NVS202
Which cybersecurity goals are achieved by encryption.
Välj ett alternativ:
Confidentiality and integrity
Which AAA protocol does separate authentication and authorization?
Välj ett alternativ
TACACS
When configuring role-based CLI on a Cisco router, which step is performed first?
Välj ett alternativ:
Create a root local user in the local database
Based on the router output, what does the number 5 indicate?
cnap#show run | include username
username cisco privilege 15 secret 5 $1$ZhMg$a9SUt.WEkrhEpFD28CVbH.
Välj ett alternativ:
It is hashed using MD
Which type of firewall technology is considered the versatile and commonly used firewall
technology?
Välj ett alternativ:
Stateful packet filter firewall
What does the secure boot-config global configuration accomplish?
Välj ett alternativ:
Takes a snapshot of the router running configuration and securely archives it in persistent storage
Which two ports are used with RADIUS authentication and accounting? (Choose two)
Välj ett eller flera alternativ:
UDP port 1812
UDP port 1813
As per standard in Firewalls, packet inspection is done from Top to bottom of the rules. There is
an Implicit deny rule to deny all traffic which is not explicitly allowed by above rules, which of
these(this) is/ is the correct statement:
Välj ett alternativ:
This is a hidden rule and always available as a last rule to deny all traffic not allowed by above specific rules.
Cisco IDS and IPS sensors can use four different types of signature triggers, choose the four
right ones
Välj ett eller flera alternativ:
Pattern-based detection (also called signature-based
Policy-based detection
Anomaly-based detection
Exploit-based detection
What is a characteristic of asymmetric encryption?
Välj ett alternativ:
Does not use the same keys to encrypt and decrypt
Which port-security violation puts the interface into a error-disable state and sends a SNMP trap
notification?
Välj ett alternativ:
Shutdown
The Cisco switch root guard feature provides a way to enforce the placement of root bridges in
the network. Root guard limits the switch port out of which the root bride can be negotiated. In to
which mode is the port moved when a violation occur?
Välj ett alternativ:
Root-inconsistent state
Which two functions are required for IPsec operation?
Välj ett eller flera alternativ:
using IKE to negotiate the SA
Using Diffie-Hellman to establish a shared-secret key
Which two changes must you make to the given IOS site-to-site VPN configuration to enable the
routers to form a connection? (choose two)
Välj ett eller flera alternativ:
Configure the tunnel modes on the two routers to match
Configure the access list on Router B to mirror Router A
Which method is of gaining access to a system that bypasses normal security measures?
Välj ett alternativ:
Creating a back door
What are the source and destination addresses used for an encrypted IPsec packet in tunnel
mode?
Välj ett alternativ:
Sending and receiving VPN gateways
A network technician has been asked to design a virtual private network between two branch
routers. Which type of cryptographic key should be used in this scenario?
Choose one of the options:
Symmetric key
Which spanning-tree enhancement prevents the spanning-tree topology from changing by
blocking a port that receives a superior BPDU?
Choose one of the options:
Root guard
What is a difference between ASA IPv4 ACLs and IOS IPv4 ACLs?
Välj ett alternativ:
ASA ACLs are always named, whereas IOS ACLs can be named or numbered
What information must an IPS track in order to detect attacks matching a composite signature?
Choose one of the options:
The state of packets related to the attack
What are two reasons for a company to migrate from a classic firewall to the ZPF model?
(Choose two.)
Choose two of the options:
The classic firewall relies heavily on ACLs.
The classic firewall will perform the same inspection on all traffic that goes through a specific interface.
What is an advantage of using SSL VPNs compared to IPsec VPN?
Choose one of the options:
SSL VPNs do not require any pre-installed client software.
What are the source and destination addresses used for an encrypted IPsec packet in tunnel
mode?
Välj ett alternativ:
Sending and receiving VPN gateways
Which port-security violation puts the interface into a error-disable state and sends a SNMP trap
notification?
Välj ett alternativ:
Shutdown
What is a characteristic of asymmetric encryption?
Välj ett alternativ:
Does not use the same keys to encrypt and decrypt
Cisco IDS and IPS sensors can use four different types of signature triggers, choose the four
right ones
Välj ett eller flera alternativ:
Pattern-based detection
Policy-based detection
Anomaly-based detection
Exploit-based detection
As per standard in Firewalls, packet inspection is done from Top to bottom of the rules. There is
an Implicit deny rule to deny all traffic which is not explicitly allowed by above rules, which of
these(this) is/ is the correct statement:
Välj ett alternativ:
This is a hidden rule and always available as a last rule to deny all traffic not allowed by above specific
A network technician has been asked to design a virtual private network between two branch
routers. Which type of cryptographic key should be used in this scenario?
Choose one of the options:
Symmetric key