Implementing Cisco Network Security 試験
Question No : 1
How can you protect CDP from reconnaissance attacks?
Question No : 2
Drag the hash or algorithm from the left column to its appropriate category on the right.
Question No : 3
Which two characteristics of symmetric encryption are true? (Choose two)
Question No : 4
How does a zone paid handle traffic if the policy definition of the zone pair is missing?
Question No : 5
Which two options are the primary deployment models for mobile device management? (Choose two)
Question No : 6
By default, how does a zone-based firewall handle traffic to and from the self zone?
Question No : 7
Which two characteristics of a PVLAN are true?
Question No : 8
Which IPS mode is less secure than other options but allows optimal network throughput?
The recommended IPS deployment mode depends on the goals and policies of the enterprise. IPS inline mode is more secure because of its ability to stop malicious traffic in real-time, however it may impact traffic throughput if not properly designed or sized. Conversely, IPS promiscuous mode has less impact on traffic throughput but is less secure because there may be a delay in reacting to the malicious traffic.
Question No : 9
What is the highest security level that can be configured for an interface on an ASA?
Explanation:Security level 100: This is the highest security level on our ASA and by default this is assigned to the “inside” interface. Normally we use this for our “LAN”. Since this is the highest security level, by default it can reach all the other interfaces.
Question No : 10
Which type of firewall can serve as the intermediary between a client and a server?
Question No : 11
Which command should be used to enable AAA authentication to determine if a user can access the privilege command level?
Question No : 12
Which two primary security concerns can you mitigate with a BYOD solution? (Choose two)
Question No : 13
Referencing the CIA model, in which scenario is a hash-only function most appropriate?
Question No : 14
Which type of social-engineering attacks uses normal telephone service as the attack vector?
Question No : 15
Refer to the exhibit.
For which reason is the tunnel unable to pass traffic?