

I. Introduction: About Firmware Files, Naming, Versions, and Formats

User Guide. Avigilon Control Center Mobile Version 2.2 for Android

TMS myclouddata SDK DEVELOPERS GUIDE

ICND2 Lab Exercises Lesson Companion

CaseWare Working Papers. Data Store user guide

PT Activity 2.6.1: Packet Tracer Skills Integration Challenge

Campuses that access the SFS nvision Windows-based client need to allow outbound traffic to:

IT Essentials (ITE v6.0) Chapter 5 Exam Answers 100% 2016

Frequently Asked Questions

Enterprise Installation

Wave IP 4.5. CRMLink Desktop User Guide

BMC Remedyforce Integration with Remote Support

Pexip Infinity Secure Mode Deployment Guide

NiceLabel LMS. Installation Guide for Single Server Deployment. Rev-1702 NiceLabel

Avocent Power Management Distribution Unit (PM PDU) Release Notes Firmware Version April 18, 2011

Able2Extract Server 3.0. User Guide

Avocent ACS 6000 Advanced Console Server Release Notes, Version August 31, 2012

Avigilon Control Center Server User Guide. Version 6.4

App Orchestration 2.6

TSHOOT v2.0 Troubleshooting and Maintaining Cisco IP Networks

Technical Paper. Installing and Configuring SAS Environment Manager in a SAS Grid Environment

Technical Paper. Installing and Configuring SAS Environment Manager in a SAS Grid Environment with a Shared Configuration Directory

Remove AD DS using the Remove Roles Wizard in Server Manager

Release Notes. Dell SonicWALL Security firmware is supported on the following appliances: Dell SonicWALL Security 200

Planning, installing, and configuring IBM CMIS for Content Manager OnDemand

BMC Remedyforce Integration with Bomgar Remote Support

SIEM Use Cases 45 use cases for Security Monitoring

Infrastructure Series

Refreshing Axiom TEST with a Current Copy of Production Axiom EPM June 20, 2014

EView/400i Management Pack for Systems Center Operations Manager (SCOM)

Dynamic Storage (ECS)

Application Note. Digi Connect Wi-SP Troubleshooting Guide. Digi Technical Support 10 May 2016

Apply power, the appliance may be powered by connecting:

1. Which organization certifies vendors for adherence to the standards to improve interoperability of products?

DC Remote Control Installation and Configuration Guide. Version 1.2

Exercise 1: Deploying Windows Server 2012

USER GUIDE. Thanks for purchasing the igate! You ll need to follow these five Configuration Steps to get your igate up and running:

INTELLISNAP. TECHNOLOGY QUICK START GUIDE Pure Storage FlashArray. Publish Date: July 30, 2015 Distribution: Public Author: Jonathan Howard

Troubleshooting Citrix- Published Resources Configuration in VMware Identity Manager

Web Application Security Version 13.0 Training Course

Cisco Smart Software Manager satellite

Password Reset for Remote Users

Pexip Infinity Secure Mode. Deployment Guide

IBM SPSS Interviewer Setting up Data Entry Supervisor machines for Synchronization

Release Notes. Dell SonicWALL Security BETA

Kaltura MediaSpace Installation and Upgrade Guide. Version: 5.0

On the road again. The network layer. Data and control planes. Router forwarding tables. The network layer data plane. CS242 Computer Networks

Managing User Accounts

Avigilon Control Center Server User Guide. Version 6.8

Understanding Active Directory Domain Services (AD DS) Functional Levels

Model WM100. Product Manual

Troubleshooting of network problems is find and solve with the help of hardware and software is called troubleshooting tools.

Competitor fills in. Expert fills in. Time: 6.75h 39 - IT Network Systems Administration Danny Meier, Florian Meier, Tobias Meier

CNS-222-1I: NetScaler for Apps and Desktops

Upgrading Kaltura MediaSpace TM Enterprise 1.0 to Kaltura MediaSpace TM Enterprise 2.0

o User ID (UID) The numerical equivalent of the username which is referenced by the system and applications when determining access privileges.

