Professional Documents
Culture Documents
Take Assessment - Module 5 Exam - CCNP: Implementing Secure Converged Wide - Area Networks (Version 5.0)
Take Assessment - Module 5 Exam - CCNP: Implementing Secure Converged Wide - Area Networks (Version 5.0)
0)
port scans
antivirus software
syslog server
Refer to the exhibit. Assume the AutoSecure configuration has been applied to the router. The configuration displayed in the exhibit will
generate the login block-for 60 attempts within 30 command in the running configuration. What is the significance of t his command?
After 5 failed attempts within a 30 second time frame, the router will not accept any additional login attempts for 60 second s.
After 5 failed attempts within a 60 second time frame, the router will not accept any additional login attempts for 30 seconds.
After 5 failed attempts within a 30 minute time frame, the router will not accept any additional login attempts for 60 minute s.
After 5 failed attempts within a 60 minute time frame, the router will not accept any additional login attempts for 30 minutes.
Refer to the exhibit. On the basis of the information that is provided, which two Cisco AutoSecure configuration statements are true?
(Choose two.)
Cisco AutoSecure will prompt the user to enter a banner.
By default, Cisco AutoSecure will automatically configure the ip cef command.
By default, Cisco AutoSecure will use a key modulus size of 512 bits when configuring SSH.
Cisco1 could be used for the enable secret function and the enable password function.
4 Which command would replace the current running configuration with the configuration file that was saved by the Cisco AutoSec ure
feature?
Router# copy flash:pre-autosec running-config
5 The act of asking for a username and password credentials and evaluating those credentials is known as which of the following ?
authentication
authorization
administration
access control
accounting
6 Port scans, packet sniffers, and ping sweeps are classified as which type of tools?
access attack tools
DoS tools
DDoS tools
reconnaissance tools
8
Refer to the exhibit. A router located at IP address 192.168.10.1 has been configured to support SSH. Which TCP port number s hould
be configured in the Tera Term utility to connect to the router using SSH?
port 15
port 22
port 23
port 61
port 78
port 79
9 Which two procedures could be used to specifically mitigate IP spoofing attacks? (Choose two.)
Configure access control.
Keep your operating system and applications current with the latest patches.
10 Which two statements are true about network attacks that use intelligence? (Choose two.)
A Trojan horse can contain a worm.
A worm executes and installs copies of itself in the memory of the infected computer.
11
Refer to the exhibit. Routers RTA and RTB have full connectivity between LANs. However, the clock on RTB cannot synchronize w ith
RTA. Which configuration would correct this situation?
RTB(config)# interface fa0/0
RTB(config)# ntp broadcast client
RTB(config)# no ntp authentication -key 2
RTB(config)# ntp authentication-key 1 md5 cisco
RTB(config)# no ntp server 10.10.10.1
RTB(config)# ntp server 10.0.0.1
RTB(config)# ntp trusted-key 2
12 What command enables AAA authentication for privileged EXEC mode access?
authentication login
13 If AutoSecure fails to complete its operations, the running -configuration may be corrupted. Within the context of IOS version 12.4, which
command or command sequence would be appropriate in this situation?
erase running-config and reload
reload
14 To mitigate probes and scans, which two services should be disabled? (Choose two.)
SNMP
Finger
ICMP Unreachable
ICMP redirects
15 The command crypto key generate rsa general-keys modulus 1024 must be issued to generate keys used by SSH. Which two tasks
must be completed before this command is entered? (Choose two.)
A modulus of 512 bits must be initially generated.
A worm is a malicious program that attaches itself to other programs and executes an unwanted function on a user workstation.
17 Which response indicates that the security server did not reply and the next authentication method will be accessed?
ERROR
FAIL
ABORT
no response
18 Which two statements about network attacks that use intelligence are true? (Choose two.)
DoS, DDos, trust exploitation, and viruses, are examples of network attacks that are based on intelligence.
DoS, DDos, viruses, Trojan horses, and worms are examples of network attacks that are based on i ntelligence.
The anatomy of a worm consists of the enabling vulnerability, a propagation mechanism, and the payload.
19 Which keyword is used for minimal accounting and sends a stop record accounting notice at the end of the requested user process?
stop-only
start-stop
wait-stop
end-stop