CCNA Security Practice Test

Which feature can you use to place a rate limit on traffic that is handled by a Cisco device's route processor?

A. Cisco AutoSecure

B. OSPF neighbor authentication

C. CoPP

D. SNMP

What are the steps associated with the Post-incident activity incident response phase? (Choose three)

A. Define the tools to identify the attacker and the time required to use them

B. Define methods for collecting and using data

C. Identify the steps to eradicate or mitigate the threat and vulnerabilities

D. Document the symptoms of the attack

E. Define the steps to recover operating systems, hardware components, and productive time

F. Define the options for pursuing an attacker

Which two statements are true regarding zones? (Choose two)

A. A collection of networks reachable over a specific set of router interfaces

B. Zones are grouped into source/destination pairs

C. Zones are grouped into source/source pairs

D. A collection of networks reachable over all router interfaces

Which of the following describes the External assessment?

A. Provides a snapshot of the security state of the network

B. Identifies the steps that are needed to thwart intentional attacks or unintentional mistakes from trusted insiders

C. Quantifies the security risk that is associated with Internet-connected systems

D. Identifies any network traffic leakage from outside the customer's buildings

E. Uses metrics and graphs

Attacks may take a variety of forms. Which of the following describes the Spoofing as a threat category?

A. Uses ping sweeps and port scans to identify all services on a network

B. Occurs when an attacker uses a fake device address

C. Attacks spread without human intervention

D. Attacks are typically carried out by instant message or E-mail

E. Hackers attempt to gain access to network packets

F. Occurs when an attacker can read or change sensitive data

Which actions belong to the operations and maintenance phase of the secure network life cycle? (Choose two)

A. Configuration management and control

B. Continuous monitoring

C. Cost considerations and reporting

D. System integration

E. Security accreditation

F. Hardware and software disposal

What are the appropriate actions during a Preparation incident response phase? (Choose three)

A. Prepare the facilities and communication mechanisms

B. Define the incident analysis hardware and software

C. Define the prevention procedures

D. Define a threat vector classification scheme

E. Analyze and implement tools for log and event correlation

F. Provide notification of incidents

Why would an organization choose to implement a stateful packet inspection?

A. Support user authentication for connections

B. For use with all transport protocols

C. Improves routing performance

D. Protection against upper layer attacks

Which statement is true about application layer firewalls?

A. Authenticate devices, not users

B. Authenticate individuals, not devices

C. Logging provides minimal details

D. Recommended for the monitoring of several applications simultaneously

Which sensor action will cause an IPS to block the IP address of an attacker for a specified period?

A. Request block connection

B. Deny connection inline

C. Request block host

D. Deny attacker inline

How is called the point in time, prior to a disruption or system outage, to which business process data can be recovered?

A. Recovery Point Objective

B. Recovery Time Objective

C. Maximum Tolerable Downtime

You need to ensure that CDP is only enabled on interfaces that are connected to a trusted network. CDP must be disabled on all other interfaces. What should you do?

A. Run the no cdp run command

B. Run the no cdp enable command

C. Deploy Cisco AutoSecure in noninteractive mode

D. Deploy Cisco AutoSecure in interactive mode

What does the Cisco AnyConnect Client auto-download check on the target client system? (Choose three)

A. Java

B. Hardware

C. ActiveX

D. Platform

E. Bandwidth

Attacks may take a variety of forms. Which of the following describes the Blended threats as a threat category?

A. Uses ping sweeps and port scans to identify all services on a network

B. Occurs when an attacker uses a fake device address

C. Attacks spread without human intervention

D. Attacks are typically carried out by instant message or E-mail

E. Hackers attempt to gain access to network packets

F. Occurs when an attacker can read or change sensitive data

Which algorithm is commonly used as a secure method of exchanging encryption keys?

A. AES

B. Diffie-Hellman

C. SHA-2

D. 3DES

What are reasons that prevent the use of SEAL? (Choose two)

A. Slower that AES

B. Software based IPsec

C. Supported devices

D. K8 subsystem

An organization requires a system that will meet the following requirements:
- Aggregate data from any compatible network node
- Produce compliance reports

Which system would fulfill these requirements?

A. ISE

B. SIEM

C. SNMP

D. IDS/IPS

Which types of ports can support 802.1X authentication? (Choose three)

A. Layer 3 routed ports

B. Static trunk ports

C. SPAN destination ports

D. Static access ports

E. Dynamic ports

A tunnel has been created and established with a branch office. You need to verify that traffic is traversing the connection. Which command will provide this information?

A. show crypto ipsec sa

B. show crypto ipsec transform-set

C. show crypto map

D. show crypto isakmp policy

Which of the following describes the Phreakers as a category of individuals who attack computer systems and operations?

A. Individuals who mean no harm and do not expect financial gain

B. Individuals who generally work for financial gain

C. Individuals who pride themselves on compromising telephone systems

D. Individuals who do not write their own code

E. Individuals with a political agenda

Which statements about routing update authentication are true? (Choose two)

A. EIGRP supports both plain text and MD5 authentication

B. OSPF supports both plain text and MD5 authentication

C. It can help prevent rouge default gateways from entering your network

D. When MD5 authentication is used, the authentication key is encrypted before being transmitted.

What is considered the number one criterion when classifying data for either the private or public sector?

