You are on page 1of 11

Accessing the WAN - Chapter - 4

1 Which two statements are true regarding network security? (Choose two.) 1 Securing a network against internal threats is a lower priority because company employees represent a low security risk. 2 Both experienced hackers who are capable of writing their own exploit code and inexperienced individuals who download exploits from the Internet pose a serious threat to network security. 3 Assuming a company locates its web server outside the firewall and has adequate backups of the web server, no further security measures are needed to protect the web server because no harm can come from it being hacked. 4 Established network operating systems like UNIX and network protocols like TCP/IP can be used with their default settings because they have no inherent security weaknesses. 5 Protecting network devices from physical damage caused by water or electricity is a necessary part of the security policy. Observable Description Max Value 1 correctness of response Option 2 and Option 5 are correct.

2 Which two statements are true about network attacks? (Choose two.) 1 Strong network passwords mitigate most DoS attacks. 2 Worms require human interaction to spread, viruses do not. 3 Reconnaissance attacks are always electronic in nature, such as ping sweeps or port scans. 4 A brute-force attack searches to try every possible password from a combination of characters. 5 Devices in the DMZ should not be fully trusted by internal devices, and communication between the DMZ and internal devices should be authenticated to prevent attacks such as port redirection. Observable Description Max Value

1 correctness of response Option 4 and Option 5 are correct.

3 Users are unable to access a company server. The system logs show that the server is operating slowly because it is receiving a high level of fake requests for service. Which type of attack is occurring? 1 reconnaissance 2 access 3 DoS 4 worm 5 virus 6 Trojan horse Observable Description Max Value 1 correctness of response 2 points for Option 3 4 An IT director has begun a campaign to remind users to avoid opening e mail messages from suspicious sources. Which type of attack is the IT director trying to protect users from? 1 DoS 2 DDoS 3 virus 4 access 5 reconnaissance Observable Description Max Value 1 correctness of response 2 points for Option 3 5 Which two statements regarding preventing network attacks are true? (Choose two.) 1 The default security settings for modern server and PC operating systems can be trusted to have secure default security settings. 2 Intrusion prevention systems can log suspicious network activity, but there is no

way to counter an attack in progress without user intervention. 3 Physical security threat mitigation consists of controlling access to device console ports, labeling critical cable runs, installing UPS systems, and providing climate control. 4 Phishing attacks are best prevented by firewall devices. 5 Changing default usernames and passwords and disabling or uninstalling unnecessary services are aspects of device hardening. Observable Description Max Value 1 correctness of response Option 3 and Option 5 are correct.

6 Intrusion detection occurs at which stage of the Security Wheel? 1 securing 2 monitoring 3 testing 4 improvement 5 reconnaissance Observable Description Max Value 1 correctness of response 2 points for Option 2 7 Which two objectives must a security policy accomplish? (Choose two.) 1 provide a checklist for the installation of secure servers 2 describe how the firewall must be configured 3 document the resources to be protected 4 identify the security objectives of the organization 5 identify the specific tasks involved in hardening a router Observable Description Max Value 1 correctness of response Option 3 and Option 4 are correct.

8

What are three characteristics of a good security policy? (Choose three.) 1 It communicates consensus and defines roles. 2 It is developed by end users. 3 It is developed after all security devices have been fully tested. 4 It defines how to handle security incidents. 5 It should be encrypted as it contains backups of all important passwords and keys. Observable Description Max Value 1 correctness of response Option 1, Option 2, and Option 5 are correct.