Installing AX Server with PostgreSQL

Introduction to Mindjet on-premise

Transcription:

CCNA Security v2.0 Chapter 2 Exam Answers 1. An administratr defined a lcal user accunt with a secret passwrd n ruter R1 fr use with SSH. Which three additinal steps are required t cnfigure R1 t accept nly encrypted SSH cnnectins? (Chse three.) Enable inbund vty SSH sessins. Generate tw-way pre-shared keys. Cnfigure DNS n the ruter. Cnfigure the IP dmain name n the ruter. Enable inbund vty Telnet sessins. Generate the SSH keys. 2. Which set f cmmands are required t create a username f admin, hash the passwrd using MD5, and frce the ruter t access the internal username database when a user attempts t access the cnsle? R1(cnfig)# username admin passwrd Admin01pa55 R1(cnfig)# line cn 0 R1(cnfig-line)# lgin lcal R1(cnfig)# username admin secret Admin01pa55 R1(cnfig)# line cn 0 R1(cnfig-line)# lgin lcal R1(cnfig)# username admin Admin01pa55 encr md5 R1(cnfig)# line cn 0 R1(cnfig-line)# lgin lcal R1(cnfig)# username admin passwrd Admin01pa55 R1(cnfig)# line cn 0 R1(cnfig-line)# lgin R1(cnfig)# username admin secret Admin01pa55 R1(cnfig)# line cn 0 R1(cnfig-line)# lgin 3. Refer t the exhibit. Which statement abut the JR-Admin accunt is true? CCNA Security Chapter 2 Exam Answer v2 001 JR-Admin can issue nly ping cmmands. JR-Admin can issue shw, ping, and relad cmmands. CCNA 5 Page 1

JR-Admin cannt issue any cmmand because the privilege level des nt match ne f thse defined. JR-Admin can issue debug and relad cmmands. JR-Admin can issue ping and relad cmmands 4. Which three areas f ruter security must be maintained t secure an edge ruter at the netwrk perimeter? (Chse three.) remte access security zne islatin ruter hardening perating system security flash security physical security 5. Which recmmended security practice prevents attackers frm perfrming passwrd recvery n a Cisc IOS ruter fr the purpse f gaining access t the privileged EXEC mde? Lcate the ruter in a secure lcked rm that is accessible nly t authrized persnnel. Cnfigure secure administrative cntrl t ensure that nly authrized persnnel can access the ruter. Keep a secure cpy f the ruter Cisc IOS image and ruter cnfiguratin file as a backup. Prvisin the ruter with the maximum amunt f memry pssible. Disable all unused prts and interfaces t reduce the number f ways that the ruter can be accessed. 6. Refer t the exhibit. Based n the utput f the shw running-cnfig cmmand, which type f view is SUPPORT? CCNA Security Chapter 2 Exam Answer v2 002 CLI view, cntaining SHOWVIEW and VERIFYVIEW cmmands superview, cntaining SHOWVIEW and VERIFYVIEW views CCNA 5 Page 2

secret view, with a level 5 encrypted passwrd rt view, with a level 5 encrypted secret passwrd 7. Which tw characteristics apply t rle-based CLI access superviews? (Chse tw.) A specific superview cannt have cmmands added t it directly. CLI views have passwrds, but superviews d nt have passwrds. A single superview can be shared amng multiple CLI views. Deleting a superview deletes all assciated CLI views. Users lgged in t a superview can access all cmmands specified within the assciated CLI views. 8. Which three types f views are available when cnfiguring the rle-based CLI access feature? (Chse three.) superview admin view rt view superuser view CLI view cnfig view 9. If AAA is already enabled, which three CLI steps are required t cnfigure a ruter with a specific view? (Chse three.) Create a superview using the parser view view-name cmmand. Assciate the view with the rt view. Assign users wh can use the view. Create a view using the parser view view-name cmmand. Assign a secret passwrd t the view. Assign cmmands t the view. 10. What ccurs after RSA keys are generated n a Cisc ruter t prepare fr secure device management? The keys must be zerized t reset Secure Shell befre cnfiguring ther parameters. All vty prts are autmatically cnfigured fr SSH t prvide secure management. The general-purpse key size must be specified fr authenticatin with the crypt key generate rsa general-keys mduluscmmand. The generated keys can be used by SSH. 11. Which three statements describe limitatins in using privilege levels fr assigning cmmand authrizatin? (Chse three.) CCNA 5 Page 3