A. Age

B. Personal association

C. Useful life

D. Value

Which statements describe the functions of the Security Audit feature? (Choose four)

A. Sends alerts when changes to the device's configuration would cause a security concern

B. Checks a routers running configuration against a list of predefined security configuration settings

C. Lists identified problems and provides recommendations for fixing them

D. Automatically performs a one-step lockdown after the audit is complete

E. Allows the user to choose which identified problems to fix and displays appropriate user interface for fixing them

F. Configures the router with the user's chosen security configuration

Which of the following describes the Crackers as a category of individuals who attack computer systems and operations?

A. Individuals who mean no harm and do not expect financial gain

B. Individuals who generally work for financial gain

C. Individuals who pride themselves on compromising telephone systems

D. Individuals who do not write their own code

E. Individuals with a political agenda

Which statement about role-based CLI access is true?

A. Commands can be added and removed on superviews from the root view

B. Deleting a superview also deletes any associated CLI views

C. Role-based CLI access can be configured with or without an AAA infrastructure

D. CLI views can be shared with more than one superview

To verify the clientless SSL VPN, a compliant browser has been opened. Which prefix is the path changed to if the object does not require authentication?

A. http://

B. /+CSCOE+/

C. /+CSCOU+/

D. https://

Which statement is true when configuring access control lists (ACLs) on a Cisco router?

A. ACLs filter all traffic through and sourced from the router.

B. Apply the ACL to the interface prior to configuring access control entries to ensure that controls are applied immediately upon configuration.

C. An "implicit deny" is applied to the start of the ACL entry by default.

D. Only one ACL per protocol, per direction, and per interface is allowed.

Which statements accurately describe characteristics of the Cisco borderless networks architecture? (Choose two)

A. The borderless end zone detects threats and mitigates them before users connect to the network

B. The policy management layer leverages existing infrastructure components and switching components, and then layers virtualized components on top to provide security solutions

C. The borderless datacenters enforce the security policy throughout the network

D. The borderless Internet component relies on cloud-based services for security intelligence, real-time updates, and scanning support for mobile users

Which of the following control plane security features is a Cisco IOS feature designed to allow users to manage the flow of traffic that is managed by the route processor of their network devices?

A. Control Plane Policing – CoPP

B. Control Plane Protection – CPP

C. Control Plane Logging

Which option is the term for the likelihood that a particular threat using a specific attack will exploit a particular vulnerability of a system that results in an undesirable consequence?

A. a vulnerability

B. a risk

C. an exploit

D. an attack

Which of the following describes the Script kiddies as a category of individuals who attack computer systems and operations?

A. Individuals who mean no harm and do not expect financial gain

B. Individuals who generally work for financial gain

C. Individuals who pride themselves on compromising telephone systems

D. Individuals who do not write their own code

E. Individuals with a political agenda

Cisco SecureX is an access control strategy that allows for more effective, higher-level policy creation and enforcement for mobile users. Which of the following describes the Cisco TrustSec function component?

A. Allows enforcement elements to use identity and location information to define access policy

B. Provides a consistent user interface and consolidates traditional function-specific client software products into one product

C. Extends the access control functionality end-to-end, using security group tags

D. Offers a web-based global network of shared resources, software, and information provided to Cisco customers on demand

You have learned that a Trojan was propagated to several servers in your network. However, no preventative action was taken by an IPS. What is this an example of?

A. False negative

B. True positive

C. True negative

D. False positive

A client on your network is seeking advice from you in regards to the type of host-based security for their home network. They state that they have three devices, which share an Internet connection through a single home server. The home server is directly connected to the ISP router. Their main concern is primarily on traffic going through the home server to and from the other three devices. What should you recommend that would require the least amount of administrative overhead and associated set up cost?

A. Proxy firewall

B. Dynamic NAT

C. Personal firewall

D. Static NAT

Which hash algorithm is vulnerable to collision attacks?

A. MD5

B. SHA-1

C. SHA-2

D. RC5

Select one of the following statements that describes the password attacks.

A. Hides information based on tunneling one protocol inside another

B. Hackers gain leverage using existing trust relationships

C. Attacks can be carried out using Trojan horse programs

D. Availability is compromised with DoS attacks

E. A collection of compromised machines running programs under a common command

F. Attacks focus on making a service unavailable for normal use

What mode will allow the Cisco ASA to act as an additional hop in the network?

A. Proxy

B. Spanned EtherChannel

C. Transparent

D. Routed

You need to be able to prevent users from entering global configuration mode unless they have the necessary privilege level. Which actions can you take to accomplish this? (Choose two)

A. Configure command authorization

B. Enable Cisco AutoSecure

C. Deploy a TACACS+ server

D. Deploy a RADIUS server

Which options are security services provided by digital signatures? (Choose three)

A. Authenticity of transmitted data

B. Authentication of end points

C. Nonrepudiation of the transaction

D. Confidentiality of transmitted data

E. Integrity of transmitted data

What technology allows for a device to have multiple virtual firewalls?

