Preguntas Respuesta conocida: 1, 2, 6, 7, 8, 10, 17, 18, 36, 37, 39, 46, 48, 49, 51, 52, 54,

55, 58, 61, 63, 65, 78, 79, 103, 106 108, 111, 113, 68, 72, 85, 88, 99, 100, 104 CCNA Security Resumen Pregunta 23 y 25 del cuestionario: what is the "quiet period" It is a period in which any login attempt would be denied Example: login block-for 30 attempts 5 whitin 10 It will block login attempts for 30 seconds after five failed login attempts occ ur within a 10-second time period Pregunta 26: Fail-open-Mode. Esto es una pregunta de switches. Un switch usa un Content Address Memory (CAM) Table to store the information use d by the switch ro make forwarding decisions. Contiene una lista de direcciones mac que han sido aprendi das from each switch port. When a frame enters the switch the switch interrogates the frames destination mac address, if the destina tion MAC address is known to exist off one of the switch ports, the frame is for warded out only to that port. The CAM table however has a limit. if the CAM table ever fills to capacity the switch is unable to learn new mac addresses, as result when frames arrive destinated for these unlea rned mac addresses the switch floods a copy of these frames out all other switch interfaces other than interfaces it was received The behavior of flooding frames with unlearned destination mac addresses is know n as Fail-open-Mode Pregunta 30 & 64: Tacacs usa TCP port 49 y encripta todo el paquete Radius tiene la capacidad de Autenticar y Autorizar (una funcion) pero no autori za comandos en el router Radius solo encripta el pasword Tacacs tiene la capacidad de controlar que comandos pueden ser ejecutados en un router Radius utiliza UDP ports 1812 & 1645 Pregunta 32 (Discutida con Pablo) Si AAA login authentication fails los otros do s metodos utilizados para autenticar son: Enable y LOCAL Pregunta 34. Option Enable secret 5 means que el password es hashed usando MD5 Pregunta 42: Extended ACLs should be placed as close to the destination as possi ble Turbo ACl feature: ACLs with long lines may be harder for routers to process packets, For ACLs with more than three entries the CPU load is lower when matching the packet to the predetermined packet matching Pregunta 74: Fibre Channel (FCAP):

It relies on an underlying Public Key Infrastructure (PKI)