The component of network security that ensures that authoriz…
Question 1. 1. (TCO 1) The component of network security that ensures that authorized users have access to data and network resources is _____. (Points: 6)
data integrity
data confidentiality
data and system availability
data and user authentication
Question 2. 2. (TCO 1) The type of security control that makes use of firewalls is called _____. (Points: 6)
administrative
physical
technical
clerical
Question 3. 3. (TCO 2) To configure a role-based CLI on a Cisco router, the first command to enter in privileged mode is _____. (Points: 6)
parser view
view enable
enable view
config view
super view
Question 4. 4. (TCO 2) The show running-config output can be modified using all of the following pipes except for _____. (Points: 6)
| begin
| end
| include
| exclude
Question 5. 5. (TCO 3) Which of the following is the default number of MAC addresses allowed when you execute the switch port port-security command on a switch port? (Points: 6)
Zero
One
Two
Three
Question 6. 6. (TCO 3) Which switch feature causes a port to skip the listening and learning states, causing the port to enter the forwarding state very quickly? (Points: 6)
fastport
portfast
enablefast
portforward
Question 7. 7. (TCO 4) With zone-based firewalls, which of the following is used to specify actions to be taken when traffic matches a criterion? (Points: 6)
Zones
Class maps
Policy maps
Zone pairs
Question 8. 8. (TCO 4) Which type of access list uses rules placed on the interface where allowed traffic initiates and permits return traffic for TCP, UDP, SMTP, and other protocols? (Points: 6)
Established
Lock and key
Reflexive
CBAC
Question 9. 9. (TCO 5) Which AAA server protocol offers support for ARAP and NETBEUI protocols as well as IP? (Points: 6)
CSACS
RADIUS
OpenACS
TACACS+
Question 10. 10. (TCO 5) Which of the following is not considered a component of AAA? (Points: 6)
Authentication
Authorization
Accounting
Administration
Question 11. 11. (TCO 6) The Cisco IOS command that will display all current IKE security associations (SAs) is _____. (Points: 6)
show crypto ipsec
show crypto isakmp
show crypto ipsec sa
show crypto isakmp sa
show crypto ike sa
Question 12. 12. (TCO 6) The Cisco IOS firewall crypto is a kmp policy mode command that will set the isakmp security association lifetime is _____. (Points: 6)
lifetime {days}
lifetime {seconds}
set lifetime {days}
set lifetime {seconds}
Question 13. 13. (TCO 7) Cisco routers implementing IPS can save IPS events in a Syslog server by executing which of the following commands? (Points: 6)
ip ips log {IP Address}
ip ips notify syslog
ip ips notify log
ip ips notify sdee
Question 14. 14. (TCO 7) Which of the following is not an action that can be performed by the IOS firewall IDS router when a packet or packet stream matches a signature? (Points: 6)
Drop the packet immediately.
Send an alarm to the Cisco IOS designated Syslog server.
Set the packet reset flag and forward the packet through.
Block all future data from the source of the attack for a specified time.
Question 15. 15. (TCO 1) Explain how to mitigate a Smurf attack. (Points : 24)
Question 16. 16. (TCO 2) Type the global configuration mode and line configuration mode commands that are required to secure the VTY lines 0 through 15 to use the local username admin with the encrypted password adminpass for remote Telnet or SSH log-ins to the Cisco router. (Points: 24)
Question 17. 17. (TCO 3) What are at least two best practices that should be implemented for unused ports on a Layer 2 switch for switch security? (Points: 24)
Question 18. 18. (TCO 4) Given the commands shown below and assuming F0/0 is the inside interface of the network, explain what this ACL does.
access-list 100 permit tcp any any eq 80 time-range MWF
time-range MWF
periodic Monday Wednesday Friday 8:00 to 17:00
time-range
absolute start 00:00 30 Sept 2014 end 01:00 30 Sept 2014
int f0/0
ip access-group 100 in Correct Answer: (Points : 24)
Question 19. 19. (TCO 5) Type two global configuration mode commands that enable AAA authentication and configure a default log-in method list. Use a TACACS+ server first, then a local username and password, and finally the enable password. (Points: 24)
Question 20. 20. (TCO 6) Discuss the data encryption algorithms DES and 3DES. Discuss the key lengths, and rank the algorithms in order of best security. (Points: 24)
Question 21. 21. (TCO 7) Explain the two benefits of Cisco IPS version 5.x signature format over the Cisco IPS version 4.x signature format. (Points: 22)
myassignmentwriters.org Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we\’ll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Why Hire myassignmentwriters.org writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