9 Which two statements define the security risk when DNS services are enabled on the network? (Choose two.) 1 By default, name queries are sent to the broadcast address 255.255.255.255. 2 DNS name queries require the ip directed-broadcast command to be enabled on the Ethernet interfaces of all routers. 3 Using the global configuration command ip name -server on one router enables the DNS services on all routers in the network. 4 The basic DNS protocol does not provide authentication or integrity assurance. 5 The router configuration does not provide an option to set up main and backup DNS servers. Observable Description Max Value 1 correctness of response Option 1 and Option 4 are correct. 10 What are two benefits of using Cisco AutoSecure? (Choose two.) 1 It gives the administrator detailed control over which services are enabled or disabled. 2 It offers the ability to instantly disable non-essential system processes and services. 3 It automatically configures the router to work with SDM. 4 It ensures the greatest compatibility with other devices in your network. 5 It allows the administrator to configure security policies without having to understand all of the Cisco IOS software features.

r o lem? he uthentic ti n meth d i n t c n i u ed c he H time ut licy i n t c n i u ed c V lue
¦ ¡¦ ¡ ¦ ¦ &¨ ¡¡ ¦ ¡¡¦ ¡ &¨ ¦ ¦   ¡

1 he
% % ©

i ile e le el

the u e i n t c n i u ed c ectly.
¡ ¦ ¦ &¨ ¦

versions and capabilities of the IO . 1 he "m " in the ilen m e e 3 he
% % ( %

t

ei

e i n 1 .1, th e i i n. 0 0 e ie h d

he ile i d

nl

d ble nd 1 1. M in i e.

5 he O i

the i c

e l t

m.

¡¦

he ile i unc m

e ed nd equi e

. M

Mt

un.

4 3

£

£

e ent the

eci l c

bilitie

n d e tu e

¦ ¡ ¨  

¨

 

¡¦ £ ¡£ ¡£ ¡ 5© ¦ @ ¡¦ 4 3 9       ¨ ¥ ¨  2 6 ( © £ £ £¦ ¦ 9     ¨ ¦ ¡ ( © ¦ ¡ ¡£ ¦ 9 ¨     ¢   ¢  7 ¦6 5© ¡ ¡ £ ¡ ¦      ¥   8 ¨ ¨ £ £ £ ¡ ¡ £ 2 ¥ ¥      ¥ ¨ 01

from the filename c2600-d-mz.121-4?
%

#

!

! 

0

%

©

1

he i c o IO image naming convention allows identification of different hat information can be gained hoose two.) the O .

¡¡ ¦

1c

ectne

e

n e

int

O ti n 1

¥

¨ 

£

Ob e

ble

e c i ti n M

¡¡ ¦

¡

¦ © ¦ ¡ ¦ ¥   ¥  ¨    £ ¦ ¡ § ¥   ¤

 

¦

3 he H
% (

e e i n t c n i u ed c 

¡¡ ¦

&¨ 

  

 

¦ ¦ ' ¥ %% ¦ ¡ ¡ ' ¢     %% ¦ £ £

¦ ¨

"! 

ro ter to
¡ ¢ ¥  % $

e

M,

t it i not f n tionin

orrectly. ectly.

hat co ld e the

ectly.

ectly.   

#    

 



Refer o

e exhi i

A network

ini trator i tryin to onfi

¡¡ ¦

¡£

¦

£© ¦ 



¦

¢

& 

£ ¡ ¢   

¡¡ ¦

1c

ectne

e

n e O ti n

nd O ti n 5

¥

£

 

¦

¥ 

¡

Ob e

ble

e c i ti n M

¥ £ §

¥

¡ ¦ ¨   

  ¤

£ ¡ ¢  

V lue ec ect.

re a

) ©

13

Refer to the exhibit. he network administrator is trying to back p the isco IO ro ter software and receives the o tput shown. hoose two.)
I U PS C I Q

hat are two

possible reasons for this output?
T A

1 The Ci co IO file has an in alid chec sum. 2 The TFTP client on the router is corru t. 3 The router cannot connect to the TFTP server. 4 The TFTP server soft are has not been started. 5 There is not enou h room on the TFTP server for the soft are. Observable Descri tion Max Value 1 correctness of response Option 3 and Option 4 are correct. 14 Which two conditions should the network administrator verify before two.) 1 Verify the name of the TFTP server usin the show hosts command. 2 Verify that the TFTP server is runnin usin the tftpdnld command. 3 Verify that the chec sum for the image is valid using the show version command. 4 Verify connectivity between the router and TFTP server using the ping command.
U W W W PS E V W V E

attempting to upgrade a isco IO image using a F P server?
H H Q P

I

R

H

A

AA

BB F

1c

ectne

of re

on e O tion 3 and O tion 5 are correct.

