CCNP Secure FAQ Implementing and Configuring Cisco IOS Management Plane Security

ccnp-secure-faq-implementing-configuring-cisco-ios-management-plane-security--2

CCNP Secure FAQ Implementing and Configuring Cisco IOS Management Plane Security

Q1. Which type of management plane attack type works by creating or taking over a management session?
A. Slow-path denial of service
B. Management session spoofing
C. Man-in-the-middle attacks
D. DoS session spoofing

Answer: B

Q2. Which of the following type of password is used to secure SSH connections?
A. Terminal line
B. Console
C. Async
D. Enable

Answer: A

Q3. Which of the following is the highest level of privilege supported?
A. 1
B. 16
C. 15
D. 0

Answer: C

Q4. What is the minimum modulus (key size) that must be used to enable SSH version 2?
A. 2048
B. 512
C. 1024
D. 768

Answer: D

Q5. Which of the following SNMP components is run directly on the device?
A. Manager
B. Agent
C. MIB
D. Supervisor

Answer: B

Q6. Which of the following SNMP operations notify the manager of an event without requiring an acknowledgment?
A. Get
B. Trap
C. Put
D. Inform

Answer: B

Q7. Which of the following authentication mechanisms can be used with SNMP version 3?
A. MD5
B. 3DES
C. AES
D. SHA

Answer: A and D

Q8. Which of the following protocols are supported by MPP?
A. CDP
B. Rsync
C. SSH
D. FTP

Answer: C and D

Q9. Which of the following global services are disabled by the AutoSecure feature?
A. HTTP server
B. SSH
C. NTP
D. AAA

Answer: A and C

Q10. Which of the following are valid types of keys when using digitally signed Cisco software?
A. Rollover
B. Development
C. Global
D. Special

Answer: A and D

Q11. The highest available configuration mode is _____, which is used to configure feature options for the entire device.

Answer: global configuration mode

Q12. When using the enable secret command, the password is secured using the _____ algorithm.

Answer: MD5

Q13. Role-based CLI access provides the ability to set up as many as _____ CLI views, which are configured to run commands that are configured for different job functions.

Answer: 15

Q14. The configuration of SSH without the use of labels requires that the _____ and _____ be configured first.

Answer: host name, domain name

Q15. The _____ is a virtual information storage location that contains collections of managed objects.

Answer: Management Information Base (MIB)

Q16. The _____ and _____ versions of SNMP utilize community name-based security.

Answer: version 1 and version 2

Q17. The _____ SNMP security model supports both authentication and encryption.

Answer: authPriv

Q18. _____ gives you the ability to limit the source of management traffic to a specific interface on a device.

Answer: MPP

Q19. Cisco recommends that the _____ feature not be used in production environments.

Answer: AutoSecure

Q20. A _____ threshold is triggered when the CPU utilization exceeds a configured threshold

Answer: rising

More Resources

About the author

Scott

Leave a Comment