aaaa Flashcards
(39 cards)
Which next-generation encryption algorithms support four variants? A. SHA2 B. SHA1 C. MD5 D. HMAC
SHA2
Which type of malicious software can create a back‐door into a device or network?
A. worm B. trojan C. virus D. bot
trojan
Which attack can be prevented by OSPF authentication?
A. smurf attack B. IP spoofing attack C. buffer overflow attack D. denial of service attack
denial of service attack
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?
A. authNoPriv B. noAuthNoPriv C. noAuthPriv D. authPriv
authNoPriv
What are two advanced features of the Cisco AMP solution for endpoints? (Choose two)
A. reflection B. foresight C. sandboxing D. contemplation E. reputation
sandboxing
reputation
What does the DH group refer to? A. length of key hashing B. length of key exchange C. tunnel lifetime key D. length of key for authentication E. length of key for encryption
length of key exchange
In which two modes can the Cisco Web Security Appliance be deployed? (Choose two)
A. explicit proxy mode
B. as a transparent proxy using the Secure Sockets Layer protocol
C. as a transparent proxy using the Hyper Text Transfer Protocol
D. as a transparent proxy using the Web Cache Communication Protocol
E. explicit active mode
explicit proxy mode
as a transparent proxy using the Web Cache Communication Protocol
Which type of mechanism does Cisco FirePOWER deploy to protect against email threats that are detected moving across other networks? A. reputation‐based B. signature‐based C. antivirus scanning D. policy‐based
reputation‐based
Which action does standard antivirus software perform as part of the file‐analysis process?
A. execute the file in a simulated environment to examine its behaviour
B. examine the execution instructions in the file
C. flag the unexamined file as a potential threat
D. create a backup copy of the file
examine the execution instructions in the file
When you edit an IPS subsignature, what is the effect on the parent signature and the family of signatures?
A. The change applies to the parent signature and the subsignature that you edit.
B. The change applies to the parent signature and the entire family of subsignatures.
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit.
D. Other signatures are unaffected; the change applies only to the subsignature that you edit.
Other signatures are unaffected; the change applies only to the subsignature that you edit.
Which two ESA services are available for incoming and outgoing mails? (Choose two) A. DLP B. reputation filter C. content filter D. anti-Dos E. antispam
content filter
antispam
Which EAP method uses Protected Access Credentials? A. EAP-FAST B. EAP-TLS C. EAP-PEAP D. EAP-GTC
EAP-FAST
You have implemented a dynamic blacklist, using intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for business purposes. Which action can you take to retain the blacklist while allowing users to access the approved sites?
A. Disable the dynamic blacklist and create a static blacklist in its place.
B. Create a whitelist and manually add the approved addresses.
C. Disable the dynamic blacklist and deny the specific address on a whitelist while permitting the others.
D. Edit the dynamic blacklist to remove the approved addresses.
Create a whitelist and manually add the approved addresses.
Which two configurations can prevent VLAN hopping attack from attackers at VLAN 10? (Choose two)
A. creating VLAN 99 and using switchport trunk native vlan 99 command on trunk ports
B. enabling BPDU guard on all access ports
C. using switchport trunk native vlan 10 command on trunk ports
D. using switchport nonegotiate command on dynamic desirable ports
E. applying ACL between VLANs
F: using switchport mode access command on all host ports
creating VLAN 99 and using switchport trunk native vlan 99 command on trunk ports
using switchport mode access command on all host ports
Q15 What is a limitation of network-based IPS?
A. It is unable to monitor attacks across the entire network.
B. It is most effective at the individual host level.
C. It must be individually configured to support every operating system on the network.
D. Large installations require numerous sensors to fully protect the network.
Large installations require numerous sensors to fully protect the network.
Which statement represents a difference between an access list on an ASA versus an access list on a router?
A. The ASA does not support extended access lists
B. The ASA does not support number access lists
C. The ASA does not ever use a wildcard mask
D. The ASA does not support standard access lists
The ASA does not ever use a wildcard mask
Which three descriptions of RADIUS are true? (Choose three.)
A. It supports multiple transport protocols.
B. It uses TCP as its transport protocol.
C. Only the password is encrypted.
D. It uses UDP as its transport protocol.
E. It separates authentication, authorization and accounting.
F. It combines authentication and authorization.
Only the password is encrypted.
It uses UDP as its transport protocol.
It combines authentication and authorization.
Which two models of ASA tend to be used in a data centre? (Choose two) A. 5555X B. ASA service module C. 5585X D. 5540 E. 5520 F. 5512
ASA service module
5585X
Which statement about interface and global access rules is true?
A. Interface access rules are processed before global access rules.
B. The implicit allow is processed after both the global and interface access rules.
C. If an interface access rule is applied, the global access rule is ignored.
D. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction.
Interface access rules are processed before global access rules.
Which security term refers to the likelihood that a weakness will be exploited to cause damage to an asset? A. threat B. vulnerability C. risk D. countermeasure
risk
Which two descriptions of TACACS+ are true? (Choose two)
A. It uses TCP as its transport protocol.
B. It combines authentication and authorization.
C. Only the password is encrypted.
D. The TACACS+ header is unencrypted
E. It uses UDP as its transport protocol.
It uses TCP as its transport protocol.
The TACACS+ header is unencrypted
Which term refers to the electromagnetic interference that can radiate from network cables? A. emanations B. multimode distortion C. Gaussian distributions D. Doppler waves
emanations
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?
A. AMP B. DLP C. DCA D. CTA
DLP
What are two limitations of the self-zone policies on a zone-based firewall? (Choose two)
A. They restrict SNMP traffic.
B. They are unable to implement application inspection.
C. They are unable to block HTTPS traffic.
D. They are unable to support HTTPS traffic.
E. They are unable to perform rate limiting.
They are unable to implement application inspection.
They are unable to perform rate limiting.
