CCNA Security v2.0 Chapter 3 Exam Answers

Similar documents
CCNA Security v2.0 Chapter 2 Exam Answers

CCNA Security v2.0 Chapter 9 Exam Answers

2. When logging is used, which severity level indicates that a device is unusable?

CCNA 1 Chapter v5.1 Answers 100%

2. Which command can be used to view the cable type that is attached to a serial interface?

CCNA Security v2.0 Chapter 10 Exam Answers

CCNA 1 Chapter v5.1 Answers 100%

2. What is the most cost-effective method of solving interface congestion that is caused by a high level of traffic between two switches?

IT Essentials (ITE v6.0) Chapter 8 Exam Answers 100% 2016

CCNA 3 Chapter 8 v5.0 Exam Answers 2015 (100%) CCNA 5 Page 1

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

1. What is a characteristic of Frame Relay that provides more flexibility than a dedicated line?

CCNA 3 Chapter 2 v5.0 Exam Answers 2015 (100%)

CCNA 1 v5.1 Practice Final Exam Answers %

Packet Tracer - Configuring a Zone-Based Policy Firewall (ZPF)

2. When an EIGRP-enabled router uses a password to accept routes from other EIGRP-enabled routers, which mechanism is used?

Dolby Conference Phone Support Frequently Asked Questions

Smart Collector Embedded Assistant User Guide

Password Reset for Remote Users

CCNA 1 Chapter v5.1 Answers 100%

SafeDispatch SDR Gateway for MOTOROLA TETRA

These tasks can now be performed by a special program called FTP clients.

1. Which organization certifies vendors for adherence to the standards to improve interoperability of products?

App Orchestration 2.6

CCNA 3 Practice Final v5.0 Exam Answers 2015 (100%)

Application Note. Digi Connect Wi-SP Troubleshooting Guide. Digi Technical Support 10 May 2016

USER MANUAL. RoomWizard Administrative Console

BMC Remedyforce Integration with Remote Support

Packet Tracer - Skills Integration Challenge Topology

Telkom VPN-Lite router setup User Manual Billion 810VGTX

Troubleshooting of network problems is find and solve with the help of hardware and software is called troubleshooting tools.

CNS-222-1I: NetScaler for Apps and Desktops

Campuses that access the SFS nvision Windows-based client need to allow outbound traffic to:

Frequently Asked Questions

DocAve 6 Control Panel

CaseWare Working Papers. Data Store user guide

Please contact technical support if you have questions about the directory that your organization uses for user management.

Questions and Answers

Log shipping is a HA option. Log shipping ensures that log backups from Primary are

AppSense Management Center. Product Guide Version 10.1

Launching Xacta 360 Marketplace AMI Guide June 2017

CounterSnipe Software Installation Guide Software Version 10.x.x. Initial Set-up- Note: An internet connection is required for installation.

BMC Remedyforce Integration with Bomgar Remote Support

Pexip Infinity Secure Mode Deployment Guide

DocAve 6 Service Pack 2 Control Panel

Reference Guide. Service Pack 3 Cumulative Update 2. Revision J Issued October DocAve 6: Control Panel

Secure File Transfer Protocol (SFTP) Interface for Data Intake User Guide

Release Notes. Dell SonicWALL Security firmware is supported on the following appliances: Dell SonicWALL Security 200

I. Introduction: About Firmware Files, Naming, Versions, and Formats

Cisco Smart Software Manager satellite

Max 8/16 and T1/E1 Gateway, Version FAQs

TN How to configure servers to use Optimise2 (ERO) when using Oracle

Telkom VPN-Lite router setup User Manual Billion 800VGT

Admin Report Kit for Exchange Server

FIREWALL RULE SET OPTIMIZATION

vrealize Operations Management Pack for Storage Devices Release Notes

Troubleshooting Citrix- Published Resources Configuration in VMware Identity Manager

Troubleshooting Citrix- Published Resources Configuration in VMware Identity Manager

The VMs in the CIS VLab (Virtual Lab) We will be using a number of different Virtual Machines (VMs) in VLab for this course.

WDBWL v1.2 Cisco Deploying Basic Wireless LANs

CCNA 1 Chapter v5.1 Answers 100%

Connect+/SendPro P Series Networking Technical Specification

Contents: Module. Objectives. Lesson 1: Lesson 2: appropriately. As benefit of good. with almost any planning. it places on the.

