SECURITY QUIZ

An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two steps will fulfill the request? (Choose two). Enable the Cisco Discovery Protocolwrong. Administratively shut down the ports. Configure the port type as access and place in VLAN 99c. Configure the ports as trunk ports. Configure the ports in an EtherChannel.

Refer to the exhibit. An administrator configures four switches for local authentication using passwords that are stored in a cryptographic hash. The four switches must also support SSH access for administrators to manage the network infrastructure. Which switch is configured correctly to meet these requirements?. SW4. SW2. SW1. SW3.

In which two ways does a password manager reduce the chance of a hacker stealing a user’s password? (Choose two). It stores the password repository on the local workstation with built-in antivirus and anti-malware functionality. It encourages users to create stronger passwords. It automatically provides a second authentication factor that is unknown to the original user. It uses an internal firewall to protect the password repository from unauthorized access. It protects against keystroke logging on a compromised device or web site.

What are two purposes of launching a reconnaissance attack on a network? (Choose two). to gather information about the network and devices. to escalate access privileges. to retrieve and modify data. to scan for accessibility. to prevent other users from accessing the system.

Which set of action satisfy the requirement for multi-factor authentication?. The user enters a user name and password and then re-enters the credentials on a second screen. The user swipes a key fob, then clicks through an email link. The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device. The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen.

The service password-encryption command is entered on a router. What is the effect of this configuration?. restricts unauthorized users from viewing clear-text passwords in the running configuration. prevents network administrators from configuring clear-text passwords. protects the VLAN database from unauthorized PC connections on the switch. encrypts the password exchange when a VPN tunnel is established.

When a site-to-site VPN is used, which protocol is responsible for the transport of user data?. IKEv2. IPsec. IKEv1. MD5.

An email user has been lured into clicking a link in an email sent by their company’s security organization. The webpage that opens reports that it was safe but the link could have contained malicious code. Which type of security program is in place?. social engieering attack. brute force attack. Physical access control. user awareness.

Which configuration is needed to generate an RSA key for SSH on a router?. Assign a DNS domain name. configure the version of SHH. create a user with a password. configure VTY access.

Which two conditions must be met before SSH can operate normally on a Cisco IOS switch? (Choose two). Telnet must be disabled on the switch. The ip domain-name command must be configured on the switch. A console password must be configured on the switch. The switch must be running a k9 (crypto) IOS image. IP routing must be enabled on the switch.

Which command prevents passwords from being stored in the configuration as plaintext on a router or switch?. enable secret. username cisco password encrypt. enable password. sevice password-encryption.