Cisco CCNA Security Module 6 (23 questions) 100%

Which technology is used to protect the switched infrastructure from problems caused by receiving BPDUs on ports that should not be receiving them? RSPAN PortFast Root guard Loop guard BPDU guard Which attack relies on the default automatic trunking configuration on most Cisco switches? LAN storm attack VLAN hopping attack STP manipulation attack MAC address spoofing attack Which three switch security commands are required to enable port security on a port so that it will dynamically learn a single MAC address and disable the port if a host with any other MAC address is connected? (Choose three.) switchport mode access switchport mode trunk switchport port-security switchport port-security maximum 2 switchport port-security mac-address sticky switchport port-security mac-address mac-address Which three are SAN transport technologies? (Choose three.) Fibre Channel SATA iSCSI IP PBX FCIP IDE Which two measures are recommended to mitigate VLAN hopping attacks? (Choose two.) Use a dedicated native VLAN for all trunk ports.

Ensure that the native VLAN is used for management traffic. The interface immediately becomes error-disabled and the port LED is turned off. what is the default violation mode? protect reset . Which two elements are part of the Cisco strategy for addressing endpoint security? (Choose two. Which attack is mitigated by using port security? LAN storm VLAN hopping STP manipulation MAC address table overflow Refer to the exhibit. Packets with unknown source addresses are dropped without notification. The VLAN that Fa0/2 is on is set to error-disabled and all traffic on the VLAN is stopped.) policy compliance using products such as Cisco NAC network infection monitoring using products such as Cisco Secure ACS threat protection using products such as Cisco Security Agent attack detection using products such as Cisco NAC risk assessment compliance using products such as Cisco Security Agent When configuring a switch port for port security. but notification of the dropped packets is sent.Place all unused ports in a separate guest VLAN. Enable DTP on all trunk ports. What action will the switch take when the maximum number of secure MAC addresses has reached the allowed limit on the Fa0/2 port? Packets with unknown source addresses are dropped. Disable trunk negotiation on all ports connecting to workstations.

Native VLAN traffic received on VLAN 10 or transmitted from VLAN 20 is forwarded to FastEthernet 0/1.restrict shutdown Refer to the exhibit. and the switch resets the interface when an invalid MAC address is detected. As a recommended practice for Layer 2 security. VLAN 1 should be used for management traffic. . Alltrunk ports should be assigned to VLAN 1. how will SPAN operate on the switch? All traffic transmitted from VLAN 10 or received on VLAN 20 is forwardd to FastEthernet 0/1. What happens when the MAC address notification feature is enabled on a switch? An SDEE alrt is generated. which two actions does the switch take when a storm occurs on a port? (Choose two. VLAN 1 should not be used. An SNMP log message is sent. The switch forwards control traffic only. Based on the output generated by the show monitor session 1 command. All traffic received on VLAN 10 or transmitted from VLAN 20 is forwarded to FastEthernet 0/1. Native VLAN traffic transmitted from VLAN 10 or received on VLAN 20 is forwarded to FastEthernet 0/1. The switch is rebooted. The port is placed in a blocking state. The port is disabled. If a switch is configured with the storm-control command and the action shutdown and action trap parameters. how should VLAN 1 be treated? All access portsshould be assigned to VLAN 1.

RSPAN can be used to forward traffic to reach an IDS that is analyzing traffic for malicious behavior.) SPAN can send a copy of traffic to a port on another switch. SPAN can be configured to send a copy of traffic to a destination port on the same switch.000.000 100. quarantining of noncompliant systems. RSPAN is required for syslog and SNMP implementation. .000 Which three statements are true regarding SPAN and RSPAN? (Choose three. A port violation occurs when a MAC address outside of the range of allowed addresses transmits traffic over a secure port.000 10.000 1.) Disable DTP on ports that require trunking. RSPAN is required to copy traffic on a source VLAN to a destination port on the same switch. Which Cisco endpoint security product helps maintain network stability by providing posture assessment. Which two actions help mitigate this type of activity? (Choose two. An administrator wants to prevent a rogue Layer 2 device from intercepting traffic from multiple VLANs on a network. and remediation of noncompliant systems? Cisco Access Control Server Cisco Security Agent workstation Cisco Intrusion Prevention System router Cisco Network Admission Control appliance With IP voice systems on data networks. which two types of attacks target VoIP specifically? (Choose two.) CoWPAtty Kismet SPIT virus vishing How many Cisco Security Agent clients can one Management Center for CSA console support? 1. SPAN can copy traffic on a source port or source VLAN to a destination port on the same switch.An STP multicast notification packet is forwarded to all switches any time a change in the network topology is detected. An SNMP trap is sent to the network management system whenever a new MAC address is added to or an old address is deleted from the forwarding tables.

Place unused active ports in an unused VLAN. It allows an RSPAN session to be backward compatible with a SPAN session. Which device supports the use of SPAN to enable monitoring of malicious activity? Cisco NAC Cisco IronPort Cisco Security Agent Cisco Catalyst switch How is a reflector port used in an RSPAN configuration? It provides a dedicated connection for the IDS device.1q Which software tool can a hacker use to flood the MAC address table of a switch? macof Cisco SDM kiwi syslog server . Which option best describes a MAC address spoofing attack? An attacker gains access to another host and masquerades as the rightful user of that device. Which frames are spoofed in STP manipulation attacks? BPDU DTP ISL 802. VLAN 1. It allows an IDS device to direct malicious traffic to it. Set the native VLAN on the trunk ports to an unused VLAN. It acts like a loopback interface in that it reflects the captured traffic to the RSPAN VLAN. Secure the native VLAN. with encryption. isolating that traffic from other areas of the network. Turn off trunking on all trunk ports and manually configure each VLAN as required on each port. An attacker alters the MAC address of the switch to gain access to the network device from a rogue host device. An attacker floods the MAC address table of a switch so that the switch can no longer filter network access based on MAC addresses. An attacker alters the MAC address of his host to match another known MAC address of a target host.

protocol analyzer .

Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master Your Semester with a Special Offer from Scribd & The New York Times

Cancel anytime.