RxAXIS Security Module 09/25/2013

ABELMed Platform Setup Conventions

AvePoint Discovery Tool 3.5. User Guide

ABELDent Platform Setup Conventions

Release Notes. Dell SonicWALL Security BETA

Internet Explorer Configuration Reference

CCNA course contents:

Planning, installing, and configuring IBM CMIS for Content Manager OnDemand

Getting Started with the SDAccel Environment on Nimbix Cloud

WorldShip PRE-INSTALLATION INSTRUCTIONS: INSTALLATION INSTRUCTIONS: Window (if available) Install on a Single or Workgroup Workstation

NiceLabel LMS. Installation Guide for Single Server Deployment. Rev-1702 NiceLabel

IT Essentials (ITE v6.0) Chapter 5 Exam Answers 100% 2016

SASAC v1.0 Implementing Core Cisco ASA Security Cisco Training

Configure Data Source for Automatic Import from CMDB

Welcome to Remote Access Services (RAS) Virtual Desktop vs Extended Network. General

Department of Computer Information Systems KEMU

Enterprise Installation

Table of Contents. WipeDrive Enterprise Logging, March Logging Settings... 3 Log Format Types Audit Log Destination Options...

Avigilon Control Center Server User Guide. Version 6.4

Exosoft Backup Manager

Avocent ACS 6000 Advanced Console Server Release Notes, Version August 31, 2012

E-Lock Policy Manager White Paper

INTELLISNAP. TECHNOLOGY QUICK START GUIDE Pure Storage FlashArray. Publish Date: July 30, 2015 Distribution: Public Author: Jonathan Howard

Quick Start Guide for EAB Campus Advisors

Pexip Infinity Secure Mode Deployment Guide

Apply power, the appliance may be powered by connecting:

Understanding Active Directory Domain Services (AD DS) Functional Levels

Tips For Customising Configuration Wizards

Cloud Storage Migration Suite 1.1.0

Avigilon Control Center Server User Guide. Version 6.8

SANsymphony Installation and Getting Started Guide. November 7, 2016

Installing AX Server with PostgreSQL

Student participation Students can register online, track progress, express interest and demonstrate proficiency.

DC Remote Control Installation and Configuration Guide. Version 1.2

Pexip Infinity Secure Mode Deployment Guide

Sonic PDF Server 3.0. User Guide

CXA-206-1I Citrix XenApp 6.5 Administration

Transcription:

CCNA Security v2.0 Chapter 3 Exam Answers 1. Because f implemented security cntrls, a user can nly access a server with FTP. Which AAA cmpnent accmplishes this? accunting accessibility auditing authrizatin authenticatin 2. Why is authenticatin with AAA preferred ver a lcal database methd? It prvides a fallback authenticatin methd if the administratr frgets the username r passwrd. It uses less netwrk bandwidth. It specifies a different passwrd fr each line r prt. It requires a lgin and passwrd cmbinatin n the cnsle, vty lines, and aux prts. 3. Which authenticatin methd stres usernames and passwrds in ther ruter and is ideal fr small netwrks. lcal AAA ver TACACS+ server-based AAA ver TACACS+ lcal AAA lcal AAA ver RADIUS server-based AAA ver RADIUS server-based AAA 4. Which cmpnent f AAA allws an administratr t track individuals wh access netwrk resurces and any changes that are made t thse resurces? accunting accessibility authenticatin authrizatin 5. Refer t the exhibit. Ruter R1 has been cnfigured as shwn, with the resulting lg message. On the basis f the infrmatin that is presented, which tw statements describe the result f AAA authenticatin peratin? (Chse tw.) CCNA 5 Page 1

CCNA Security Chapter 3 Exam Answer v2 001 The lcked-ut user stays lcked ut until the clear aaa lcal user lckut username Admin cmmand is issued. The lcked-ut user stays lcked ut until the interface is shut dwn then re-enabled. The lcked-ut user is lcked ut fr 10 minutes by default. The lcked-ut user shuld have used the username admin and passwrd Str0ngPa55w0rd. The lcked-ut user failed authenticatin. 6. A user cmplains abut being lcked ut f a device after t many unsuccessful AAA lgin attempts. What culd be used by the netwrk administratr t prvide a secure authenticatin access methd withut lcking a user ut f a device? Use the lgin delay cmmand fr authenticatin attempts. Use the lgin lcal cmmand fr authenticating user access. Use the aaa lcal authenticatin attempts max-fail glbal cnfiguratin mde cmmand with a higher number f acceptable failures. Use the nne keywrd when cnfiguring the authenticatin methd list. 7. A user cmplains abut nt being able t gain access t a netwrk device cnfigured with AAA. Hw wuld the netwrk administratr determine if lgin access fr the user accunt is disabled? Use the shw aaa lcal user lckut cmmand. Use the shw running-cnfiguratin cmmand. Use the shw aaa sessins cmmand. Use the shw aaa user cmmand. 8. When a methd list fr AAA authenticatin is being cnfigured, what is the effect f the keywrdlcal? CCNA 5 Page 2

