CCNA Security Practice Test

Which technologies can perform RADIUS and TACACS+ authentication? (Choose two)

A. ISE

B. ASDM

C. ACS

D. ASA

Which statements about IPS and IDS deployments are true? (Choose two)

A. To prevent network disruption in the event of an IPS failure, configure fail-close for the IPS

B. IDS deployments are generally placed in front of a perimeter firewall.

C. IPS deployments are generally placed in front of a perimeter firewall

D. IPS deployments are generally placed behind a perimeter firewall.

You have noticed several workstations have been configured with an incorrect default gateway. Which type of attack is likely occurring?

A. STP attack

B. CAM table overflow attack

C. Switch spoofing

D. DHCP spoofing

RADIUS and TACACS+ are both commonly used to control network access. Which of the following describes the function of TACACS+? (Choose three)

A. Uses UDP

B. Uses TCP

C. Only encrypts the password for access-request packets

D. Encrypts the entire body of access-request packets

E. Cannot be used to prevent users from performing specific commands on a router

F. Can be used to specify which commands users can perform on a router

Which feature can you use to place a rate limit on traffic that is handled by a Cisco device's route processor?

A. Cisco AutoSecure

B. OSPF neighbor authentication

C. CoPP

D. SNMP

Which command is used to display established IPsec tunnels?

A. show crypto ipsec sa

B. show crypto ipsec transform-set

C. show crypto ipsec

Which of the following control plane security features extends policing functionality by allowing finer policing granularity?

A. Control Plane Policing – CoPP

B. Control Plane Protection – CPP

C. Control Plane Logging

You have noticed that an access switch is forwarding traffic out of all interfaces. Which type of attack is likely occurring?

A. STP attack

B. DHCP spoofing

C. VLAN hopping

D. CAM table overflow attack

Your organization has integrated Cisco ISE with an Active Directory domain. This domain is part of a multi-domain Active Directory forest. You need to ensure that only the integrated domain can authenticate to the ISE server. What should you do?

A. Remove the two-way transitive trusts for the domain that is integrated with ISE

B. Define a new scope

C. Configure authentication domains through ISE

D. Define a new join point

Which statement about private VLANs is true?

A. Isolated ports can only communicate with other isolated ports in the same VLAN

B. Community ports can communicate with other community ports on another switch in the same community VLAN

C. Community VLANs can communicate with other community VLANs as long as they are part of the same primary VLAN

D. Promiscuous ports can communicate with all other ports except isolated ports

Which recommendations follow defense-in-depth principles? (Choose two)

A. Defend in one place

B. Build one layer of defense

C. Employ robust key management

D. Deploy IPS

Select the statements that define the unique components of Cisco Configuration Professional used for security policy deployment. (Choose three)

A. Cisco AutoSecure configures security-related features of the router based on a set of Cisco defaults

B. Communities can be used to group devices based on shared components

C. Templates parameterize configuration files to apply same configuration to multiple devices

D. User profiles are GUI views that allow RBAC

E. Cisco NFP can be used to provide infrastructure protection

Which type of IPS leverages global correlation services?

A. Policy-based

B. Signature-based

C. Reputation-based

D. Anomaly-based

Attacks may take a variety of forms. Which of the following describes the Man-in-the-middle attack?

A. Uses ping sweeps and port scans to identify all services on a network

B. Occurs when an attacker uses a fake device address

C. Attacks spread without human intervention

D. Attacks are typically carried out by instant message or E-mail

E. Hackers attempt to gain access to network packets

F. Occurs when an attacker can read or change sensitive data

Select one of the following statements that describes the availability violations threats.

A. Hides information based on tunneling one protocol inside another

B. Hackers gain leverage using existing trust relationships

C. Attacks can be carried out using Trojan horse programs

D. Availability is compromised with DoS attacks

E. A collection of compromised machines running programs under a common command

F. Attacks focus on making a service unavailable for normal use

Which hash algorithm uses complex sequence of relatively simple binary operations?

A. MD5

B. SHA-1

C. SHA-2

D. RC5

Which of the following actions belong to the Operations and maintenance phase of the secure network life cycle? (Choose two)

A. Security categorization

B. Preliminary risk assessment

C. Configuration management and control

D. Continuous monitoring

E. Information preservation

F. Media sanitization

Which of the following describes the Hacktivists as a category of individuals who attack computer systems and operations?

A. Individuals who mean no harm and do not expect financial gain

B. Individuals who generally work for financial gain

C. Individuals who pride themselves on compromising telephone systems

D. Individuals who do not write their own code

E. Individuals with a political agenda

During which attack phase would an attacker use e-mail to extend the attack to multiple targets?

