test 2

Which protocol is an IETF standard that defines the PKI digital certificate format?. SSL/TLS. X.500. LDAP. X.509.

A network administrator is configuring DAI on a switch. Which command should be used on the uplink interface that connects to a router?. ip arp inspection trust. ip dhcp snooping. ip arp inspection vlan. spanning-tree portfast.

What is the best way to prevent a VLAN hopping attack?. Disable trunk negotiation for trunk ports and statically set nontrunk ports as access ports. Disable STP on all nontrunk ports. Use VLAN 1 as the native VLAN on trunk ports. Use ISL encapsulation on all trunk links.

What would be the primary reason an attacker would launch a MAC address overflow attack?. so that the switch stops forwarding traffic. so that legitimate hosts cannot obtain a MAC address. so that the attacker can see frames that are destined for other hosts. so that the attacker can execute arbitrary code on the switch.

What is the main difference between the implementation of IDS and IPS devices?. An IDS can negatively impact the packet flow, whereas an IPS can not. An IDS needs to be deployed together with a firewall device, whereas an IPS can replace a firewall. An IDS would allow malicious traffic to pass before it is addressed, whereas an IPS stops it immediately. An IDS uses signature-based technology to detect malicious packets, whereas an IPS uses profile-based technology.

Which attack is defined as an attempt to exploit software vulnerabilities that are unknown or undisclosed by the vendor?. zero-day. Trojan horse. brute-force. man-in-the-middle.

Match the network monitoring technology with the description. Place the options in the following order: passively monitors network traffic. uses VLANs to monitor traffic on remote switches. a passive traffic splitting device implemented inline between a device of interest and the network. can perform a packet drop to stop the trigger packets.

What are the three signature levels provided by Snort IPS on the 4000 Series ISR? (Choose three.). security. drop. reject. connectivity. inspect. balanced.

What are three attributes of IPS signatures? (Choose three.). action. length. trigger. type. depth. function.

Match each IPS signature trigger category with the description. pattern-based detection. anomaly-based detection. honey pot-based detection.

Match each IPS signature trigger category with the description. pattern-based detection. anomaly-based detection. policy-based detection.

Which two features are included by both TACACS+ and RADIUS protocols? (Choose two.). SIP support. password encryption. 802.1X support. separate authentication and authorization processes. utilization of transport layer protocols.

What function is provided by the RADIUS protocol?. RADIUS provides encryption of the complete packet during transfer. RADIUS provides separate AAA services. RADIUS provides separate ports for authorization and accounting. RADIUS provides secure communication using TCP port 49.

What are three characteristics of the RADIUS protocol? (Choose three.). utilizes TCP port 49. uses UDP ports for authentication and accounting. supports 802.1X and SIP. separates the authentication and authorization processes. encrypts the entire body of the packet. is an open RFC standard AAA protocol.

Which zone-based policy firewall zone is system-defined and applies to traffic destined for the router or originating from the router?. local zone. inside zone. self zone. system zone. outside zone.

What are two benefits of using a ZPF rather than a Classic Firewall? (Choose two.). ZPF allows interfaces to be placed into zones for IP inspection. The ZPF is not dependent on ACLs. Multiple inspection actions are used with ZPF. ZPF policies are easy to read and troubleshoot. With ZPF, the router will allow packets unless they are explicitly blocked.

Place the steps for configuring zone-based policy (ZPF) firewalls in order from first to last. (Not all options are used.). 2nd. 1st. 4th. 5th. 3rd.

How does a firewall handle traffic when it is originating from the private network and traveling to the DMZ network?. The traffic is selectively denied based on service requirements. The traffic is usually permitted with little or no restrictions. The traffic is selectively permitted and inspected. The traffic is usually blocked.

Which two protocols generate connection information within a state table and are supported for stateful filtering? (Choose two.). ICMP. UDP. DHCP. TCP. HTTP.

Which type of firewall is supported by most routers and is the easiest to implement?. next generation firewall. stateless firewall. stateful firewall. proxy firewall.

What network testing tool would an administrator use to assess and validate system configurations against security policies and compliance standards?. Tripwire. L0phtcrack. Nessus. Metasploit.

What type of network security test can detect and report changes made to network systems?. vulnerability scanning. network scanning. integrity checking. penetration testing.

What network security testing tool has the ability to provide details on the source of suspicious network activity?. SIEM. SuperScan. Zenmap. Tripwire.

How do modern cryptographers defend against brute-force attacks?. Use statistical analysis to eliminate the most common encryption keys. Use a keyspace large enough that it takes too much money and too much time to conduct a successful attack. Use an algorithm that requires the attacker to have both ciphertext and plaintext to conduct a successful attack. Use frequency analysis to ensure that the most popular letters used in the language are not used in the cipher message.

How does a Caesar cipher work on a message?. Letters of the message are replaced by another letter that is a set number of places away in the alphabet. Letters of the message are rearranged randomly. Letters of the message are rearranged based on a predetermined pattern. Words of the message are substituted based on a predetermined pattern.

What is the main factor that ensures the security of encryption of modern algorithms?. complexity of the hashing algorithm. the use of 3DES over AES. secrecy of the keys. secrecy of the algorithm.