CCNA Security Practice Test

In what ways can ACLs protect the data plane? (Choose five)

A. ACLs can block unwanted traffic or users

B. ACLs can prevent spoofed packets

C. ACLs can reduce the chance of DoS attacks

D. ACLs can provide port security to prevent MAC flooding attacks

E. ACLs can provide bandwidth control

F. ACLs can be used to restrict user access based on the role of the user

G. ACLs can be used to classify network traffic in order to protect other planes

What does the Cisco AnyConnect Client auto-download check on the target client system? (Choose three)

A. Java

B. Hardware

C. ActiveX

D. Platform

E. Bandwidth

Which of the following examples of security controls matches the Administrative category of security controls? (Choose two)

A. Security awareness training

B. Background checks of employees and contractors

C. Firewalls

D. Positive air flow systems

E. Fire suppression systems

Which ESA listener would need to be configured to accept mail from a POP/IMAP system?

A. Public

B. Private

C. External

D. Internal

Which of the actions are possible using Cisco Configuration Professional Express?

A. NAT, QoS, and NAC configurations

B. One-click router lockdown

C. Command line interface

D. WAN and VPN connectivity troubleshooting

A tunnel has been created and established with a branch office. You need to verify that traffic is traversing the connection. Which command will provide this information?

A. show crypto ipsec sa

B. show crypto ipsec transform-set

C. show crypto map

D. show crypto isakmp policy

Which statements describe the functions of the Security Audit feature? (Choose four)

A. Sends alerts when changes to the device's configuration would cause a security concern

B. Checks a routers running configuration against a list of predefined security configuration settings

C. Lists identified problems and provides recommendations for fixing them

D. Automatically performs a one-step lockdown after the audit is complete

E. Allows the user to choose which identified problems to fix and displays appropriate user interface for fixing them

F. Configures the router with the user's chosen security configuration

Which option is true of using cryptographic hashes?

A. They are easily reversed to decipher the message context.

B. They convert arbitrary data into a fixed-length digest.

C. They are based on a two-way mathematical function.

D. They are used for encrypting bulk data communications.

Which IDS sensor action will send an ARC response to completely block the attacker's IP address?

A. Deny attacker inline

B. Reset TCP connection

C. Request block host

D. Deny packet inline

What is the purpose of FISMA information security compliance regulation?

A. Responds to loss of public trust in publicly-traded companies after several corporate and accounting scandals

B. Provides assurance that the electronic transfer of confidential patient information is at least as safe as paper-based records

C. Increases computer and network security within the US government by requiring yearly audits

D. Enables financial organizations to acquire other companies or form alliances with each other

Which type of IPS leverages global correlation services?

A. Policy-based

B. Signature-based

C. Reputation-based

D. Anomaly-based

Which networking technology returns a message to the same direction it was received in, in order to reach the proper destination endpoint?

A. Split tunneling

B. NAT traversal

C. Always-on

D. Hairpinning

Which STP attack mitigation features causes an interface to be placed in an errdisabled state if a BPDU is received on that port?

A. Root guard

B. Loop guard

C. BPDU guard

D. BPDU filtering

Which feature can you use to place a rate limit on traffic that is handled by a Cisco device's route processor?

A. Cisco AutoSecure

B. OSPF neighbor authentication

C. CoPP

D. SNMP

Which statements about DHCP snooping are true? (Choose two)

A. The DHCP snooping database is used by root guard

B. The DHCP snooping database agent allows you to retain the DHCP snooping database bindings when the device is reloaded

C. Client devices should be connected to trusted ports, and all unused ports should be configured as untrusted ports

D. DHCP snooping is enabled by configuring Cisco AutoSecure

E. DHCP snooping can mitigate DHCP spoofing attacks

What mode will allow the Cisco ASA to act as an additional hop in the network?

A. Proxy

B. Spanned EtherChannel

C. Transparent

D. Routed

Which command could you use to determine the number TACACS+ authentication attempts that have recently timed out?

A. Router# debug aaa authentication

B. Router# debug tacacs

C. Router# show authentication sessions

D. Router# show aaa servers

Which one of the following statements describes the DoS and DDoS Attacks?

A. Hides information based on tunneling one protocol inside another

B. Hackers gain leverage using existing trust relationships

C. Attacks can be carried out using Trojan horse programs

D. Availability is compromised with DoS attacks

E. A collection of compromised machines running programs under a common command

F. Attacks focus on making a service unavailable for normal use

Which two statements describe features of the state table? (Choose two)

A. Tracks all sessions and inspects all packets passing through the firewall

B. Changes dynamically according to traffic flow

C. Receives copies of packets, processes them, and can then respond to threats

D. Provides a secure and encrypted management connection for managing network devices

Which tasks could you perform by deploying a third party MDM solution with Cisco ISE? (Choose two)

A. Require mobile devices to have pin locks configured before being allowed to access a wireless endpoint

B. Require that remote computers have up-to-date antivirus definitions before allowing VPN connections

C. Provide a self-service portal which users can use to manage their mobile device status

D. Provide web proxy services for network devices

A sensitive document was recently accessed by an unauthorized user. Specifications about a new product were changed to erroneous data. Which security principle violations have occurred in this scenario? (Choose two)

A. Authenticity

B. Availability

C. Confidentiality

D. Integrity

Which two statements accurately describe how ACLs function with Cisco ASA? (Choose two)

A. Outgoing packets are processed by an outbound ACL prior to routing being performed.

B. Incoming packets are processed by an inbound ACL prior to routing being performed.

C. ACLs are used to control which packets can be sent from the router.

D. Once an ACL statement is matched, no other entries are evaluated.

Which option correctly defines asymmetric encryption?