A. Probe

B. Paralyze

C. Persist

D. Propagate

How is called the point in time, prior to a disruption or system outage, to which business process data can be recovered?

A. Recovery Point Objective

B. Recovery Time Objective

C. Maximum Tolerable Downtime

Which of the following are Symmetric encryption algorithms? (Choose three)

A. 3DES

B. IDEA

C. SHA-2

D. AES

E. RSA

F. ECDSA

Which networking technology returns a message to the same direction it was received in, in order to reach the proper destination endpoint?

A. Split tunneling

B. NAT traversal

C. Always-on

D. Hairpinning

Which two statements accurately describe how ACLs function with Cisco ASA? (Choose two)

A. Outgoing packets are processed by an outbound ACL prior to routing being performed.

B. Incoming packets are processed by an inbound ACL prior to routing being performed.

C. ACLs are used to control which packets can be sent from the router.

D. Once an ACL statement is matched, no other entries are evaluated.

What are some of the security functions that can be managed using Cisco Configuration Professional? (Choose five)

A. Device hardening

B. Firewall support

C. Antispoofing

D. IPS support

E. VPN support

F. MAC security

G. Management, monitoring, and troubleshooting

You are reviewing syslog messages from multiple routers in your network. You have noticed irregularities with multiple syslog message timestamps for each router. Which technology can you configure to resolve this?

A. ASDM

B. SNMP

C. NTP

D. RADIUS

You need to implement a solution that allows administrators to perform remote wipes on mobile devices. This solution must also prevent users from connecting to endpoints with jail-broken mobile devices. What should you do?

A. Integrate Cisco ISE with a Cisco ASA

B. Integrate Cisco ISE with Cisco Prime NCS

C. Integrate Cisco ISE with Active Directory

D. Integrate Cisco ISE with a MDM solution

Which of the following describes the Script kiddies as a category of individuals who attack computer systems and operations?

A. Individuals who mean no harm and do not expect financial gain

B. Individuals who generally work for financial gain

C. Individuals who pride themselves on compromising telephone systems

D. Individuals who do not write their own code

E. Individuals with a political agenda

Enter the command that will prevent a user from logging in for three minutes, if more than three incorrect logins are attempted in the span of 60 seconds.

A. login block-for 3 attempts 3 within 1

B. login block-for 60 attempts 3 within 180

C. login block-for 180 attempts 3 within 60

Which statements describe in-band management? (Choose two)

A. Management data traffic and production traffic are on the same path

B. This model is generally best suited for large-scale enterprise networks

C. Management data traffic and production traffic are on separate paths

D. IPsec tunnels or encryption should be utilized whenever possible

Which type of attack is most likely to be used in a man-in-the-middle attack?

A. ARP spoofing

B. CDP reconnaissance

C. VLAN hopping

D. STP attack

Which of the following actions belong to the Initiation phase of the secure network life cycle? (Choose two)

A. Security categorization

B. Preliminary risk assessment

C. Configuration management and control

D. Continuous monitoring

E. Information preservation

F. Media sanitization

Which of the actions are possible using Cisco Configuration Professional Express?

A. NAT, QoS, and NAC configurations

B. One-click router lockdown

C. Command line interface

D. WAN and VPN connectivity troubleshooting

Which statements about DHCP snooping are true? (Choose two)

A. The DHCP snooping database is used by root guard

B. The DHCP snooping database agent allows you to retain the DHCP snooping database bindings when the device is reloaded

C. Client devices should be connected to trusted ports, and all unused ports should be configured as untrusted ports

D. DHCP snooping is enabled by configuring Cisco AutoSecure

E. DHCP snooping can mitigate DHCP spoofing attacks

Which tasks could you perform by deploying a third party MDM solution with Cisco ISE? (Choose two)

A. Require mobile devices to have pin locks configured before being allowed to access a wireless endpoint

B. Require that remote computers have up-to-date antivirus definitions before allowing VPN connections

C. Provide a self-service portal which users can use to manage their mobile device status

D. Provide web proxy services for network devices

Which of the following control plane security features provides a necessary mechanism for deploying, monitoring, and troubleshooting CPP efficiently?

A. Control Plane Policing – CoPP

B. Control Plane Protection – CPP

C. Control Plane Logging

What are requirements when integrating Cisco ISE and Active Directory? (Choose two)

A. Create identity rewrite rules

B. Configure authentication domains

C. Configure NTP to synchronize between Cisco ISE and Active Directory

D. Cisco ISE must be able to access a global catalog server

E. Create a scope through Cisco ISE

A client e-mails their broker telling them to invest $100,000 in a new startup company. The company performs poorly and the client loses the bulk of the money. They take the broker to court, stating they did not issue the purchase order. What could the broker have done to protect themselves?

