CCNA Security FAQ: Security at the Network Perimeter Q1. Match the following deployment scenarios for a Cisco IOS router with the correct description: Single Perimeter: ___ Two Perimeters: ___ Screen Subnet: ___ Descriptions: A. The router establishes the trusted network boundary at the Internet and protects a single LAN. B. A DMZ is established on a … [Read more...]
CCNA Security FAQ: Network Insecurity
CCNA Security FAQ: Network Insecurity Q1. Which of the following constitutes the elements in the C-I-A triad? A. Consolidation, Integration, Authentication B. Confidentiality, Integrity, Availability C. Confusion, Impact, Animosity D. Central, Intelligence, Agency E. None of the above. Answer: B is the correct answer. This is pretty much industry-wide Q2. Cisco says … [Read more...]
CCNA Security FAQ: Implementing Digital Signatures
CCNA Security FAQ: Implementing Digital Signatures Question. Cryptographic hashes can be used to provide which of the following? (Choose all that apply.) A. Message integrity B. Functional analysis C. Security checks D. Message lists E. Digital signatures Answer: A and E Question. Which of the following is an example of a function intended for cryptographic … [Read more...]
CCNA Security FAQ: Securing the Router
CCNA Security FAQ: Securing the Router Question. If you need to use Simple Network Management Protocol (SNMP) on your network, what version does Cisco recommend? A. Version 2 B. Version 2c C. Version 3 D. Version 3c Answer: C Question. What are two automated approaches for hardening the security of a Cisco IOS router? (Choose two.) A. AutoQoS B. AutoSecure C. Cisco … [Read more...]
CCNA Security FAQ: Configuring AAA
CCNA Security FAQ: Configuring AAA Question. Which of the following commands is used in global configuration mode to enable AAA? A. aaa EXEC B. aaa new-model C. configure aaa-model D. configure-model aaa Answer: B Question. How do you define the authentication method that will be used with AAA? A. With a method list B. With a method statement C. With the method … [Read more...]
CCNA Security FAQ: Defending the Perimeter
CCNA Security FAQ: Defending the Perimeter Question. Which of the following are considered IOS security features? (Choose four.) A. Stateful firewall B. MARS C. IPS D. VRF-aware firewall E. VPN F. ACS Answer: A, C, D, and E Question. Some ISRs include a USB port, into which a flash drive can connect. What are three common uses for the flash drive? (Choose three.) A. … [Read more...]
CCNA Security FAQ: Developing a Secure Network
CCNA Security FAQ: Developing a Secure Network Question. What are the five phases of the System Development Life Cycle (SDLC)? (Choose five.) A. Termination B. Operations and maintenance C. Acquisition and development D. Initiation E. Implementation F. Execution G. Disposition Answer: B, C, D, E, and G Question. Which of the following attempts to ensure that no one … [Read more...]
CCNA Security FAQ: Understanding Network Security Principles
CCNA Security FAQ: Understanding Network Security Principles Question. Where do most attacks on an organization’s computer resources originate? A. From the Internet B. From the inside network C. From universities D. From intruders who gain physical access to the computer resources Answer: B Question. What are the three primary goals of network security? (Choose … [Read more...]
CCNA Security FAQ: Protecting Switch Infrastructure
CCNA Security FAQ: Protecting Switch Infrastructure Question. Examine the following partial switch configuration and choose all the statements that correctly describe what is being accomplished. A. When the level of broadcasts has reached 62.5% of total traffic, the multicasts will be limited to 3,000 packets per second (pps) and unicast traffic will be limited to 50 … [Read more...]
CCNA Security FAQ: Introduction to Endpoint, SAN, and Voice Security
CCNA Security FAQ: Introduction to Endpoint, SAN, and Voice Security Question. Which is not one of the three prongs of the Cisco Host Security Strategy? A. Endpoint protection B. Cisco network admission control C. Network infection containment D. Comprehensive network security policy E. Cisco routers Answers: D and E are the correct choices. Cisco’s Host Security … [Read more...]