E

D

F

A E

B A

Ob e

ble De c i ti n M

E D G

E

D B A C

V lue

P

hoose

5 Verify that there is enough flash memory for the new Cisco IO image using the show flash command. Observable Description Max Value 1 correctness of response Option 4 and Option 5 are correct.
X

15 The password recovery process begins in which operating mode and 1 ROM monitor 2 boot ROM 4 direct connection through the console port 5 network connection through the Ethernet port 6 network connection through the serial port Observable Description Max Value 1 correctness of response Option 1 and Option 4 are correct. 16
X `Y

using what type of connection?

hoose two.)

3 Cisco IO

router R1. What is the result of opening a web browser on P 1 and entering the URL https://192.168.10.1?
`

b aY

b

Refer to the exhibit. ecurity
a

evice Manager

M) is installed on

1 The password is sent in plain text. 2 A Telnet session is established with R1. 3 The SDM page of R1 appears with a dialog box that requests a username and password. 4 The R1 home page is displayed and allows the user to download Cisco IOS images and configuration files. Observable Description Max Value 1 correctness of response 2 points for Option 3 17 1 SDM can run only on Cisco 7000 series routers. 2 SDM can be run from router memory or from a PC. 3 SDM should be used for complex router configurations. 4 SDM is supported by every version of the Cisco IOS software. Observable Description Max Value 1 correctness of response 2 points for Option 2
c c

Which statement is true about Cisco Security Device

anager (SD

)?

18 Which step is required to recover a lost enable password for a router? 1 Set the configuration register to bypass the startup configuration. 2 Copy the running configuration to the startup configuration. 3 Reload the IOS from a TFTP server from ROMMON. 4 Reconfigure the router using setup mode. Observable Description Max Value 1 correctness of response 2 points for Option 1 19 What is the best defense for protecting a network from phishing exploits? 1 Schedule antivirus scans. 2 Schedule antispyware scans . 3 Schedule training for all users.

4 Schedule operating systems updates. Observable Description Max Value 1 correctness of response 2 points for Option 3

20

configure a required level of security on the router. What would be problems that are identified on the router? 1 SDM will automatically invoke the AutoSecure command. 2 SDM will generate a report that will outline the proper configuration actions to alleviate the security issues. 3 SDM will create a configuration file that can be copy and pasted into the router to reconfigure the services. 4 SDM will reconfigure the services that are marked in the exhibit as ³fix it´ to apply the suggested security changes.
d

accomplished when the SD

applies the next step on the security

d

d

Refer to the exhibit. Security Device

anager (SD

) has been used to

Observable Description Max Value 1 correctness of response 2 points for Option 4

21

Refer to the exhibit. What is the purpose of the "ip ospf message-digestkey 1 md5 cisco" statement in the configuration? to specify a key that is used to authenticate routing updates 1 to save bandwidth by compressing the traffic 2 to enable SSH encryption of traffic 3 to create an IPsec tunnel Observable Description Max Value 1 correctness of response 2 points for Option 1 22

Refer to the exhibit. What is accomplished when both commands are configured on the router? 1 The commands filter UDP and TCP traffic coming to the router. 2 The commands disable any TCP or UDP request sent by the routing protocols. 3 The commands disable the services such as echo, discard, and chargen on the router to prevent security vulnerabilities. 4 The commands disable the BOOTP and TFTP server services to prevent security vulnerabilities. Observable Description Max Value

1 correctness of response 2 points for Option 3