A. Make use of digital signatures

B. Only accept purchase orders in person

C. Encrypt any emails sent and received

D. Create a blacklist of startup domains

What are the appropriate actions during a Preparation incident response phase? (Choose three)

A. Prepare the facilities and communication mechanisms

B. Define the incident analysis hardware and software

C. Define the prevention procedures

D. Define a threat vector classification scheme

E. Analyze and implement tools for log and event correlation

F. Provide notification of incidents

Which sensor action will cause an IPS to block the IP address of an attacker for a specified period?

A. Request block connection

B. Deny connection inline

C. Request block host

D. Deny attacker inline

Which risk rating attribute allows you to rate how critical network components are in your infrastructure?

A. ARR

B. ASR

C. SFR

D. TVR

Threats to network security have become more sophisticated over the years. Identify the next generation threats facing organizations today. (Choose four)

A. Cognitive threats via social networks

B. PDA and consumer electronics exploits

C. Widespread website compromises

D. Disruption of critical infrastructure

E. Massive worm drives

F. Macro viruses

Which IDS sensor action will send an ARC response to completely block the attacker's IP address?

A. Deny attacker inline

B. Reset TCP connection

C. Request block host

D. Deny packet inline

An administrator has incorrectly entered their password to gain access to privilege exec mode on a router. This generates an IDS alarm. What is this an example of?

A. True negative

B. False positive

C. True positive

D. False negative

Which of the following describes the Phreakers as a category of individuals who attack computer systems and operations?

A. Individuals who mean no harm and do not expect financial gain

B. Individuals who generally work for financial gain

C. Individuals who pride themselves on compromising telephone systems

D. Individuals who do not write their own code

E. Individuals with a political agenda

What is the first step you should take when considering securing your network?

A. Install a firewall.

B. Install an intrusion prevention system.

C. Update servers and user PCs with the latest patches.

D. Develop a security policy.

Cisco SecureX is an access control strategy that allows for more effective, higher-level policy creation and enforcement for mobile users. Which of the following describes the Cisco AnyConnect Client component?

A. Allows enforcement elements to use identity and location information to define access policy

B. Provides a consistent user interface and consolidates traditional function-specific client software products into one product

C. Extends the access control functionality end-to-end, using security group tags

D. Offers a web-based global network of shared resources, software, and information provided to Cisco customers on demand

Recently a bookmark was created but was misconfigured. The bookmark should allow access to a shared folder located on the Intranet. Which protocol would need to be configured to allow this type of connection?

A. RDP

B. SSH

C. FTP

D. CIFS

E. HTTPS

You are planning a security policy for your network. Using the least amount of administrative effort, what should be included to help limit traffic from inside the network to outside of it?

A. Configure an ACL

B. Implement AAA

C. Implement HTTP filtering

D. Apply static NAT

During which attack phase would an attacker use a provision such as registry edits to keep the malware on the system?

A. Paralyze

B. Persist

C. Propagate

D. Probe

Which failover configuration is only available on units that are running in multiple context mode when implementing high availability on the ASA?

A. Active/Active

B. Active/Standby

C. Cisco ASA AIP-SSM

D. Cisco Secure ACS

Which Cisco Borderless Networks Security Architecture specifically protects end devices from malware?

A. Borderless end zone

B. Borderless data center

C. Policy management layer

D. Borderless Internet

Which of the following describes the External assessment?

A. Provides a snapshot of the security state of the network

B. Identifies the steps that are needed to thwart intentional attacks or unintentional mistakes from trusted insiders

C. Quantifies the security risk that is associated with Internet-connected systems

D. Identifies any network traffic leakage from outside the customer's buildings

E. Uses metrics and graphs

Which security features rely on DHCP snooping? (Choose two)

A. Loop guard

B. DAI

C. IP source guard

D. CoPP

Which three options are areas of router security? (Choose three)

A. physical security

B. access control list security

C. zone-based firewall security

D. operating system security

E. router hardening

F. Cisco IOS-IPS security

Which technology requires that SSH and AAA are configured before it can work?

A. TLS

B. SCP

C. TFTP

D. NTP

Cisco test CCNA 210-260

While calculating your results take a moment to complete our simple survey!

How likely is it that you would recommend LearnCisco.net
to a friend or colleague?

Why?

Cisco test CCNA 210-260

While calculating your results take a moment to complete our simple survey!

How likely is it that you would recommend LearnCisco.net to a friend or colleague?

Why?

How likely is it that you would recommend LearnCisco.net
to a friend or colleague?