CCNP Secure FAQ Implementing and Configuring Cisco IOS Management Plane Security


CCNP Secure FAQ Implementing and Configuring Cisco IOS Management Plane Security

Q1. Which type of management plane attack type works by creating or taking over a management session?
A. Slow-path denial of service
B. Management session spoofing
C. Man-in-the-middle attacks
D. DoS session spoofing

Answer: B

Q2. Which of the following type of password is used to secure SSH connections?
A. Terminal line
B. Console
C. Async
D. Enable

Answer: A

Q3. Which of the following is the highest level of privilege supported?
A. 1
B. 16
C. 15
D. 0

Answer: C

Q4. What is the minimum modulus (key size) that must be used to enable SSH version 2?
A. 2048
B. 512
C. 1024
D. 768

Answer: D

Q5. Which of the following SNMP components is run directly on the device?
A. Manager
B. Agent
D. Supervisor

Answer: B

Q6. Which of the following SNMP operations notify the manager of an event without requiring an acknowledgment?
A. Get
B. Trap
C. Put
D. Inform

Answer: B

Q7. Which of the following authentication mechanisms can be used with SNMP version 3?
A. MD5

Answer: A and D

Q8. Which of the following protocols are supported by MPP?
B. Rsync

Answer: C and D

Q9. Which of the following global services are disabled by the AutoSecure feature?
A. HTTP server

Answer: A and C

Q10. Which of the following are valid types of keys when using digitally signed Cisco software?
A. Rollover
B. Development
C. Global
D. Special

Answer: A and D

Q11. The highest available configuration mode is _____, which is used to configure feature options for the entire device.

Answer: global configuration mode

Q12. When using the enable secret command, the password is secured using the _____ algorithm.

Answer: MD5

Q13. Role-based CLI access provides the ability to set up as many as _____ CLI views, which are configured to run commands that are configured for different job functions.

Answer: 15

Q14. The configuration of SSH without the use of labels requires that the _____ and _____ be configured first.

Answer: host name, domain name

Q15. The _____ is a virtual information storage location that contains collections of managed objects.

Answer: Management Information Base (MIB)

Q16. The _____ and _____ versions of SNMP utilize community name-based security.

Answer: version 1 and version 2

Q17. The _____ SNMP security model supports both authentication and encryption.

Answer: authPriv

Q18. _____ gives you the ability to limit the source of management traffic to a specific interface on a device.

Answer: MPP

Q19. Cisco recommends that the _____ feature not be used in production environments.

Answer: AutoSecure

Q20. A _____ threshold is triggered when the CPU utilization exceeds a configured threshold

Answer: rising

More Resources

About the author


Leave a Comment