A. uses the same keys to encrypt and decrypt data

B. uses MD5 hashing algorithms for digital signage encryption

C. uses different keys to encrypt and decrypt data

D. uses SHA-1 hashing algorithms for digital signage encryption

Select one of the following statements that describes the password attacks.

A. Hides information based on tunneling one protocol inside another

B. Hackers gain leverage using existing trust relationships

C. Attacks can be carried out using Trojan horse programs

D. Availability is compromised with DoS attacks

E. A collection of compromised machines running programs under a common command

F. Attacks focus on making a service unavailable for normal use

You need to implement a solution that allows administrators to perform remote wipes on mobile devices. This solution must also prevent users from connecting to endpoints with jail-broken mobile devices. What should you do?

A. Integrate Cisco ISE with a Cisco ASA

B. Integrate Cisco ISE with Cisco Prime NCS

C. Integrate Cisco ISE with Active Directory

D. Integrate Cisco ISE with a MDM solution

Which of the following describes the Script kiddies as a category of individuals who attack computer systems and operations?

A. Individuals who mean no harm and do not expect financial gain

B. Individuals who generally work for financial gain

C. Individuals who pride themselves on compromising telephone systems

D. Individuals who do not write their own code

E. Individuals with a political agenda

Which 802.1X component would refer to an endpoint in an 802.1X infrastructure?

A. Backend identity database

B. Supplicant

C. Authentication server

D. Authenticator

What is the purpose of HIPAA information security compliance regulation?

A. Responds to loss of public trust in publicly-traded companies after several corporate and accounting scandals

B. Provides assurance that the electronic transfer of confidential patient information is at least as safe as paper-based records

C. Increases computer and network security within the US government by requiring yearly audits

D. Enables financial organizations to acquire other companies or form alliances with each other

What are some of the security functions that can be managed using Cisco Configuration Professional? (Choose five)

A. Device hardening

B. Firewall support

C. Antispoofing

D. IPS support

E. VPN support

F. MAC security

G. Management, monitoring, and troubleshooting

Which assessment should be performed first to determine an organization's ability to defend and respond to network attacks?

A. Wireless

B. Internal

C. Security Posture

D. External

What are requirements when integrating Cisco ISE and Active Directory? (Choose two)

A. Create identity rewrite rules

B. Configure authentication domains

C. Configure NTP to synchronize between Cisco ISE and Active Directory

D. Cisco ISE must be able to access a global catalog server

E. Create a scope through Cisco ISE

What are the steps associated with the Containment, eradication, and recovery incident response phase? (Choose three)

A. Define the tools to identify the attacker and the time required to use them

B. Define methods for collecting and using data

C. Identify the steps to eradicate or mitigate the threat and vulnerabilities

D. Document the symptoms of the attack

E. Define the steps to recover operating systems, hardware components, and productive time

F. Define the options for pursuing an attacker

There is currently an issue with some clients establishing an AnyConnect SSL VPN. The affected users differ from time to time. What could help explain this problem?

A. Certify the proper VPN protocol is selected

B. Determine the Internet browser version

C. Check the configured authentication type

D. Verify the address pool

Attacks may take a variety of forms. Which of the following describes the Enumeration and fingerprinting as a threat category?

A. Uses ping sweeps and port scans to identify all services on a network

B. Occurs when an attacker uses a fake device address

C. Attacks spread without human intervention

D. Attacks are typically carried out by instant message or E-mail

E. Hackers attempt to gain access to network packets

F. Occurs when an attacker can read or change sensitive data

Which of the following describes the function of Cisco IPS?

A. Includes a firewall and real-time threat defense capability

B. Uses hardware- and software-integrated security functions to provide a zone-based policy firewall and intrusion prevention

C. Uses sensors to accomplish intrusion prevention

D. Provides an on-premise solution to prevent data loss

E. Analyzes web requests to determine if the content is malicious or inappropriate based on the defined security policy

Which options are security services provided by digital signatures? (Choose three)

A. Authenticity of transmitted data

B. Authentication of end points

C. Nonrepudiation of the transaction

D. Confidentiality of transmitted data

E. Integrity of transmitted data

Which of the following methods describes Network mapping attack?

A. ARP spoofing

B. DHCP spoofing

C. STP attack

D. CAM table overflow

E. CDP reconnaissance

During which attack phase would an attacker use a provision such as registry edits to keep the malware on the system?

A. Paralyze

B. Persist

C. Propagate

D. Probe

A client needs to telecommute from home to the office, and requires a VPN connection. Only work related traffic should traverse the tunnel, Internet traffic should not. Which technology would allow for this operation?

A. Always-on

B. Hairpinning

C. NAT traversal

D. Split tunneling

Which of the following describes the function of Cisco ISR?

A. Includes a firewall and real-time threat defense capability

B. Uses hardware- and software-integrated security functions to provide a zone-based policy firewall and intrusion prevention

C. Uses sensors to accomplish intrusion prevention

D. Provides an on-premise solution to prevent data loss

E. Analyzes web requests to determine if the content is malicious or inappropriate based on the defined security policy

A client on your network is seeking advice from you in regards to the type of host-based security for their home network. They state that they have three devices, which share an Internet connection through a single home server. The home server is directly connected to the ISP router. Their main concern is primarily on traffic going through the home server to and from the other three devices. What should you recommend that would require the least amount of administrative overhead and associated set up cost?

A. Proxy firewall

B. Dynamic NAT

C. Personal firewall

D. Static NAT

Which sensor action will cause an IPS to block the IP address of an attacker for a specified period?

A. Request block connection

B. Deny connection inline

C. Request block host

D. Deny attacker inline

Which of the following actions belong to the Disposition phase of the secure network life cycle? (Choose two)

A. Security categorization

B. Preliminary risk assessment

C. Configuration management and control

D. Continuous monitoring

E. Information preservation

F. Media sanitization

Select the statements that represent threats to network infrastructure. (Choose four)

A. Trust exploitation attacks

B. Spoofing

C. Route flaps and major network transitions

D. Exposed management credentials

E. Denial-of-service attacks

F. Login, authentication, and password attacks

Suppose you want to change the minimum password length using the CLI from Cisco Configuration Professional. What should you do first?

A. Navigate to the Security Audit Wizard

B. Navigate to the Configuration Editor option in the Utilities panel

C. Use the Manage Community dialog box

Which statement is true when using zone-based firewalls on a Cisco router?

A. Policies are applied to traffic moving between zones, not between interfaces.

B. The firewalls can be configured simultaneously on the same interface as classic CBAC using the ip inspect CLI command.

C. Interface ACLs are applied before zone-based policy firewalls when they are applied outbound.

D. When configured with the “PASS” action, stateful inspection is applied to all traffic passing between the configured zones.

Select one of the following statements that describes the trust exploitation threats.

A. Hides information based on tunneling one protocol inside another

B. Hackers gain leverage using existing trust relationships

C. Attacks can be carried out using Trojan horse programs

D. Availability is compromised with DoS attacks

E. A collection of compromised machines running programs under a common command

F. Attacks focus on making a service unavailable for normal use

Which of the following describes the function of Cisco IronPort?

A. Includes a firewall and real-time threat defense capability

B. Uses hardware- and software-integrated security functions to provide a zone-based policy firewall and intrusion prevention

C. Uses sensors to accomplish intrusion prevention

D. Provides an on-premise solution to prevent data loss

E. Analyzes web requests to determine if the content is malicious or inappropriate based on the defined security policy

Which threats are the most serious?

A. inside threats

B. outside threats

C. unknown threats

D. reconnaissance threats

Attacks may take a variety of forms. Which of the following describes the Spoofing as a threat category?

A. Uses ping sweeps and port scans to identify all services on a network

B. Occurs when an attacker uses a fake device address

C. Attacks spread without human intervention

D. Attacks are typically carried out by instant message or E-mail

E. Hackers attempt to gain access to network packets

F. Occurs when an attacker can read or change sensitive data

A private contractor for the military is archiving medical records. Which classification level should be applied to these?

A. Secret

B. Unclassified

C. Top Secret

D. Sensitive

What can be used to offload the processing of encrypted data? (Choose two)

A. AIM

B. Cisco PIX VPN Accelerator Card+ (VAC+)

C. AnyConnect

D. Cisco VPN 3002 Hardware Client

Which statement about IPS deployments is true?

A. IPS deployments operate in promiscuous mode

B. IPS deployments generally utilize SPAN ports

C. IPS deployments are generally placed in front of a perimeter firewall

D. IPS deployments operate in inline mode

Which of the following methods describes Man-in-the-middle attack? (Choose two)

A. ARP spoofing

B. DHCP spoofing

C. STP attack

D. CAM table overflow

E. CDP reconnaissance

A company opens a new mid-sized branch office. Which Cisco ESA models would ideally be deployed to this office? (Choose three)

A. C670

B. X1070

C. C170

D. C380

E. C370

F. C680

Cisco test CCNA 210-260

While calculating your results take a moment to complete our simple survey!

How likely is it that you would recommend LearnCisco.net
to a friend or colleague?

Why?

Cisco test CCNA 210-260

While calculating your results take a moment to complete our simple survey!

How likely is it that you would recommend LearnCisco.net to a friend or colleague?

Why?

How likely is it that you would recommend LearnCisco.net
to a friend or colleague?