Flashcards in Test Prep Deck (33):
What does HMAC use to determine authenticity and integrity of a message? 2
When admin initiates a device wipe command from ISE - what is the immediate effect?
It requests the admin to choose between erasing all device data or managed corporate data.
Statement about Extended ACL?
perform filtering that is based on source and destination and are most effective when applied to source.
Two valid TCP states?
SYN_RCVD and Closed
security zone is automatically defined by the system?
3 cases when ASA permits inbound HTTP GET request?
When matching ACL
When matching NAT
When the FW receives a SYN-ACK packet.
3 actions are limitations when running IPS in promiscuous mode?
deny attacker, deny packet, modify packet
3 statements about CIsco host-based IPS?
can have more restrictive policies than network-based IPS.
Can generate alerts based on behaivor at the desktop level.
can view encrypted files.
config to conceal internal IP of an ASA?
statement about privilege levels in IOS?
levels are independent and support commands of lower numbered levels.
command ip ospf auth key 1 is implemented at which level?
Purposes of Internet Key EXchange in an IPSec VPN? 2
establishes security associations
responsible for mutual auth answers
Statements about ACL
Extended placed closest to source
STandard placed closest to destination
standard match on source address.
How does a device on a netowrk using ISE receive it's digital cert during the new-device registration process?
ISE acts as a SCEP proxy to enable the device to receive a cert from a central CA.
Component of CIA triad relate to safe data which is in transit?
two statements about stateless firewalls
they compare 5-tuple of each incoming packet against config rules.
They cannot track connections.
Two default levels of IOS privilege levels?
1 and 15
what does Open WEb Application SEcurity Project do?
Educate about common web site vulnerabilities.
SOURCEFIRE logging action should you choose to record the most detail about a connection?
Enable Logging at the end of the session?
QM_Idle shows what in show cry isakmp sa?
Phase 1 has been established between peers.
Privilege command prevents user with level 6 from modifying the interface config?
privilege exec level 9 config term.
What actions can promiscuous IPS take to mitigate an attack?
Requesting connection blocking
resetting the TCP connection
requesting host blocking
feature allows dynamic PAT pool to select the next address in the PAT pool instead of the next port of exisiting address?
part of OSPF config will not be required for MD5 Auth?
area 20 auth message-digest
FirePOWER prepocessor engine is used to prevent SYN attacks?
Function of private VLAN?
partitions the layer 2 boradcast domain of a VLAN into subdomains
Feature which mitigates spooofing attacks by verifying symmetry of the traffic path?
unicast reverse path forwarding.
encryption technology has the boradcast platform support to protect OS?
how does ZBF handles traffic between interfaces in the same zone?
traffic between two interfaces in the same zone is allowed by default.
Statement about ACS authentication and authorization?
Can be clustered to provide scalability.
question about VPN?
port 4500 IPSEC
statement about application blocking?
it blocks access to specific programs