1. What three configuration steps must be performed to implement SSH access to a router? (Choose three.)
- a password on the console line
- an IP domain name
- a user account
- an enable mode password
- a unique hostname
- an encrypted password
- Configure a unique hostname.
- Configure the domain name of the network.
- Configure a user account to use AAA or local database for authentication.
- Generate RSA keys.
- Enable VTY SSH sessions.
2. What is the objective of a network reconnaissance attack?
- discovery and mapping of systems
- unauthorized manipulation of data
- disabling network systems or services
- denying access to resources by legitimate users
3. For security reasons a network administrator needs to ensure that local computers cannot ping each other. Which settings can accomplish this task?
- smartcard settings
- firewall settings
- MAC address settings
- file system settings
4. A network administrator establishes a connection to a switch via SSH. What characteristic uniquely describes the SSH connection?
- out-of-band access to a switch through the use of a virtual terminal with password authentication
- remote access to the switch through the use of a telephone dialup connection
- on-site access to a switch through the use of a directly connected PC and a console cable
- remote access to a switch where data is encrypted during the session
- direct access to the switch through the use of a terminal emulation program
5. Which benefit does SSH offer over Telnet for remotely managing a router?
- TCP usage
- connections via multiple VTY lines
6. What is one of the most effective security tools available for protecting users from external threats?
- router that run AAA services
- patch servers
- password encryption techniques
7. Which type of network threat is intended to prevent authorized users from accessing resources?
- DoS attacks
- access attacks
- reconnaissance attacks
- trust exploitation
8. Which three services are provided by the AAA framework? (Choose three.)
9. Which malicious code attack is self-contained and tries to exploit a specific vulnerability in a system being attacked?
- Trojan horse
- social engineering
10. Some routers and switches in a wiring closet malfunctioned after an air conditioning unit failed. What type of threat does this situation describe?
- Hardware threats – physical damage to servers, routers, switches, cabling plant, and workstations
- Environmental threats – temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry)
- Electrical threats – voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss
- Maintenance threats – poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling
11. What does the term vulnerability mean?
- a weakness that makes a target susceptible to an attack
- a computer that contains sensitive information
- a method of attack to exploit a target
- a known target or victim machine
- a potential threat that a hacker creates
12. Which component is designed to protect against unauthorized communications to and from a computer?
- security center
- port scanner
13. Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?
- RouterA(config)# login block-for 10 attempts 2 within 30
- RouterA(config)# login block-for 30 attempts 2 within 10
- RouterA(config)# login block-for 2 attempts 30 within 10
- RouterA(config)# login block-for 30 attempts 10 within 2
14. What is the purpose of the network security accounting function?
- to require users to prove who they are
- to determine which resources a user can access
- to keep track of the actions of a user
- to provide challenge and response questions
15. What type of attack may involve the use of tools such as nslookup and fping?
- access attack
- reconnaissance attack
- denial of service attack
- worm attack