|
I want to appear 28th July, Please upload latest dumps. I will appreciated very much.. Advance thanks...
|
New dumps from ITCertKeys.com thanks for everyone
|
Question 1.
Which two statements correctly describe configuring active/active failover? (Choose two.)
A. You must assign contexts to failover groups from the admin context.
B. Both units must be in multiple mode.
C. You must configure two failover groups: group 1 and group 2.
D. You must use a crossover cable to connect the failover links on the two failover peers.
Answer: B, C
Question 2.
Observe the following exhibit carefully. When TCP connections are tunneled over another TCP connection and latency exists between the two endpoints, each TCP session would trigger a retransmission, which can quickly spiral out of control when the latency issues persist. This issue is often called TCP-over-TCP meltdown.
According to the presented Cisco ASDM configuration, which Cisco ASA security appliance configuration will most likely solve this problem?
A. Compression
B. MTU size of 500
C. Keepalive Messages
D. Datagram TLS
Answer: D
Question 3.
The IT department of your company must perform a custom-built TCP application within the clientless SSL VPN portal configured on your Cisco ASA security appliance. The application should be run by users who have either guest or normal user mode privileges.
In order to allow this application to run, how to configure the clientless SSL VPN portal?
A. configure a smart tunnel for the application
B. configure a bookmark for the application
C. configure the plug-in that best fits the application
D. configure port forwarding for the application
Answer: A
Question 4.
According to the following exhibit. When a host on the inside network attempted an HTTP connection to a host at IP address 172.26.10.100, which address pool will be used by the Cisco ASA security appliance for the NAT?
A. 192.168.8.101 - 192.168.8.105
B. 192.168.8.20 - 192.168.8.100
C. 192.168.8.106 - 192.168.8.110
D. 192.168.8.20 - 192.168.8.110
Answer: B
Question 5.
Study the following exhibit carefully. You are asked to configure the Cisco ASA security appliance with a connection profile and group policy for full network access SSL VPNs. During a test of the configuration using the Cisco AnyConnect VPN Client, the connection times out. In the process of troubleshooting, you determine to make configuration changes.
According to the provided Cisco ASDM configuration, which configuration change will you begin with?
A. Require a client certificate on the interface.
B. Enable an SSL VPN client type on the interface.
C. Enable DTLS on the interface.
D. Enable a different access port that doesn't conflict with Cisco ASDM.
Answer: B
Question 6.
You are the network security administrator for the ITCERTKEYS company. You create an FTP inspection policy including the strict option, and it is applied to the outside interface of the corporate adaptive security appliance. How to handle FTP on the security appliance after this policy is applied? (Choose three.)
A. FTP inspection is applied to traffic entering the inside interface.
B. Strict FTP inspection is applied to traffic entering the outside interface.
C. FTP inspection is applied to traffic exiting the inside interface.
D. Strict FTP inspection is applied to traffic exiting the outside interface.
Answer: A, B, D
Question 7.
Which three statements correctly describe protocol inspection on the Cisco ASA adaptive security appliance? (Choose three.)
A. The protocol inspection feature of the security appliance securely opens and closes negotiated
ports and IP addresses for legitimate client-server connections through the security appliance.
B. For the security appliance to inspect packets for signs of malicious application misuse, you
must enable advanced (application layer) protocol inspection.
C. If inspection for a protocol is not enabled, traffic for that protocol may be blocked.
D. If you want to enable inspection globally for a protocol that is not inspected by default or if you
want to globally disable inspection for a protocol, you can edit the default global policy.
Answer: A, C, D
Question 8.
An SSL VPN (Secure Sockets Layer virtual private network) is a form of VPN that can be used with a standard Web browser. After configuring port forwarding for a clientless SSL VPN connection, if port forwarding is to work, which end user privilege level is required at the endpoint?
A. system level
B. guest level
C. user level
D. administrator level
Answer: D
Question 9.
Which two methods can be used to decrease the amount of time it takes for an active Cisco ASA adaptive security appliance to fail over to its standby failover peer in an active/active failover configuration? (Choose two.)
A. decrease the interface failover poll time
B. decrease the unit failover poll time
C. use the special serial failover cable to connect the security appliances
D. use single mode
Answer: A, B
Question 10.
Multimedia applications transmit requests on TCP, get responses on UDP or TCP, use dynamic ports, and use the same port for source and destination, so they can pose challenges to a firewall. Which three items are true about how the Cisco ASA adaptive security appliance handles multimedia applications? (Choose three.)
A. It dynamically opens and closes UDP ports for secure multimedia connections, so you do not
need to open a large range of ports.
B. It supports SIP with NAT but not with PAT.
C. It supports multimedia with or without NAT.
D. It supports RTSP, H.323, Skinny, and CTIQBE.
Answer: A, C, D
|
Question 1.
Tom works as a network administrator. The primary adaptive security appliance in an active/standby failover configuration failed, so the secondary adaptive security appliance was automatically activated. Tom then fixed the problem. Now he would like to restore the primary to active status.
Which one of the following commands can reactivate the primary adaptive security appliance and restore it to active status while issued on the primary adaptive security appliance?
A. failover reset
B. failover primary active
C. failover active
D. failover exec standby
Answer: C
Question 2.
For the following commands, which one enables the DHCP server on the DMZ interface of the Cisco ASA with an address pool of 10.0.1.100-10.0.1.108 and a DNS server of 192.168.1.2?
A. dhcpd address 10.0.1.100-10.0.1.108 DMZ dhcpd dns 192.168.1.2 dhcpd enable DMZ
B. dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns server 192.168.1.2 dhcpd enable DMZ
C. dhcpd range 10.0.1.100-10.0.1.108 DMZ dhcpd dns server 192.168.1.2 dhcpd DMZ
D. dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns 192.168.1.2 dhcpd enable
Answer: A
Question 3.
Look at the following exhibit carefully, which one of the four diagrams displays a correctly configured network for a transparent firewall?
A. 1
B. 2
C. 3
D. 4
Answer: D
Question 4.
What is the effect of the per-user-override option when applied to the access-group command syntax?
A. The log option in the per-user access list overrides existing interface log options.
B. It allows for extended authentication on a per-user basis.
C. Hallows downloadable user access lists to override the access list applied to the interfacE.
D. It increases security by building upon the existing access list applied to the interfacE. All
subsequent users are also subject to the additional access list entries.
Answer: C
Question 5.
John works as a network administrator.
According to the exhibit, the only traffic that John would like to allow through the corporate Cisco ASA adaptive security appliance is inbound HTTP to the DMZ network and all traffic from the inside network to the outside network. John also has configured the Cisco ASA adaptive security appliance, and access through it is now working as expected with one exception: contractors working on the DMZ servers have been surfing the Internet from the DMZ servers, which (unlike other Company XYZ hosts) are using public, routable IP addresses. Neither NAT statements nor access lists have been configured for the DMZ interface.
What is the reason that the contractors are able to surf the Internet from the DMZ servers? (Note: The 192.168.X.XIP addresses are used to represent routable public IP addresses even though the 192.168.1.0 network is not actually a public routable network.)
A. An access list on the outside interface permits this traffic.
B. NAT control is not enabled.
C. The DMZ servers are using the same global pool of addresses that is being used by the inside
hosts.
D. HTTP inspection is not enabled.
Answer: B
Question 6.
In order to recover the Cisco ASA password, which operation mode should you enter?
A. configure
B. unprivileged
C. privileged
D. monitor
Answer: D
Question 7.
Which three statements correctly describe protocol inspection on the Cisco ASA adaptive security appliance? (Choose three.)
A. For the security appliance to inspect packets for signs of malicious application misuse, you
must enable advanced (application layer) protocol inspection.
B. if you want to enable inspection globally for a protocol that is not inspected by default or if you
want to globally disable inspection for a protocol, you can edit the default global policy.
C. The protocol inspection feature of the security appliance securely opens and closes negotiated
ports and IP addresses for legitimate client-server connections through the security appliance.
D. if inspection for a protocol is not enabled, traffic for that protocol may be blocked.
Answer: B, C, D
Question 8.
Observe the following commands, which one verifies that NAT is working normally and displays active NAT translations?
A. showip nat all
B. show running-configuration nat
C. showxlate
D. show nat translation
Answer: C
Question 9.
Multimedia applications transmit requests on TCP, get responses on UDP or TCP, use dynamic ports, and use the same port for source and destination, so they can pose challenges to a firewall.
Which three items are true about how the Cisco ASA adaptive security appliance handles multimedia applications? (Choose threE.)
A. it dynamically opens and closes UDP ports for secure multimedia connections, so you do not need to open a large range of ports.
B. It supports SIP with NAT but not with PAT.
C. it supports multimedia with or without NAT.
D. It supports RTSP, H.323, Skinny, and CTIQBE.
Answer: A, C, D
Question 10.
What is the result if the WebVPN url-entry parameter is disabled?
A. The end user is unable to access pre-defined URLs.
B. The end user is unable to access any CIFS shares or URLs.
C. The end user is able to access CIFS shares but not URLs.
D. The end user is able to access pre-defined URLs.
Answer: D
|
Question 1.
The Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS) is an appliance-based, all-inclusive solution that provides unmatched insight and control of your existing security deployment.
Which three items are correct with regard to Cisco Security MARS rules? (Choose three.)
A. There are three types of rules.
B. Rules can be deleted.
C. Rules can be created using a query.
D. Rules trigger incidents.
Answer: A, C, D
Question 2.
Which three benefits are of deploying Cisco Security MARS appliances by use of the global and local controller architecture? (Choose three.)
A. A global controller can provide a summary of all local controllers information (network
topologies, incidents, queries, and reports results).
B. A global controller can provide a central point for creating rules and queries, which are applied
simultaneously to multiple local controllers.
C. A global controller can correlate events from multiple local controllers to perform global
sessionizations.
D. Users can seamlessly navigate to any local controller from the global controller GUI.
Answer: A, B, D
Question 3.
Which item is the best practice to follow while restoring archived data to a Cisco Security MARS appliance?
A. Use Secure FTP to protect the data transfer.
B. Use "mode 5" restore from the Cisco Security MARS CLI to provide enhanced security During
the data transfer.
C. Choose Admin > System Maintenance > Data Archiving on the Cisco Security MARS GUI to
perform the restore operations on line.
D. To avoid problems, restore only to an identical or higher-end Cisco Security MARS appliance.
Answer: D
Question 4.
A Cisco Security MARS appliance can't access certain devices through the default gateway. Troubleshooting has determined that this is a Cisco Security MARS configuration issue.
Which additional Cisco Security MARS configuration will be required to correct this issue?
A. Use the Cisco Security MARS GUI to configure multiple default gateways
B. Use the Cisco Security MARS GUI or CLI to configure multiple default gateways
C. Use the Cisco Security MARS GUI or CLI to enable a dynamic routing protocol
D. Use the Cisco Security MARS CLI to add a static route
Answer: D
Question 5.
Which two options are for handling false-positive events reported by the Cisco Security MARS appliance? (Choose two.)
A. mitigate at Layer 2
B. archive to NFS only
C. drop
D. log to the database only
Answer: C, D
Question 6.
What is the reporting IP address of the device while adding a device to the Cisco Security MARS appliance?
A. The source IP address that sends syslog information to the Cisco Security MARS appliance
B. The pre-NAT IP address of the device
C. The IP address that Cisco Security MARS uses to access the device via SNMP
D. The IP address that Cisco Security MARS uses to access the device via Telnet or SSH
Answer: A
Question 7.
Which statement best describes the case management feature of Cisco Security MARS?
A. It is used to conjunction with the Cisco Security MARS incident escalation feature for incident
reporting
B. It is used to capture, combine and preserve user-selected Cisco Security MARS data within a
specialized report
C. It is used to automatically collect and save information on incidents, sessions, queries and
reports dynamically without user interventions
D. It is used to very quickly evaluate the state of the network
Answer: B
Question 8.
Which two configuration tasks are needed on the Cisco Security MARS for it to receive syslog messages relayed from a syslog relay server? (Choose two.)
A. Define the syslog relay collector.
B. Add the syslog relay server application to Cisco Security MARS as Generic Syslog Relay Any.
C. Define the syslog relay source list.
D. Add the reporting devices monitored by the syslog relay server to Cisco Security MARS.
Answer: B, D
Question 9.
Here is a question that you need to answer. You can click on the Question button to the left to view the question and click on the MARS GUI Screen button to the left to capture the MARS GUI screen in order to answer the question. While viewing the GUI screen capture, you can view the complete screen by use of the left/right scroll bar on the bottom of the GUI screen. Choose the correct answer from among the options.
What actions will you take to configure the MARS appliance to send out an alert when the system rule fires according to the MARS GUI screen shown?
A. Click "Edit" to edit the "Operation" field of the rule, select the appropriate alert option(s), then
apply.
B. Click on "None" in the "Action" field, select the appropriate alerts, then apply.
C. Click "Edit" to edit the "Reported User" field of the rule, select the appropriate alert
option(s),then apply.
D. Click on "Active" in the "Status" field, select the appropriate alerts, then apply.
Answer: B
Question 10.
Which action enables the Cisco Security MARS appliance to ignore false-positive events by either dropping the events completely or by just logging them to the database?
A. Inactivating the rules
B. Creating system inspection rules using the drop operation
C. Deleting the false-positive events from the events management page
D. Creating drop rules
Answer: D
|
Question 1.
You are the network consultant from Your company. Please point out two requirements call for the deployment of 802.1X.
A. Authenticate users on switch or wireless ports
B. Grant or Deny network access at the port level, based on configured authorization policies
C. Allow network access during the queit period
D. Verify security posture using TACAS+
Answer: A, B
Question 2.
Open Shortest Path First (OSPF) is a dynamic routing protocol for use in Internet Protocol (IP) networks. An OSPF router on the network is running at an abnormally high CPU rate. By use of different OSPF debug commands on Router, the network administrator determines that router is receiving many OSPF link state packets from an unknown OSPF neighbor, thus forcing many OSPF path recalculations and affecting router's CPU usage.
Which OSPF configuration should the administrator enable to preent this kind of attack on the Router?
A. Multi-Area OSPF
B. OSPF stub Area
C. OSPF MD5 Authentication
D. OSPF not-so-stubby Area
Answer: C
Question 3.
Which one of the following Cisco Security Management products is able to perform (syslog) events normalization?
A. Cisco IME
B. Cisco Security Manager
C. Cisco ASDM
D. Cisco Security MARS
Answer: D
Question 4.
Can you tell me which one of the following platforms has the highest IPSec throughput and can support the highest number of tunnels?
A. Cisco 6500/7600 + VPN SPA
B. Cisco ASR 1000-5G
C. Cisco 7200 NPE-GE+VSA
D. Cisco 7200 NPE-GE+VAM2+
Answer: A
Question 5.
Which two methods can be used to perform IPSec peer authentication? (Choose two.)
A. One-time Password
B. AAA
C. Pre-shared key
D. Digital Certificate
Answer: C, D
Question 6.
Cisco Security Agent is the first endpoint security solution that combines zero-update attack protection, data loss prevention and signature-based antivirus in a single agent. This unique blend of capabilities defends servers and desktops against sophisticated day-zero attacks and enforces acceptable-use and compliance policies within a simple management infrastructure.
What are three functions of CSA in helping to secure customer environments?
A. Control of executable content
B. Identification of vulnerabilities
C. Application Control
D. System hardening
Answer: A, C, D
Question 7.
Cisco Secure Access Control Server (ACS) is an access policy control platform that helps you comply with growing regulatory and corporate requirements.
Which three of these items are features of the Cisco Secure Access Control Server?
A. NDS
B. RSA Certificates
C. LDAP
D. Kerberos
Answer: A, B, C
Question 8.
Observe the following protocols carefully, which one is used to allow the utilization of Cisco Wide Area Application Engines or Cisco IronPort S-Series web security appliances to localize web traffic patterns I the network and to enable the local fulfillment of content requests?
A. TLS
B. DTLS
C. WCCP
D. HTTPS
Answer: C
Question 9.
Which one is not the factor can affect the risk rating of an IPS alert?
A. Relevance
B. Attacker location
C. Event severity
D. Signature fidelity
Answer: B
Question 10.
For the following items, which two are differences between symmetric and asymmetric encryption algorithms? (Choose two.)
A. Asymmetric encryption is slower than symmetric encryption
B. Asymmetric encryption is more suitable than symmetric encryption for real-time bulk encryption
C. Symmetric encryption is used in digital signatures and asymmetric encryption is used in
HMACs
D. Asymmetric encryption requires a much larger key size to achieve the same level of protection
as asymmetric encryption
Answer: A, D
|
Question 1.
With Cisco WAAS advanced compression DRE, which three functions are performed during the DRE process? (Choose three.)
A. Pattern matching
B. Synchronization
C. LZ compression
D. Fingerprint and chunk identification
Answer: A, B, D
Question 2.
Do you know how often the Cisco WAAS automatic discovery takes place?
A. Once per user
B. Every hour
C. On a Connection-by-Connection basis
D. Once per office
Answer: C
Question 3.
What is the status of Cisco WAAS optimization after completing the quick start process on all devices and installing the enterprise license? (Choose two.)
A. Cisco WAAS is ready for the Central Manager to be configured to optimized traffic
B. Cisco WAAS is ready for bandwidth settings to be defined for communication
C. Cisco WAAS application optimizers are enabled
D. Default optimizations are applied traffic passing through the Cisco WAE devices
Answer: C, D
Question 4.
Which two statements describe what is required for read-only disconnected mode to be automatically activated during a prolonged WAAS disconnect? (Choose two.)
A. The WAE must be configured for Windows Authentication
B. The Windows server must be configured for operating in disconnected mode
C. The WAE must be able to access a Window Domain Controller
D. The WAE must be joined to the same workgroup as the Windows Server
Answer: A, C
Question 5.
Which three are high-availability Cisco WAE solutions for a branch office? (Choose three.)
A. PBR
B. WCCP
C. Multiple Cisco WAE devices with inline cards
D. Firewall load-balancing Cisco WAE devices
Answer: A, B, C
Question 6
The Cisco WAAS design of your customer calls for the Central Manager to be deployed on the Core WAE, which is a WAE-612 with 2 GB of RAM. The customer initially configured the WAE as an application accelerator and then issued the device mode central-manager command to enable Central Manager Service.
Now the customer complains that the WAE is no longer accelerating traffic why?
A. The Central Manager and application accelerator cannot be deployed on the same WAE
B. The device mode central-manager command must be issued before the device mode
application-accelerator command
C. At least 4 GB of RAM must be installed for the WAE to serve as both Central Manager and
application accelerator
D. Central Manager is consuming too much CPU time on the WAE. The Central Manager service
should be implemented on a less-utilized edge WAE
Answer: A
Question 7.
Which two benefits can we get by using Cisco WAAS with Cisco security devices such as Cisco PIX, Cisco ASA and Cisco IOS Firewalls? (Choose two.)
A. The security devices will speed Cisco WAAS transport
B. The security devices support the TCP sequence number jump that Cisco WAAS uses
C. Cisco WASS requires Cisco Security devices to be installed
D. The security devices can be configured to support Cisco WAAS automatic discovery
Answer: B, D
Question 8.
In Order to ensure Cisco WAAS Mobile transport and management, which three protocols and ports need to be allowed through corporate firewalls? (Choose three.)
A. TCP 80
B. TCP 8080
C. UDP 8080
D. UDP 1182
Answer: A, B, D
Question 9.
SACK improves performance for which type of traffic?
A. Short-lived TCP connections
B. Traffic on high-BDP networks
C. Traffic on lossy networks
D. Traffic on low-BDP networks
Answer: C
Question 10.
Which parameter should be taken into consideration while selecting a Cisco WAE model for a Cisco WAAS deployment?
A. Bandwidth of the largest WAN Link
B. Total WAN throughput
C. Concurrent TCP sessions to be optimized
D. Bandwidth of the smallest WAN link
Answer: C
|
Question 1. Which setting should be used in the "Boot from" filed in the virtual blade configuration when an operating system is first installed through an CD ISO image onto a virtual blade? A. /local1/vbs/win2k8.iso B. WAAS /local1/loca/vb folder C. Floppy Disk D. CD-ROM Answer: D Question 2. Exhibit: You work as a network engineer at Your company. You study the exhibit carefully. When troubleshooting video licensing on a WAE, this Central Manager output is displayed. Which two steps should be taken to enable the video license? (Choose two.) A. Restart the WAE B. Select the Enterprise Check Box C. Select the Video Check Box D. Select the Virtual-Blade Check Box Answer: B, C Question 3. Which command verifies that a WAE in-line card is intercepting traffic from the correct VLANs? A. show wccp services B. show wccp vlans inline C. show int inlinegroup x/y D. show ip access-lists Answer: C Question 4. In which two ways will you register and activate a WAE to the Central Manager? (Choose two.) A. WAE(Config)#cms enable do active B. The auto-activate icon in the Central Manager C. WAE(Config)#cms enable D. The quickstart setup procedure Answer: C, D Question 5. Which three must be configured when you configure an edge print queue? (Choose three.) A. WAFS edge service B. EPM Policy C. Printer Name D. devive URI Answer: A, C, D Question 6. Exhibit: You work as a network engineer at Your company. You study the exhibit carefully. A WAE in your environment is experiencing no HTTP acceleration. What is the problem according to the output from the Central Manager? A. HTTP and Video Accelerators cannot be enabled at the same time B. The HTTP Accelerator is not enabled C. DRE eliminates all need for HTTP acceleration D. The Enterprise license is not installed Answer: B Question 7. How to verify that the WAE has joined a Microsoft Windows domain correctly? A. Click the Show Authentication Status button in Central Manager B. Use the Windows netstat command C. Use the Windows nbtstat command D. Execute the show windows-domain command on the WAE Answer: A Question 8. Within Windows Server on WAAS, what are the Cisco-supported features? (Choose all that apply) A. Active Directory B. DNS C. Windows Printing D. DHCP Answer: A, B, C, D Question 9. Exhibit: You work as a network engineer at Your company. You study the exhibit carefully. The following diagram displays the Cisco WAAS configuration for your customer. Which WCCPv2 interception configuration should be applied to interface Serial0? A. Redirect in / service group 62 B. Redirect out / service group 62 C. Redirect in / service group 61 D. Redirect out/service group 61 Answer: A Question 10. How many baseline device groups can be configured for the acceleration feature set? A. Three B. One C. As many as needed D. Two Answer: B
|
Question 1. Which service module configuration is recommended to automatically detect and block traffic from malicious hosts? A. IDSM that is deployed in IDS mode B. FWSM that is coupled with the NAM C. IDSM that is deployed in IPS mode D. FWSM Answer: C Question 2. You work as the network administrator at ITCertKeys.com. As far as you know in what environment when a switched fabric server is required for InfiniBand support, coupled with Ethernet and Fibre Channel integration, which of following? A. Cisco MDS 9000 B. Cisco MDS 7000 C. Cisco SFS 3000 D. Cisco SFS 7000 Answer: C Question 3. Refer to the exhibit. In an IBM mainframe configuration, an LPAR is expected to require 100 Mbps. How many physical Gigabit Ethernet mainframe interfaces are required to support this configuration? A. three B. one C. four D. two E. Interface is unsupported on mainframes. Answer: B Question 4. What advantage do 10-Gigabit Ethernet uplinks have over EtherChannels? A. better load balancing of traffic B. more reliable C. higher bandwidth D. faster convergence time Answer: A Question 5. You are a help desk trainee for ITCertKeys.com. As far as you know, which licensing feature set supports the use of VDCs, by using the Cisco Nexus 7010 platform? A. Enterprise Services B. Advanced Services C. Basic Services D. IP Base Answer: B Question 6. Which statement describes the aggregation layer? A. It does not process server-to-server flows. B. Changing application requirements lead to higher oversubscription. C. It has a small STP processing load. D. It maintains session state and connection tables for redundancy. Answer: D Question 7. In following of ACL types, which of them permits role-based access control? A. reflexive B. router C. security group D. VLAN Answer: A Question 8. Refer to the exhibit. Your customer is filling server racks sequentially, filling one rack before beginning the next. Which two access layer designs present challenges in this environment? (Choose two.) A. Layer 3 B. Layer 2 loop-free U C. Layer 2 loop-free inverted U D. Layer 2 looped triangle E. Layer 2 looped square Answer: A, B Question 9. Which statement describes an IDSM module operating in inline rather than promiscuous mode? A. higher throughput B. higher latency C. lower throughput D. lower latency E. lower latency and higher throughput F. higher latency and lower throughput Answer: B Question 10. Refer to the exhibit. A data center network is configured as follows: ACE modules active/active failover pair core-to-aggregation traffic load balanced load balancing via Layer 3 source-destination IP address hashing Which statement represents the best advice? A. The design should use Layer 2 load balancing for core-to-aggregation traffic. B. The design is correct as shown. C. The design should use Layer 4 port-based load balancing for core-to-aggregation traffic. D. The design should use RHI to route core-to-aggregation traffic. Answer: D
|
Question 1. Your company's network just finished going through a SAS 70 audit. This audit reported that overall, your network is secure, but there are some areas that needs improvement. The major area was SNMP security. The audit company recommended turning off SNMP, but that is not an option since you have so many remote nodes to keep track of. What step could you take to help secure SNMP on your network? A. Change the default community string names B. Block all internal MAC address from using SNMP C. Block access to UDP port 171 D. Block access to TCP port 171 Answer: A Question 2. At what layer of the OSI model do routers function on? A. 3 B. 4 C. 5 D. 1 Answer: A Question 3. An "idle" system is also referred to as what? A. Zombie B. PC not being used C. Bot D. PC not connected to the Internet Answer: A Question 4. What operating system would respond to the following command? A. Mac OS X B. Windows XP C. Windows 95 D. FreeBSD Answer: D Question 5. Why are Linux/Unix based computers better to use than Windows computers for idle scanning? A. Windows computers will not respond to idle scans B. Linux/Unix computers are constantly talking C. Linux/Unix computers are easier to compromise D. Windows computers are constantly talking Answer: D Question 6. How many bits is Source Port Number in TCP Header packet? A. 48 B. 32 C. 64 D. 16 Answer: D Question 7. Why are Linux/Unix based computers better to use than Windows computers for idle scanning? A. Windows computers are constantly talking B. Linux/Unix computers are constantly talking C. Linux/Unix computers are easier to compromise D. Windows computers will not respond to idle scans Answer: A Question 8. Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the axfr and ixfr commands using DIG. What is Simon trying to accomplish here? A. Enumerate all the users in the domain B. Perform DNS poisoning C. Send DOS commands to crash the DNS servers D. Perform a zone transfer Answer: D Question 9. You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities: When you type this and click on search, you receive a pop-up window that says: "This is a test." What is the result of this test? A. Your website is vulnerable to web bugs B. Your website is vulnerable to CSS C. Your website is not vulnerable D. Your website is vulnerable to SQL injection Answer: B Question 10. After attending a CEH security seminar, you make a list of changes you would like to perform on your network to increase its security. One of the first things you change is to switch the RestrictAnonymous setting from 0 to 1 on your servers. This, as you were told, would prevent anonymous users from establishing a null session on the server. Using Userinfo tool mentioned at the seminar, you succeed in establishing a null session with one of the servers. Why is that? A. RestrictAnonymous must be set to "2" for complete security B. RestrictAnonymous must be set to "3" for complete security C. There is no way to always prevent an anonymous null session from establishing D. RestrictAnonymous must be set to "10" for complete security Answer: A
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.