A. Cisco Secure ACS

B. Class maps

C. Security contexts

D. Compartmentalization principal

When configuring firewall access rules, there are several things that need to be avoided, such as completeness issues, consistency issues, and compactness issues. What are two examples of completeness issues? (Choose two)

A. Errors in rule specification

B. Data entry errors

C. Redundant rules

D. Promiscuous rules

Which of the options are primary reasons for an attacker to perform an IP spoofing attack? (Choose two)

A. Divert traffic streams

B. Gain root access to a system

C. Corrupt transmitted data

D. Logging information

A. Allows enforcement elements to use identity and location information to define access policy

B. Provides a consistent user interface and consolidates traditional function-specific client software products into one product

C. Extends the access control functionality end-to-end, using security group tags

D. Offers a web-based global network of shared resources, software, and information provided to Cisco customers on demand

Select one of the following statements that describes the trust exploitation threats.

A. Hides information based on tunneling one protocol inside another

B. Hackers gain leverage using existing trust relationships

C. Attacks can be carried out using Trojan horse programs

D. Availability is compromised with DoS attacks

E. A collection of compromised machines running programs under a common command

F. Attacks focus on making a service unavailable for normal use

Which option is true of intrusion prevention systems?

A. They operate in promiscuous mode.

B. They operate in inline mode.

C. They have no potential impact on the data segment being monitored.

D. They are more vulnerable to evasion techniques than IDS.

RADIUS and TACACS+ are both commonly used to control network access. Which of the following describes the function of TACACS+? (Choose three)

A. Uses UDP

B. Uses TCP

C. Only encrypts the password for access-request packets

D. Encrypts the entire body of access-request packets

E. Cannot be used to prevent users from performing specific commands on a router

F. Can be used to specify which commands users can perform on a router

You need to implement a high availability solution on the ASA. The solution must be able to work with units running in either single or multiple context mode. Which failover configuration should be used?

A. Cisco Secure ACS

B. Active/Standby

C. Cisco ASDM

D. Active/Active

Threats to network security have become more sophisticated over the years. Identify the next generation threats facing organizations today. (Choose four)

A. Cognitive threats via social networks

B. PDA and consumer electronics exploits

C. Widespread website compromises

D. Disruption of critical infrastructure

E. Massive worm drives

F. Macro viruses

When configuring firewall access rules, there are several things that need to be avoided, such as completeness issues, consistency issues, and compactness issues. Which of the following are two examples of consistency issues? (Choose two)

A. Data entry errors

B. Shadowed rules

C. Orphaned rules

D. Errors in rule specification

A client auto-downloaded the Cisco AnyConnect SSL VPN Client and a connection has been established. How can the connection mode be determined?

A. Using the ASDM navigate to Monitoring. Choose VPN, VPN Statistics, and then Sessions. Locate the client session.

B. Double-click the AnyConnect system tray icon. Choose statistics tab. Click details.

C. Using the ASDM navigate to Monitoring. Choose VPN, VPN Statistics, and then Sessions. Locate the client session, and then click the Details button.

D. Double-click the AnyConnect system tray icon. Choose statistics tab.

Select one of the following statements that describes the availability violations threats.

A. Hides information based on tunneling one protocol inside another

B. Hackers gain leverage using existing trust relationships

C. Attacks can be carried out using Trojan horse programs

D. Availability is compromised with DoS attacks

E. A collection of compromised machines running programs under a common command

F. Attacks focus on making a service unavailable for normal use

Which statement about private VLANs is true?

A. Isolated ports can only communicate with other isolated ports in the same VLAN

B. Community ports can communicate with other community ports on another switch in the same community VLAN

C. Community VLANs can communicate with other community VLANs as long as they are part of the same primary VLAN

D. Promiscuous ports can communicate with all other ports except isolated ports

Which of the following describes the Management plane packets classification? (Choose two)

A. End-station, user-generated packets

B. Examples include protocols such as ARP, BGP, and OSPF

C. Always have a receive destination IP address and are managed by the CPU in the network device route processor

D. Examples include SSH, TFTP, SNMP, and FTP

Which of the following describes the function of Cisco ScanSafe?

A. Includes a firewall and real-time threat defense capability

B. Uses hardware- and software-integrated security functions to provide a zone-based policy firewall and intrusion prevention

C. Uses sensors to accomplish intrusion prevention

D. Provides an on-premise solution to prevent data loss

E. Analyzes web requests to determine if the content is malicious or inappropriate based on the defined security policy

How does a stateful packet filtering firewall use a state table to improve the performance of routing?

A. Checks the source addresses of packets that can be routed

B. Used to reduce the number of routes available

C. To determine if a packet is returning traffic

D. Allows multiple private IP addresses to be mapped to a single public IP address

While calculating your results take a moment to complete our simple survey!

How likely is it that you would recommend LearnCisco.net
to a friend or colleague?

Why?

While calculating your results take a moment to complete our simple survey!

How likely is it that you would recommend LearnCisco.net to a friend or colleague?

Why?

How likely is it that you would recommend LearnCisco.net
to a friend or colleague?