Exam A
QUESTION 1
Which four of these areas can be characterized for network risk assessment testing methodology? (Choose four)
A. Router hostname and IP addressing scheme
B. Router filtering rules
C. Route optimization
D. Database connectivity and RTT
E. Weak authentication mecharisms
F. Improperly configured email servers
G. Potential web server exploits
Correct Answer: BEFG
QUESTION 2
What does the “authoritative” flag in the show ip nhrp command output indicate? A. It indicates that information was learned from the source mapping information of an NHRP resolution request received by the local router or from an NHRP resolution packet being forwarded through the local router.
B. It indicates an NHRP mapping entry for networks local to this router for which this router has answered an NHRP resolution request
C. It indicates that the NHRP information was obtained from the next-hop server or router that maintains the NBMA-to-IP address mapping for a particular destination D. It indicates that this NHRP mapping entry must be unique; it cannot be overwritten with a mapping entry that has the same IP address but a different NBMA address.
A.
B.
C.
D.
Correct Answer:
QUESTION 3
Refer to the exhibit From the ASDM NAT Rules table, inside host 10.1.0.4 is translated to which IP address on the outside?
A. 203.0.113.254
B. 192.168.3.3
C. 192.168.3.4
D. 203.0.113.113
E. 203.0.113.114
Correct Answer: E
QUESTION 4
Unicast Reverse Path Forwarding(Uncast RPF) is a protection mechanism that can be used against which of these?
A. TCP session hijacking attacks
B. Brute-force attacks
C. Teardrop attacks
D. Password attacks
E. Birthday attacks
F. Spoofing attacks
Correct Answer: F QUESTION 5
You run the show ipv6 port-map telnet command and you see that the port 23 (system-defined) message and the port 223 (user-defined) message are displayed. Which command is in the router configuration?
A. Ipv6 port-map port telnet 223
B. Ipv6 port-map port 23 port 23223
C. Ipv6 port-map telnet port 23 223
D. Ipv6 port-map telnet port 223
Correct Answer: D QUESTION 6
Which three of these are among the implicit IPv6 ACL rules in Cisco IOS allowing ICMPv6 neighbor discovery? (Choose three)
A. permit icmp any any nd-na
B. deny icmp any any nd-na
C. permit icmp any any nd-ns
D. deny icmp any any nd-nn
E. permit ipv6 any any
F. deny ipv6 any any
Correct Answer: ACF QUESTION 7
Hypertext Transfer Protocol (HTTP) version 1.1 introduced several improvements over HTTP 1.0, which resulted in improved performance (faster page displays) for end users. Which three of these of these enhancements were added to the HTTP 1.1 protocol over the HTTP 1.0 protocol? (Choose three) A. GET requests
B. Persistent connections
C. Selective acknowledgements
D. Chunked encoding
E. HTTP pipelining
A.
B.
C.
D.
Correct Answer: QUESTION 8
What is the default TCP port used to remotely manage a Cisco Secure ACS v4.x software application server?
A. 2000
B. 2001
C. 2002
D. 2005
E. 2020 Correct Answer: C QUESTION 9
Before you can configuration Professional, you must do what? A. Create a default password, and then attach it to the router list in the community map
B. Create a community, and then add devices to that community
C. Create a discovery map, and then bind this map to the community
D. Create a hostname-to-IP-address mapping, and then add this map reference in the community
A.
B.
C.
D.
Correct Answer: QUESTION 10
Which two of these correctly describe the following command?(Choose two) Aaa authentication ppp user-radius if-needed group radius A. RADIUS authentication will be used for lines using PPP with CHAP only
B. RADIUS authentication will be used for lines using PPP with CHAP or PAP
C. RADIUS authentication is not performed if the user has been authenticated/authorized
D. If the action returns an error, the user will be allowed access without authentication
E. The user radius keyword specifies that all RADIUS servers are to be used
A.
B.
C.
D.
Correct Answer: