Category: CCNA Exam

CCNA Security, Final Exam

    What will be disabled as a result of the no service password-recovery command ? aaa new-model global configuration command. change to the configuration register. password encryption service. – ability to access ROMmon.     What occurs after RSA keys are generated on a Cisco router to prepare for secure device management? All vty ports are automatically configured for SSH to provide secure management. The general-purpose key size must be specified for authentication with the crypto key generate rsa general-keys mo command. The keys must be zeroized to reset secure shell before configuring other parameters. – The generated keys can be used...

Read More

CCNA Security, chapter 9 Exam

Questions and answers above 90% correct.     Which three statements describe ethics in network security? (Choose three.) principles put into action in place of laws foundations for current laws – set of moral principles that govern civil behavior – standard that is higher than the law set of regulations established by the judiciary system set of legal standards that specify enforceable actions when the law is broken     Which component of the security policy lists specific websites, newsgroups, or bandwidth-intensive applications that are not allowed on the company network? remote access policies acceptable use policies incident handling procedures identification...

Read More

CCNA Security, chapter 8 Exam

Questions and answers above 90% correct. What are two benefits of an SSL VPN? (Choose two.) It supports all client/server applications. It supports the same level of cryptographic security as an IPsec VPN. – It has the option of only requiring an SSL-enabled web browser. The thin client mode functions without requiring any downloads or software. – It is compatible with DMVPNs, Cisco IOS Firewall, IPsec, IPS, Cisco Easy VPN, and NAT. When verifying IPsec configurations, which show command displays the encryption algorithm, hash algorithm, authentication method, and Diffie-Hellman group configured, as well as default settings? show crypto map...

Read More

CCNA Security, chapter 7 Exam

Questions and answers above 90% correct.     Which symmetrical encryption algorithm is the most difficult to crack? –  3DES –AES -DES -RSA -SHA     What is the basic method used by 3DES to encrypt plaintext? -The data is encrypted three times with three different keys. –The data is encrypted, decrypted, and encrypted using three different keys. -The data is divided into three blocks of equal length for encryption. -The data is encrypted using a key length that is three times longer than the key used for DES.     What does it mean when a hashing algorithm is collision resistant?...

Read More

CCNA Security, chapter 6 Exam

Questions and answers above 90% correct.     Which two measures are recommended to mitigate VLAN hopping attacks? (Choose two.) –  Use a dedicated native VLAN for all trunk ports. – Place all unused ports in a separate guest VLAN. – Disable trunk negotiation on all ports connecting to workstations. – Enable DTP on all trunk ports. – Ensure that the native VLAN is used for management traffic.     As a recommended practice for Layer 2 security, how should VLAN 1 be treated? – All access ports should be assigned to VLAN 1. – All trunk ports should be assigned...

Read More




Subscribe via Email