Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
878Activity
0 of .
Results for:
No results containing your search query
P. 1
CCNA Security Final 100%

CCNA Security Final 100%

Ratings:

3.6

(5)
|Views: 51,541 |Likes:
Published by Akbal Larios

More info:

Published by: Akbal Larios on Nov 20, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less

08/04/2013

pdf

text

original

 
CCNAS FINAL 100%
1
Which Cisco IOS configuration option instructs the IPS to compile a signature category named
ios_ips
into memoryand use it to scan traffic?R1(config)#
ip ips signature-category
R1(config-ips-category)#
category all
R1(config-ips-category-action)#
retired false
 
R1(config)#
ip ips signature-category
R1(config-ips-category)#
category ios_ips basic
R1(config-ips-category-action)#
retired false
R1(config)#
ip ips signature-category
R1(config-ips-category)#
category all
R1(config-ips-category-action)#
enabled true
R1(config)#
ip ips signature-category
R1(config-ips-category)#
category ios_ips basic
R1(config-ips-category-action)#
enabled true2
Refer to the exhibit. An administrator has configured router R1 as indicated. However, SDEE messages fail to log.Which solution corrects this problem?Issue the
logging on
command in global configuration.Issue the
ip ips notify sdee
command in global configuration.Issue the
ip audit notify log
command in global configuration.Issue the
clear ip ips sdee events
command to clear the SDEE buffer.
3
Which three principles are enabled by a Cisco Self-Defending Network? (Choose three.)adaptabilitycollaborationinsulationintegrationmitigationscalability
4
What are two disadvantages of using network IPS? (Choose two.)Network IPS has a difficult time reconstructing fragmented traffic to determine if an attack was successful.Network IPS is incapable of examining encrypted traffic.Network IPS is operating system-dependent and must be customized for each platform.Network IPS is unable to provide a clear indication of the extent to which the network is being attacked.
 
Network IPS sensors are difficult to deploy when new networks are added.
5
Which access list statement permits HTTP traffic that is sourced from host 10.1.129.100 port 4300 and destined to host192.168.30.10?
access-list 101 permit tcp any eq 4300access-list 101 permit tcp 192.168.30.10 0.0.0.0 eq 80 10.1.0.0 0.0.255.255access-list 101 permit tcp 10.1.129.0 0.0.0.255 eq www 192.168.30.10 0.0.0.0 eq wwwaccess-list 101 permit tcp 10.1.128.0 0.0.1.255 eq 4300 192.168.30.0 0.0.0.15 eq wwwaccess-list 101 permit tcp host 192.168.30.10 eq 80 10.1.0.0 0.0.255.255 eq 43006
Which type of SDM rule is created to govern the traffic that can enter and leave the network based on protocol andport number?NAC ruleNAT ruleIPsec ruleaccess rule
7
Refer to the exhibit. When configuring SSH on a router using SDM from the Configure menu, which two steps arerequired? (Choose two.)Choose
Additional Tasks > Router Access > SSH
to generate the RSA keys.Choose
Additional Tasks > Router Access > VTY
to specify SSH as the input and output protocol.Choose
Additional Tasks > Router Properties > Netflow
to generate the RSA keys.Choose
Additional Tasks > Router Properties > Logging
to specify SSH as the input and output protocol.Choose
Additional Tasks > Router Access > AAA
to generate the RSA keys.Choose
Additional Tasks > Router Access > Management Access
to specify SSH as the input and output protocol.
8
 
Refer to the exhibit. Which two statements are correct regarding the configuration on switch S1? (Choose two.)Port Fa0/5 storm control for broadcasts will be activated if traffic exceeds 80.1 percent of the total bandwidth.Port Fa0/6 storm control for multicasts and broadcasts will be activated if traffic exceeds 2,000,000 packets per second.Port Fa0/6 storm control for multicasts will be activated if traffic exceeds 2,000,000 packets per second.Port Fa0/5 storm control for multicasts will be activated if traffic exceeds 80.1 percent of the total bandwidth.Port Fa0/5 storm control for broadcasts and multicasts will be activated if traffic exceeds 80.1 percent of 2,000,000packets per second.
9
Refer to the exhibit. Which three things occur if a user attempts to log in four times within 10 seconds using an incorrectpassword? (Choose three.)Subsequent virtual login attempts from the user are blocked for 60 seconds.During the quiet mode, an administrator can virtually log in from any host on network 172.16.1.0/24.Subsequent console login attempts are blocked for 60 seconds.A message is generated indicating the username and source IP address of the user.During the quiet mode, an administrator can log in from host 172.16.1.2.No user can log in virtually from any host for 60 seconds.
Which type of Layer 2 attack makes a host appear as the root bridge for a LAN?LAN stormMAC address spoofingMAC address table overflowSTP manipulationVLAN attack
What occurs after RSA keys are generated on a Cisco router to prepare for secure device management?

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->