Upload
2lkopp3n
View
217
Download
0
Embed Size (px)
Citation preview
8/6/2019 CCNP2 V5.0 QUIZ5
http://slidepdf.com/reader/full/ccnp2-v50-quiz5 1/4
1 Port scans, packet sniffers, and ping sweeps are classified as which type of tools?access attack tools
application layer attack tools
DoS tools
DDoS tools
reconnaissance tools
trust exploitation tools
2
Refer to the exhibit. Routers RTA and RTB have full connectivity between LANs. However, the clock on RTB cannotsynchronize with RTA. Which configuration would correct this situation?RTB(config)# interface fa0/0RTB(config)# ntp broadcast clientRTB(config)# no ntp authentication-key 2RTB(config)# ntp authentication-key 1 md5 ciscoRTB(config)# no ntp server 10.10.10.1RTB(config)# ntp server 10.0.0.1RTB(config)# ntp authenticate
RTB(config)# ntp peer 10.0.0.1
3 The act of asking for a username and password credentials and evaluating those credentials is known as which of thefollowing?
authentication
authorization
administrationaccess control
accounting
4
Refer to the exhibit. On the basis of the information that is provided, which two Cisco AutoSecure configuration statements are true?(Choose two.)
Cisco AutoSecure will prompt the user to enter a banner.
By default, Cisco AutoSecure will automatically configure the ip cef command.
By default, Cisco AutoSecure will use a key modulus size of 512 bits when configuring SSH.
Cisco1 could be used for the enable secret function and the enable password function.
Cisco would be a valid enable secret password.When prompted to enter the interface facing the Internet, entering Fa0/0 would be valid assuming that the routerhas a FastEthernet 0/0 interface.
5 Which response indicates that the security server did not reply and the next authentication method will be accessed?ERROR
FAIL
ABORT
no responseWhich sequence of steps is recommended for worm attack mitigation?
Step 1: ContainmentStep 2: InoculationStep 3: QuarantineStep 4: TreatmentStep 1: ContainmentStep 2: QuarantineStep 3: InoculationStep 4: TreatmentStep 1: InoculationStep 2: Containment
Sida 1 av 4QUIZ5_CCNP2_V5.0
2011-05-26mht ml:file://D:\Mina dokument\NIT -09\CCNP 2 - WAN\ QUIZ5_CCNP2_V5.0. mhtCreate PDF files without this message by purchasing novaPDF printer ( http://www.novapdf.com )
8/6/2019 CCNP2 V5.0 QUIZ5
http://slidepdf.com/reader/full/ccnp2-v50-quiz5 2/4
8/6/2019 CCNP2 V5.0 QUIZ5
http://slidepdf.com/reader/full/ccnp2-v50-quiz5 3/4
12 If AutoSecure fails to complete its operations, the running-configuration may be corrupted. Within the context of IOSversion 12.4, which command or command sequence would be appropriate in this situation?
erase running-config and reload
copy startup-config running-config
reload
configure replace flash:pre_autosec.cfg
13 What command enables AAA authentication for privileged EXEC mode access?
authentication loginaaa authentication enable
enable authentication exec
aaa authentication exec
14 Which statement identifies the distinction between a worm and a virus?A worm spreads automatically over the network from one computer to the next.Worm attacks are often based on using malicious code, intelligence gathered in the earlier attacks, or insideraccess to the network.
A worm appears desirable but actually contains something harmful.A worm is a malicious program that attaches itself to other programs and executes an unwanted function on auser workstation.
15 To mitigate probes and scans, which two services should be disabled? (Choose two.)
SNMPFinger
ICMP Unreachable
ICMP redirects
TCP minor services
16 Which two statements are true about network attacks that use intelligence? (Choose two.)A Trojan horse can contain a worm.
A virus can contain a Trojan horse and worms.
A worm can contain a Trojan horse.
A worm can contain a Trojan horse and viruses.
A worm executes and installs copies of itself in the memory of the infected computer.
17 The command crypto key gernerate rsa general-keys modulus 1024 must be issued to generate keysused by SSH. Which two tasks must be completed before this command is entered? (Choose two.)
A modulus of 512 bits must be initially generated.
A hostname other than Router must be configured.
SSH must be globally enabled.
The domain name must be configured.
The SSH server IP address must be configured.
The vty lines must be configured to accept SSH input.
18 Which command would replace the current running configuration with the configuration file that was saved by theCisco AutoSecure feature?
Router# copy flash:pre-autosec running-config
Router# copy nvram:pre_autosec running-config
Router# copy flash:pre-autosec.cfg running-config
Router# copy nvram:pre_autosec.cfg running-config
Router# configure replace pre_autosec
Router# configure replace flash:pre_autosec.cfg
19
Sida 3 av 4QUIZ5_CCNP2_V5.0
2011-05-26mht ml:file://D:\Mina dokument\NIT -09\CCNP 2 - WAN\ QUIZ5_CCNP2_V5.0. mhtCreate PDF files without this message by purchasing novaPDF printer ( http://www.novapdf.com )
8/6/2019 CCNP2 V5.0 QUIZ5
http://slidepdf.com/reader/full/ccnp2-v50-quiz5 4/4
Refer to the exhibit. Assume the AutoSecure configuration has been applied to the router. The configuration displayedin the exhibit will generate the login block-for 60 attempts within 30 command in the running configuration. What is
the significance of this command?After 5 failed attempts within a 30 second time frame, the router will not accept any additional login attempts for
60 seconds.After 5 failed attempts within a 60 second time frame, the router will not accept any additional login attempts for30 seconds.After 5 failed attempts within a 30 minute time frame, the router will not accept any additional login attempts for60 minutes.After 5 failed attempts within a 60 minute time frame, the router will not accept any additional login attempts for30 minutes.
20 Which two procedures could be used to specifically mitigate IP spoofing attacks? (Choose two.)Configure access control.
Configure DHCP spoofing.
Configure dynamic ARP inspection (DAI).
Configure RFC 3704 filtering.
Configure traffic rate limiting.
Keep your operating system and applications current with the latest patches.
Sida 4 av 4QUIZ5_CCNP2_V5.0
2011 05 26mht ml:file://D:\Mina dok ment\NIT 09\CCNP 2 WAN\ QUIZ5 CCNP2 V5 0 mhtCreate PDF files without this message by purchasing novaPDF printer ( http://www novapdf com )