CCIE Security FAQ Operating Systems and Cisco Security Applications
Q1. What UNIX command implements a trace route to the remote network www.guitar.com?
a. trace www.guitar.com if DNS is enabled with the IOS command dns server
ip-address.
b. traceroute www.guitar.com
c. trace guitar.com
d. UNIX does not support the traceroute command.
Q2. What UNIX command copies a file?
a. copy
b. cpy
c. cp
d. pc
Q3. A Cisco router network manager wants to copy the configuration in RAM to a UNIX server. What needs to be accomplished before this can occur?
a. Issue copy run tftp.
b. Modify the .rhosts file.
c. Modify the rcmd.allow file.
d. Erase the .rhosts.allow file.
e. Enable TFTP on the UNIX server.
Q4. Which of the following is not a UNIX file flag parameter?
a. Execute
b. Write
c. Read
d. Read/Write
e. Authenticate
Q5. Which of the following is not a UNIX file type?
a. Normal
b. Directories
c. Special
d. Link
e. Medium
Q6. NetBIOS over TCP/IP operates at what layer of the OSI model?
a. 1
b. 2
c. 3
d. 4
e. 5
f. 6
g. 7
Q7. In Windows NT, what is a domain that is trusted by all remote domains called?
a. Local
b. Remote
c. Single
d. Global
e. Master
f. Slave
Q8. In Windows NT, what is a domain that is trusted automatically called?
a. Local
b. Remote
c. Single
d. Global
e. Master
f. Slave
Q9. Which of the following is not an NTFS permission type?
a. R
b. W
c. D
d. P
e. O
f. M
Q10. In Windows NT, when in a DOS command window, what command displays the local IP ARP entries?
a. arp
b. rarp
c. rarp –b
d. arp –n
e. arp –a
Q11. What devices can the Cisco Secure Policy Manager remotely manage? (Select the best three answers.)
a. Routers
b. Switches
c. NMS workstations
d. PIX Firewalls
Q12. NetRanger LAN interface supports all but which one of the following?
a. Ethernet
b. Fast Ethernet
c. Token Ring
d. Serial WAN interfaces
e. FDDI
Q13. Which of the following is not a component of the security wheel?
a. Develop
b. Secure
c. Monitor
d. Manage
e. Increase
Q14. Which of the following is false in regards to NetRanger?
a. NetRanger examines the IP header.
b. NetRanger examines the TCP header.
c. NetRanger examines the entire IP frame.
d. NetRanger monitors TCP or UDP port scans.
Q15. How many phases are completed with NetSonar?
a. 1
b. 2
c. 3
d. 4
e. 5
f. 6
Q16. What UNIX command displays the files in the current directory?
Q17. What UNIX command changes a directory from etc/ to bin/?
Answer:
cd .. (takes you down one directory)
cd etc (root directory to etc directory)
Q18. What does the following UNIX command accomplish?
cp -i simon.doc henry.doc
Q19. To define a permission for a UNIX file, what command line interface is required?
Q20. The chmod UNIX command can define what levels of access or permissions on a UNIX host?
Q21. In a Windows NT environment, what is a domain, primary domain controller, and backup domain controller?
Q22. What functions does the protocol NetBIOS provide in a Window NT environment?
Answer: NetBIOS is a session layer protocol that is used to allow communication between PCs. NetBIOS provides the following functions:
Authentication
Connection management
Error control
File sharing
Flow control
Full-duplex transmissions
Name resolution
Print sharing
Session management
Q23. What is the function of the lmhosts file on a Windows platform device?
Q24. Name and define the six NTFS permission types.
R—Read only. The data or object can only be viewed.
W—Write access. The data can be changed.
X—Execute. The data can be executed; for example, a directory can be viewed or program executed.
D—Delete. The data can be deleted.
P—Change permissions. The data access permissions can be altered.
O—Take ownership. The ownership can be altered.
Q25. In Windows NT 4.0, what DOS command displays any local ARP entries?
Q26. Define the terms NetRanger Sensor and Director and their uses?
NetRanger Sensor—High speed device that analyzes the content of data being transported across a network and determines whether that traffic is authorized or unauthorized. Unauthorized traffic includes ping requests from intruders. Traffic that is detected from unauthorized sources is sent directly to the NetRanger Director, and the intruder is removed from the network (optional and set by network administrator).NetRanger Director—Provides real-time response to intruders in the network by blocking access to the network and terminating any active data sessions.
Q27. What LAN interfaces can be supported on a NetRanger Sensor?
Q28. What are the six phases completed by Cisco NetSonar?
Phase I—NetSonar sends out ICMP echo requests (ping) to query hosts.
Phase II—All live hosts are collected and stored on particular port numbers.Phase III—NetSonar identifies the hardware devices that might be vulnerable, such as routers, switches, firewalls, printers, desktops, and hosts that responded to ping requests. Operating systems and network services are documented and labeled as potential vulnerabilities.Phase IV—Vulnerabilities are confirmed. This phase is intrusive.
Phase V—The data is charted for presentation. The data can also be charted graphically as line or 3D bar graphs.
Phase VI—The data is reported in a number of different formats, including a summary report, a short and detailed report, or a full technical report.
Q29. What is the meaning of the term Security Wheel?
Answer: Cisco defines a Security Wheel concept that outlines the critical steps to ensuring that data and networks are secured correctly. The Security Wheel revolves around a strong, well-defined corporate policy. The Security Wheel consists of the following:
Secure—After defining a strong corporate policy, you should secure your network by deploying the products necessary in the appropriate places to achieve your corporate security policy.
Monitor and respond—Continuously monitor using NetRanger tools at strategic points in the network to discover new vulnerabilities.
Test—On a regular and formal basis, test all network components.
Manage and improve—Analyze all the reports and metrics supplied by NetSonar, and cycle through the Security Wheel by going through all these steps continuously.
Q30. A group of users in a Windows NT environment are members of the domain CISCO_CCIE. You are supplied the following details regarding file permissions:
- PC1 and PC2 are authenticated in domain CISCO.
- The CISCO domain is trusted by the CISCO_CCIE domain.
- The directory d:\data has a file named ccielab35.doc and has access for users in the CISCO domain set to read only access.
- A user named hbenjamin in the CISCO domain owns the Word document ccielab3.doc.
With these details, can PC1 open and read the file named ccielab35.doc?
Q31. A newly created program file is on a UNIX server in the etc/bin named simon.exe directory. The root user creates the file simon.exe after compiling some UNIX C-based code. The root user password is set to guitar. How can you allow all users who are authenticated and authorized to view the etc/bin directory access to the file named simon.exe?
More Resources