Networking Security > 1.2 > Flashcards

1.2 Flashcards

(20 cards)

Study These Flashcards
1
Q
  1. What is an advantage in using a packet filtering firewall versus a high-end firewall appliance?
    Packet filters perform almost all the tasks of a high-end firewall at a fraction of the cost.
    Packet filters provide an initial degree of security at the data-link and network layer.
    Packet filters represent a complete firewall solution.
    Packet filters are not susceptible to IP spoofing.
A
  1. What is an advantage in using a packet filtering firewall versus a high-end firewall appliance?
    Packet filters perform almost all the tasks of a high-end firewall at a fraction of the cost.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. Refer to the exhibit. In the network that is shown, which AAA command logs the use of EXEC session commands?
    aaa accounting network start-stop group tacacs+
    aaa accounting network start-stop group radius
    aaa accounting connection start-stop group radius
    aaa accounting exec start-stop group radius
    aaa accounting connection start-stop group tacacs+
    aaa accounting exec start-stop group tacacs+
A
  1. Refer to the exhibit. In the network that is shown, which AAA command logs the use of EXEC session commands?
    aaa accounting exec start-stop group tacacs+
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. A network administrator enters the single-connection command. What effect does this command have on AAA operation?
    allows a new TCP session to be established for every authorization request
    authorizes connections based on a list of IP addresses configured in an ACL on a Cisco ACS server
    allows a Cisco ACS server to minimize delay by establishing persistent TCP connections
    allows the device to establish only a single connection with the AAA-enabled server
A

allows a Cisco ACS server to minimize delay by establishing persistent TCP connections

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. Which two practices are associated with securing the features and performance of router operating systems? (Choose two.)
    Install a UPS.
    Keep a secure copy of router operating system images.
    Configure the router with the maximum amount of memory possible.
    Disable default router services that are not necessary.
    Reduce the number of ports that can be used to access the router.
A

Keep a secure copy of router operating system images.

Configure the router with the maximum amount of memory possible.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. Which statement describes a characteristic of the IKE protocol?
    It uses UDP port 500 to exchange IKE information between the security gateways.
    IKE Phase 1 can be implemented in three different modes: main, aggressive, or quick.
    It allows for the transmission of keys directly across a network.
    The purpose of IKE Phase 2 is to negotiate a security association between two IKE peers.
A

It uses UDP port 500 to exchange IKE information between the security gateways.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. Refer to the exhibit. If a network administrator is using ASDM to configure a site-to-site VPN between the CCNAS-ASA and R3, which IP address would the administrator use for the peer IP address textbox on the ASA if data traffic is to be encrypted between the two remote LANs?
  2. 165.201.1
  3. 168.1.3
  4. 16.3.1
  5. 16.3.3
  6. 168.1.1
A

209.165.201.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. Refer to the exhibit. Based on the security levels of the interfaces on the ASA, what statement correctly describes the flow of traffic allowed on the interfaces?
    Traffic that is sent from the LAN and the Internet to the DMZ is considered inbound.
    Traffic that is sent from the DMZ and the Internet to the LAN is considered outbound.
    Traffic that is sent from the LAN to the DMZ is considered is considered inbound.
    Traffic that is sent from the DMZ and the LAN to the Internet is considered outbound.
A

Traffic that is sent from the DMZ and the LAN to the Internet is considered outbound.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. What two assurances does digital signing provide about code that is downloaded from the Internet? (Choose two.)
    The code contains no errors.
    The code contains no viruses.
    The code has not been modified since it left the software publisher.
    The code is authentic and is actually sourced by the publisher.
    The code was encrypted with both a private and public key.
A

The code has not been modified since it left the software publisher.
The code is authentic and is actually sourced by the publisher.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q 
29.	Which interface option could be set through ASDM for a Cisco ASA?
default route
access list
VLAN ID
NAT/PAT
A

VLAN ID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. What are two characteristics of a stateful firewall? (Choose two.)
    uses connection information maintained in a state table
    uses static packet filtering techniques
    analyzes traffic at Layers 3, 4 and 5 of the OSI model
    uses complex ACLs which can be difficult to configure
    prevents Layer 7 attacks
A

uses connection information maintained in a state table

analyzes traffic at Layers 3, 4 and 5 of the OSI model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. What are three characteristics of SIEM? (Choose three.)
    can be implemented as software or as a service
    Microsoft port scanning tool designed for Windows
    examines logs and events from systems and applications to detect security threats
    consolidates duplicate event data to minimize the volume of gathered data
    uses penetration testing to determine most network vulnerabilities
    provides real-time reporting for short-term security event analysis
A

can be implemented as software or as a service
examines logs and events from systems and applications to detect security threats
consolidates duplicate event data to minimize the volume of gathered data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q 
32.	Which type of traffic is subject to filtering on an ASA 5505 device?
public Internet to inside
public Internet to DMZ
inside to DMZ
DMZ to inside
A

inside to DMZ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q 
33.	Which IDS/IPS signature alarm will look for packets that are destined to or from a particular port?
honey pot-based
anomaly-based
signature-based 
policy-based
A

signature-based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q 
34.	Which three actions can the Cisco IOS Firewall IPS feature be configured to take when an intrusion activity is detected? (Choose three.)
reset UDP connection
reset TCP connection
alert
isolate
inoculate
drop
A

reset TCP connection
alert
drop

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q 
35.	Which two protocols can be selected using the Cisco AnyConnect VPN Wizard to protect the traffic inside a VPN tunnel? (Choose two.)
Telnet
SSH
SSL
ESP
IPsec
A

SSL

IPsec

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. What is a characteristic of a role-based CLI view of router configuration?
    When a superview is deleted, the associated CLI views are deleted.
    A single CLI view can be shared within multiple superviews.
    A CLI view has a command hierarchy, with higher and lower views.
    Only a superview user can configure a new view and add or remove commands from the existing views.
Study These Flashcards
A

A single CLI view can be shared within multiple superviews.

17
Q

37.

Study These Flashcards
A

Penetration testing = used to determine the possible consequences of successful attacks on the network.
Vulnerability scanning = used to find weaknesses and misconfigurations on network systems.
Network scanning = used to discover available resources on the network.

18
Q 
38.	Which statement describes the use of certificate classes in the PKI?
A class 5 certificate is more trustworthy than a class 4 certificate. 
Email security is provided by the vendor, not by a certificate.
The lower the class number, the more trusted the certificate.
A vendor must issue only one class of certificates when acting as a CA.
19
Q
  1. Refer to the exhibit. An administrator issues these IOS login enhancement commands to increase the security for login connections. What can be concluded about them?
    Because the login delay command was not used, a one-minute delay between login attempts is assumed.
    The hosts that are identified in the ACL will have access to the device.
    The login block-for command permits the attacker to try 150 attempts before being stopped to try again.
    These enhancements apply to all types of login connections.
Study These Flashcards
A

The hosts that are identified in the ACL will have access to the device.

20
Q
  1. A company deploys a Cisco ASA with the Cisco CWS connector enabled as the firewall on the border of corporate network. An employee on the internal network is accessing a public website. What should the employee do in order to make sure the web traffic is protected by the Cisco CWS?
    Register the destination website on the Cisco ASA.
    Use the Cisco AnyConnect Secure Mobility Client first.
    Use a web browser to visit the destination website.
    First visit a website that is located on a web server in the Cisco CWS infrastructure.
Study These Flashcards
A

Use a web browser to visit the destination website.

Networking Security
flashcards
Decks in class (5)
# Cards
Brainscape helps you reach your goals faster, through stronger study habits.
© 2026 Bold Learning Solutions. Terms and Conditions