Blog

Which action do IPsec peers take during the IKE Phase 2 exchange? negotiation of IPsec policy negotiation of IKE policy sets verification of peer identity exchange of DH keys Answers…

Which statement describes a characteristic of the IKE protocol? It uses UDP port 500 to exchange IKE information between the security gateways. IKE Phase 1 can be implemented in three…

A web server administrator is configuring access settings to require users to authenticate first before accessing certain web pages. Which requirement of information security is addressed through the configuration? integrity…

A network technician has been asked to design a virtual private network between two branch routers. Which type of cryptographic key should be used in this scenario? symmetric key digital…

Refer to the exhibit. According to the command output, which three statements are true about the DHCP options entered on the ASA? (Choose three.) The dhcpd address [ start-of-pool ]-[…

Refer to the exhibit. What will be displayed in the output of the show running-config object command after the exhibited configuration commands are entered on an ASA 5506-X? host 192.168.1.4…

A client connects to a Web server. Which component of this HTTP connection is not examined by a stateful firewall? the source IP address of the client traffic the destination…

Which statement describes a difference between the Cisco ASA IOS CLI feature and the router IOS CLI feature? To indicate the CLI EXEC mode, ASA uses the % symbol whereas…

Which type of firewall makes use of a server to connect to destination devices on behalf of clients? packet filtering firewall proxy firewall stateless firewall stateful firewall Answers Explanation &…

How does a firewall handle traffic when it is originating from the public network and traveling to the DMZ network? Traffic that is originating from the public network is inspected…

What two features are added in SNMPv3 to address the weaknesses of previous versions of SNMP? (Choose two.) authentication authorization with community string priority bulk MIB objects retrieval ACL management…

Refer to the exhibit. Which two conclusions can be drawn from the syslog message that was generated by the router? (Choose two.) This message indicates that the interface changed state…

What is a limitation to using OOB management on a large enterprise network? All devices appear to be attached to a single management network. OOB management requires the creation of…

What network testing tool is used for password auditing and recovery? Nessus Metasploit L0phtcrack SuperScan

What type of network security test can detect and report changes made to network systems? integrity checking penetration testing vulnerability scanning network scanning Answers Explanation & Hints: Integrity checking is…

What is a characteristic of a role-based CLI view of router configuration? A single CLI view can be shared within multiple superviews. When a superview is deleted, the associated CLI…

If AAA is already enabled, which three CLI steps are required to configure a router with a specific view? (Choose three.) Create a view using the parser view view-name command.…

Which threat protection capability is provided by Cisco ESA? Layer 4 traffic monitoring web filtering spam protection cloud access security Answers Explanation & Hints: Email is a top attack vector…

Which three types of traffic are allowed when the authentication port-control auto command has been issued and the client has not yet been authenticated? (Choose three.) EAPOL CDP STP TACACS+…

What network testing tool would an administrator use to assess and validate system configurations against security policies and compliance standards? L0phtcrack Nessus Metasploit Tripwire Answers Explanation & Hints: Tripwire –…