Creating a user accunt that needs access t mst but nt all cmmands can be a tedius prcess. Views are required t define the CLI cmmands that each user can access. Cmmands set n a higher privilege level are nt available fr lwer privilege users. It is required that all 16 privilege levels be defined, whether they are used r nt. There is n access cntrl t specific interfaces n a ruter. The rt user must be assigned t each privilege level that is defined. 12. What cmmand must be issued t enable lgin enhancements n a Cisc ruter? privilege exec level lgin delay lgin blck-fr banner mtd 13. What is the default privilege level f user accunts created n Cisc ruters? 0 1 15 16 14. A netwrk administratr ntices that unsuccessful lgin attempts have caused a ruter t enter quiet mde. Hw can the administratr maintain remte access t the netwrks even during quiet mde? Quiet mde behavir can be enabled via an ip access-grup cmmand n a physical interface. Quiet mde behavir will nly prevent specific user accunts frm attempting t authenticate. Quiet mde behavir can be verridden fr specific netwrks by using an ACL. Quiet mde behavir can be disabled by an administratr by using SSH t cnnect. 15. What is a characteristic f the Cisc IOS Resilient Cnfiguratin feature? It maintains a secure wrking cpy f the btstrap startup prgram. Once issued, the secure bt-cnfig cmmand autmatically upgrades the cnfiguratin archive t a newer versin after new cnfiguratin cmmands have been entered. A snapsht f the ruter running cnfiguratin can be taken and securely archived in persistent strage. The secure bt-image cmmand wrks prperly when the system is cnfigured t run an image frm a TFTP server. 16. What is a requirement t use the Secure Cpy Prtcl feature? CCNA 5 Page 4

At least ne user with privilege level 1 has t be cnfigured fr lcal authenticatin. A cmmand must be issued t enable the SCP server side functinality. A transfer can nly riginate frm SCP clients that are ruters. The Telnet prtcl has t be cnfigured n the SCP server side. 17. What is a characteristic f the MIB? The OIDs are rganized in a hierarchical structure. Infrmatin in the MIB cannt be changed. A separate MIB tree exists fr any given device in the netwrk. Infrmatin is rganized in a flat manner s that SNMP can access it quickly. 18. Which three items are prmpted fr a user respnse during interactive AutSecure setup? (Chse three.) IP addresses f interfaces cntent f a security banner enable secret passwrd services t disable enable passwrd interfaces t enable 19. A netwrk engineer is implementing security n all cmpany ruters. Which tw cmmands must be issued t frce authenticatin via the passwrd 1A2b3C fr all OSPF-enabled interfaces in the backbne area f the cmpany netwrk? (Chse tw.) area 0 authenticatin message-digest ip spf message-digest-key 1 md5 1A2b3C username OSPF passwrd 1A2b3C enable passwrd 1A2b3C area 1 authenticatin message-digest 20. What is the purpse f using the ip spf message-digest-key key md5 passwrd cmmand and the area area-id authenticatin message-digest cmmand n a ruter? t cnfigure OSPF MD5 authenticatin glbally n the ruter t enable OSPF MD5 authenticatin n a per-interface basis t facilitate the establishment f neighbr adjacencies t encrypt OSPF ruting updates 21. What are tw reasns t enable OSPF ruting prtcl authenticatin n a netwrk? (Chse tw.) CCNA 5 Page 5

t prvide data security thrugh encryptin t ensure faster netwrk cnvergence t ensure mre efficient ruting t prevent data traffic frm being redirected and then discarded t prevent redirectin f data traffic t an insecure link 22. Which tw ptins can be cnfigured by Cisc AutSecure? (Chse tw.) enable secret passwrd interface IP address SNMP security banner syslg 23. Which three functins are prvided by the syslg lgging service? (Chse three.) setting the size f the lgging buffer specifying where captured infrmatin is stred gathering lgging infrmatin authenticating and encrypting data sent ver the netwrk distinguishing between infrmatin t be captured and infrmatin t be ignred retaining captured messages n the ruter when a ruter is rebted 24. What is the Cntrl Plane Plicing (CPP) feature designed t accmplish? disable cntrl plane services t reduce verall traffic prevent unnecessary traffic frm verwhelming the rute prcessr direct all excess traffic away frm the rute prcess manage services prvided by the cntrl plane 25. Which three actins are prduced by adding Cisc IOS lgin enhancements t the ruter lgin prcess? (Chse three.) permit nly secure cnsle access create passwrd authenticatin autmatically prvide AAA authenticatin create syslg messages slw dwn an active attack disable lgins frm specified hsts CCNA 5 Page 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback