What is a benefit of having users or remote employees use a VPN to connect to the existing network rather than growing the network infrastructure? security scalability cost savings compatibility…
What is the standard for a public key infrastructure to manage digital certificates? PKI NIST-SP800 x.503 x.509 Answers Explanation & Hints: The x.509 standard is for a PKI infrastructure and…
What technology allows users to verify the identity of a website and to trust code that is downloaded from the Internet? asymmetric key algorithm digital signature encryption hash algorithm Answers…
Why are DES keys considered weak keys? They are more resource intensive. DES weak keys are difficult to manage. They produce identical subkeys. DES weak keys use very long key…
One method used by Cryptanalysts to crack codes is based on the fact that some letters of the English language are used more often than others. Which term is used…
Which cipher played a significant role in World War II? RC4 Caesar Enigma One-time pad Answers Explanation & Hints: The Enigma machine was an electromechanical encryption device that created the…
During a recent pandemic, employees from ABC company were allowed to work from home. What security technology should be implemented to ensure that data communications between the employees and the…
What are three techniques for mitigating VLAN hopping attacks? (Choose three.) Disable DTP. Enable trunking manually. Set the native VLAN to an unused VLAN. Enable BPDU guard. Enable Source Guard.…
Which two security features can cause a switch port to become error-disabled? (Choose two.) root guard PortFast with BPDU guard enabled protected ports storm control with the trap option port…
A company requires the use of 802.1X security. What type of traffic can be sent if the authentication port-control auto command is configured, but the client has not yet been…
What protocol is used to encapsulate the EAP data between the authenticator and authentication server performing 802.1X authentication? RADIUS TACACS+ SSH MD5 Answers Explanation & Hints: Encapsulation of EAP data…
A company is concerned about data theft if any of the corporate laptops are stolen. Which Windows tool would the company use to protect the data on the laptops? AMP…
What is the IPS detection engine that is included in the SEC license for 4000 Series ISRs? Security Onion Snort ASDM AMP Answers Explanation & Hints: Snort is the IPS…
Match each IPS signature trigger category with the description.
What is a characteristic of an IPS atomic signature? it can be slow and inefficient to analyze traffic it requires several pieces of data to match an attack it is…
When a Cisco IOS Zone-Based Policy Firewall is being configured, which two actions can be applied to a traffic class? (Choose two.) log hold drop inspect copy forward Answers Explanation…
When a Cisco IOS Zone-Based Policy Firewall is being configured via CLI, which step must be taken after zones have been created? Design the physical infrastructure. Establish policies between zones.…
What are two benefits offered by a zone-based policy firewall on a Cisco router? (Choose two.) Policies are defined exclusively with ACLs. Policies are applied to unidirectional traffic between zones.…
A company is deploying a new network design in which the border router has three interfaces. Interface Serial0/0/0 connects to the ISP, GigabitEthernet0/0 connects to the DMZ, and GigabitEthernet/01 connects…
Which type of firewall is commonly part of a router firewall and allows or blocks traffic based on Layer 3 and Layer 4 information? stateless firewall stateful firewall proxy firewall…