Exam A
QUESTION 1
As a network engineer at Cisco.com, you are responsible for Cisco network. Which will be necessarily taken into consideration when implementing Syslogging in your network?
A. Log all messages to the system buffer so that they can be displayed when accessing the router.
B. Use SSH to access your Syslog information.
C. Enable the highest level of Syslogging available to ensure you log all possible event messages.
D. Syncronize clocks on the network with a protocol such as Network Time Protocol.
Correct Answer: D
QUESTION 2
Which classes does the U.S. government place classified data into? (Choose three.)
A. SBU
B. Confidential
C. Secret
D. Top-secret
Correct Answer: BCD
QUESTION 3
You are a network technician at Cisco.com. Which description is correct when you have generated RSA keys on your Cisco router to prepare for secure device management?
A. All vty ports are automatically enabled for SSH to provide secure management.
B. The SSH protocol is automatically enabled.
C. You must then zeroize the keys to reset secure shell before configuring other parameters.
D. You must then specify the general-purpose key size used for authentication with the crypto key generate rsa general-keys modulus command.
Correct Answer: B
QUESTION 4
Which method is of gaining access to a system that bypasses normal security measures?
A. Creating a back door
B. Starting a Smurf attack
C. Conducting social engineering
D. Launching a DoS attack
Correct Answer: A
QUESTION 5
As a candidate for CCNA examination, when you are familiar with the basic commands, if you input the command “enable secret level 5 password” in the global mode , what does it indicate?
A. Set the enable secret command to privilege level 5.
B. The enable secret password is hashed using SHA.
C. The enable secret password is hashed using MD5.
D. The enable secret password is encrypted using Cisco proprietary level 5 encryption.
E. The enable secret password is for accessing exec privilege level 5.
Correct Answer: E
QUESTION 6
Which statement is true about a Smurf attack?
A. It sends ping requests to a subnet, requesting that devices on that subnet send ping replies to a target system.
B. It intercepts the third step in a TCP three-way handshake to hijack a session.
C. It uses Trojan horse applications to create a distributed collection of “zombie” computers, which can be used to launch a coordinated DDoS attack.
D. It sends ping requests in segments of an invalid size.
Correct Answer: A QUESTION 7
Which three items are Cisco best-practice recommendations for securing a network? (Choose three.)
A. Deploy HIPS software on all end-user workstations.
B. Routinely apply patches to operating systems and applications.
C. Disable unneeded services and ports on hosts.
D. Require strong passwords, and enable password expiration.
Correct Answer: BCD QUESTION 8
For the following attempts, which one is to ensure that no one employee becomes a pervasive security threat, that data can be recovered from backups, and that information system changes do not compromise a system’s security?
A. Disaster recovery
B. Strategic security planning
C. Implementation security
D. Operations security
Correct Answer: D QUESTION 9
For the following options ,which one accurately matches the CLI command(s) to the equivalent SDM wizard that performs similar configuration functions?
A. setup exec command and the SDM Security Audit wizard
B. auto secure exec command and the SDM One-Step Lockdown wizard
C. aaa configuration commands and the SDM Basic Firewall wizard
D. Cisco Common Classification Policy Language configuration commands and the SDM Site-to-Site VPN wizard
Correct Answer: B QUESTION 10
Which three options are network evaluation techniques? (Choose three.)
A. Scanning a network for active IP addresses and open ports on those IP addresses
B. Using password-cracking utilities
C. Performing end-user training on the use of antispyware software
D. Performing virus scans
Correct Answer: ABD QUESTION 11
Which is the main difference between host-based and network-based intrusion prevention?
A. Network-based IPS is better suited for inspection of SSL and TLS encrypted data flows.
B. Host-based IPS can work in promiscuous mode or inline mode.
C. Network-based IPS can provide protection to desktops and servers without the need of installing specialized software on the end hosts and servers.
D. Host-based IPS deployment requires less planning than network-based IPS.
Correct Answer: C