Professional Documents
Culture Documents
CCNA4E Ch4 Study Guide TB
CCNA4E Ch4 Study Guide TB
corporation or entity? What is a ping sweep? How does the intruder use port scans? What are some common terms for eavesdropping? Describe Two common uses of eavesdropping. Why is SNMP version 1 community strings susceptible to eavesdropping? What are three of the most effective methods for counteracting eavesdropping? Why is encryption a valuable option? Describe password attacks. What are some of the tools intruders can use to implement password attacks? Describe Port Redirection. Describe Man-in-the-Middle Attack. Describe transparent proxy. Describe DoS attacks. Describe Ping of Death. Describe SYN flood attack. Describe DDoS Attacks. What are some Examples of DDoS attacks? How might DoS and DDoS attacks be mitigated? Describe Malicious Code Attacks. Describe the anatomy of a worm attack. 4.1.4 Describe Device Hardening. Why use Antivirus software? Why use Personal Firewalls? Why use Operating System Patches? 4.1.5 Describe the Security Wheel. List the four steps of the Security Wheel.
What are the Functions of a Security Policy? What are the most recommended Components of a Security Policy? 4.2.1 What functions does a router provide? Why do intruders target routers? Router security should be thought of in terms of what category types? 4.2.2 What are the steps to safeguard a router? Describe the two Cisco IOS password protection schemes. What command is used to enable the type 5 encryption? Why is type 5 preferred over type 7? 4.2.4 What is the preferred way for an CCNA EXP 4
1.
administrator to connect to a device to manage it? What are the two steps to secure administrative access to routers and switches? Remote access typically involves allowing what types of connections to the router from a computer on the same internetwork as the router? VTY lines should be configured to accept connections only with the protocols actually needed. What commands accomplish this? In limiting the risk of a DoS attack on VTY lines, what is a good practice? How is the answer to the above question accomplished? What port does Telnet use? What is the major difference between Telnet & SSH? What port does SSH use? When SSH is enabled, are Cisco routers clients or servers? To enable SSH on the router, what parameters must be configured? What are the steps to configure SSH on a router? To connect to a router configured with SSH, you have to use an SSH client application such as? 4.2.5 What is the purpose of logging router activity? What are the different levels of logging Routers support? Why is a syslog server a good option? What is the importance of time stamps? 4.3.1 What is the command(s) to disable Small services such as echo, discard, and chargen? What is the command(s) to disable BOOTP? What is the command(s) to disable Finger? What is the command(s) to disable HTTP? What is the command(s) to disable SNMP? What is the command(s) to disable Cisco Discovery Protocol (CDP)? What is the command(s) to disable remote configuration? What is the command(s) to disable source routing? What is the command(s) to disable classless routing? What is the command(s) to disable unused interfaces? CCNA EXP 4 CH.4 Network Security REVISED FEB 2009
4.3.2
4.3.3
4.4.1
4.4.4
4.5.2
4.5.3
4.5.4
4.5.5
What is the command(s) to disable SMURF attacks? What is the command(s) to disable ad hoc routing? How do you set the name server to be used on a router? What is the command(s) to disable DNS? What are the consequences of falsifying routing information? You can configure AutoSecure in privileged EXEC mode using the auto secure command in one of what two modes? What command is used to start the process of securing a router? What are some of the items Cisco AutoSecure will ask you for? What is Cisco SDM? Where can SDM be installed? What are the steps to configure Cisco SDM on a router already in use, without disrupting network traffic? On new routers where is Cisco SDM is stored by default? How do you launch the Cisco SDM? What are the differences in locking down a router with Cisco SDM vs. Cisco AutoSecure? What are some of the tools that require valid Cisco.com login accounts? Where is the file image of the IOS located? Describe the Cisco IOS File Naming Conventions use in the following example: C1841-ipbase-mz.123-14.T7.bin What is the benefit of using TFTP Servers to manage IOS Images? What tasks should be completed before changing a Cisco IOS image on the router? During the copy process what is the purpose of the exclamation points (!)? Describe the two most used troubleshooting commands. Which commands displays static information? By default, where does the network server send the output from debug commands and system error messages? Which commands displays dynamic data and events? In which mode is it issued? To list and see a brief description of all the debugging command options what do you enter on the router? What is the configuration register?
CCNA EXP 4
4.5.6 What command will confirm that the router will use the configured config register setting on the next reboot?
CCNA EXP 4