The lgin succeeds, even if all methds return an errr. It uses the enable passwrd fr authenticatin. It accepts a lcally cnfigured username, regardless f case. It defaults t the vty line passwrd fr authenticatin. 9. Which slutin supprts AAA fr bth RADIUS and TACACS+ servers? Implement Cisc Secure Access Cntrl System (ACS) nly. RADIUS and TACACS+ servers cannt be supprted by a single slutin. Implement a lcal database. Implement bth a lcal database and Cisc Secure Access Cntrl System (ACS). 10. What difference exists when using Windws Server as an AAA server, rather than Cisc Secure ACS? Windws Server requires mre Cisc IOS cmmands t cnfigure. Windws Server nly supprts AAA using TACACS. Windws Server uses its wn Active Directry (AD) cntrller fr authenticatin and authrizatin. Windws Server cannt be used as an AAA server. 11. What is a characteristic f TACACS+? TACACS+ uses UDP prt 1645 r 1812 fr authenticatin, and UDP prt 1646 r 1813 fr accunting. TACACS+ is backward cmpatible with TACACS and XTACACS. TACACS+ is an pen IETF standard. TACACS+ prvides authrizatin f ruter cmmands n a per-user r per-grup basis. 12. Which tw features are included by bth TACACS+ and RADIUS prtcls? (Chse tw.) 802.1X supprt separate authenticatin and authrizatin prcesses SIP supprt passwrd encryptin utilizatin f transprt layer prtcls 13. Which server-based authenticatin prtcl wuld be best fr an rganizatin that wants t apply authrizatin plicies n a per-grup basis? SSH RADIUS CCNA 5 Page 3

ACS TACACS+ 14. Refer t the exhibit. Which statement describes the cnfiguratin f the prts fr Server1? CCNA Security Chapter 3 Exam Answer v2 002 The cnfiguratin using the default prts fr a Cisc ruter. The cnfiguratin f the prts requires 1812 be used fr the authenticatin and the authrizatin prts. The cnfiguratin will nt be active until it is saved and Rtr1 is rebted. The prts cnfigured fr Server1 n the ruter must be identical t thse cnfigured n the RADIUS server. 15. True r False? The single-cnnectin keywrd prevents the cnfiguratin f multiple TACACS+ servers n a AAA-enabled ruter. false true 16. Why wuld a netwrk administratr include a lcal username cnfiguratin, when the AAA-enabled ruter is als cnfigured t authenticate using several ACS servers? Because ACS servers nly supprt remte user access, lcal users can nly authenticate using a lcal username database. A lcal username database is required when cnfiguring authenticatin using ACS servers. The lcal username database will prvide a backup fr authenticatin in the event the ACS servers becme unreachable. Withut a lcal username database, the ruter will require successful authenticatin with each ACS server. 17. Which debug cmmand is used t fcus n the status f a TCP cnnectin when using TACACS+ fr authenticatin? CCNA 5 Page 4

debug tacacs events debug tacacs debug tacacs accunting debug aaa authenticatin 18. Which characteristic is an imprtant aspect f authrizatin in an AAA-enabled netwrk device? The authrizatin feature enhances netwrk perfrmance. User access is restricted t certain services. User actins are recrded fr use in audits and trubleshting events. A user must be identified befre netwrk access is granted. 19. What is the result f entering the aaa accunting netwrk cmmand n a ruter? The ruter cllects and reprts usage data related t netwrk-related service requests. The ruter utputs accunting data fr all EXEC shell sessins. The ruter prvides data fr nly internal service requests. The ruter utputs accunting data fr all utbund cnnectins such as SSH and Telnet. 20. What is a characteristic f AAA accunting? Pssible triggers fr the aaa accunting exec default cmmand include start-stp and stp-nly. Accunting can nly be enabled fr netwrk cnnectins. Accunting is cncerned with allwing and disallwing authenticated users access t certain areas and prgrams n the netwrk. Users are nt required t be authenticated befre AAA accunting lgs their activities n the netwrk. 21. When using 802.1X authenticatin, what device cntrls physical access t the netwrk, based n the authenticatin status f the client? the ruter that is serving as the default gateway the authenticatin server the switch that the client is cnnected t the supplicant 22. What device is cnsidered a supplicant during the 802.1X authenticatin prcess? the client that is requesting authenticatin the switch that is cntrlling netwrk access the ruter that is serving as the default gateway CCNA 5 Page 5

the authenticatin server that is perfrming client authenticatin 23. What prtcl is used t encapsulate the EAP data between the authenticatr and authenticatin server perfrming 802.1X authenticatin? SSH MD5 TACACS+ RADIUS CCNA 5 Page 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback