CCNA Security v2.0 Practice Exam Simulator Online
CCNA Security v2.0 Practice Exam Training | |
---|---|
Time | 60 minutes |
Questions | 56 |
CCNA Security v2.0 Practice Exam Simulator
Time limit: 0
Quiz-summary
0 of 56 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
Information
CCNA Security v2.0 Practice Exam Simulator
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 56 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Average score |
|
Your score |
|
Categories
- Not categorized 0%
Pos. | Name | Entered on | Points | Result |
---|---|---|---|---|
Table is loading | ||||
No data available | ||||
Your result has been entered into leaderboard
Loading
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- Answered
- Review
-
Question 1 of 56
1. Question
1 pointsRefer to the exhibit.
Based on the output generated by the show monitor session 1 command, how will SPAN operate on the switch?
Correct
Incorrect
-
Question 2 of 56
2. Question
1 pointsRefer to the exhibit.
The ISAKMP policy for the IKE Phase 1 tunnel was configured, but the tunnel does not yet exist. Which action should be taken next before IKE Phase 1 negotiations can begin?
Correct
Incorrect
-
Question 3 of 56
3. Question
1 pointsWhat is the function of the Hashed Message Authentication Code (HMAC) algorithm in setting up an IPsec VPN?
Correct
Incorrect
-
Question 4 of 56
4. Question
1 pointsOn what switch ports should PortFast be enabled to enhance STP stability?
Correct
Incorrect
-
Question 5 of 56
5. Question
1 pointsWhat ports can receive forwarded traffic from an isolated port that is part of a PVLAN?
Correct
Incorrect
-
Question 6 of 56
6. Question
1 pointsWhat is the next step in the establishment of an IPsec VPN after IKE Phase 1 is complete?
Correct
Incorrect
-
Question 7 of 56
7. Question
3 pointsWhich three areas of router security must be maintained to secure an edge router at the network perimeter? (Choose three.)
Correct
Incorrect
-
Question 8 of 56
8. Question
1 pointsWhat is the purpose of AAA accounting?
Correct
Incorrect
-
Question 9 of 56
9. Question
1 pointsWhat service or protocol does the Secure Copy Protocol rely on to ensure that secure copy transfers are from authorized users?
Correct
Incorrect
-
Question 10 of 56
10. Question
1 pointsWhich statement accurately describes Cisco IOS Zone-Based Policy Firewall operation?
Correct
Incorrect
-
Question 11 of 56
11. Question
2 pointsWhich two statements describe the use of asymmetric algorithms? (Choose two.)
Correct
Incorrect
-
Question 12 of 56
12. Question
3 pointsWhat are three characteristics of the RADIUS protocol? (Choose three.)
Correct
Incorrect
-
Question 13 of 56
13. Question
1 pointsWhat algorithm is used with IPsec to provide data confidentiality?
Correct
Incorrect
-
Question 14 of 56
14. Question
3 pointsWhen configuring SSH on a router to implement secure network management, a network engineer has issued the login local and transport input ssh line vty commands. What three additional configuration actions have to be performed to complete the SSH configuration? (Choose three.)
Correct
Incorrect
-
Question 15 of 56
15. Question
1 pointsWhat is an advantage of HIPS that is not provided by IDS?
Correct
Incorrect
-
Question 16 of 56
16. Question
1 pointsWhich interface setting can be configured in ASDM through the Device Setup tab?
Correct
Incorrect
-
Question 17 of 56
17. Question
1 pointsA security technician uses an asymmetric algorithm to encrypt messages with a private key and then forwards that data to another technician. What key must be used to decrypt this data?
Correct
Incorrect
-
Question 18 of 56
18. Question
2 pointsA network administrator is configuring an AAA server to manage TACACS+ authentication. What are two attributes of TACACS+ authentication? (Choose two.)
Correct
Incorrect
-
Question 19 of 56
19. Question
1 pointsWhat technology is used to separate physical interfaces on the ASA 5505 device into different security zones?
Correct
Incorrect
-
Question 20 of 56
20. Question
1 pointsHow are Intrusion Prevention System (IPS) and Intrusion Detection System (IDS) components used conjunctively?
Correct
Incorrect
-
Question 21 of 56
21. Question
1 pointsWhat is the result of a DHCP starvation attack?
Correct
Incorrect
-
Question 22 of 56
22. Question
1 pointsWhich router component determines the number of signatures and engines that can be supported in an IPS implementation?
Correct
Incorrect
-
Question 23 of 56
23. Question
1 pointsWhat can be used as an alternative to HMAC?
Correct
Incorrect
-
Question 24 of 56
24. Question
1 pointsHow can DHCP spoofing attacks be mitigated?
Correct
Incorrect
-
Question 25 of 56
25. Question
2 pointsA network administrator is configuring an AAA server to manage RADIUS authentication. Which two features are included in RADIUS authentication? (Choose two.)
Correct
Incorrect
-
Question 26 of 56
26. Question
1 pointsA syslog server has received the message shown.
*Mar 1 00:07:18.783: %SYS-5-CONFIG_I: Configured from console by vty0 (172.16.45.1)
What can be determined from the syslog message?
Correct
Incorrect
-
Question 27 of 56
27. Question
1 pointsWhat is the default preconfigured security level for the outside network interface on a Cisco ASA 5505?
Correct
Incorrect
-
Question 28 of 56
28. Question
1 pointsWhat term describes a set of rules used by an IDS or IPS to detect typical intrusion activity?
Correct
Incorrect
-
Question 29 of 56
29. Question
1 pointsWhich type of VLAN-hopping attack may be prevented by designating an unused VLAN as the native VLAN?
Correct
Incorrect
-
Question 30 of 56
30. Question
1 pointsWhich statement describes the Cisco Cloud Web Security?
Correct
Incorrect
-
Question 31 of 56
31. Question
1 pointsWhy is Diffie-Hellman algorithm typically avoided for encrypting data?
Correct
Incorrect
-
Question 32 of 56
32. Question
1 pointsWhat information does the SIEM network security management tool provide to network administrators?
Correct
Incorrect
-
Question 33 of 56
33. Question
1 pointsWhat can be configured as part of a network object?
Correct
Incorrect
-
Question 34 of 56
34. Question
1 pointsA user complains about not being able to gain access to the network. What command would be used by the network administrator to determine which AAA method list is being used for this particular user as the user logs on?
Correct
Incorrect
-
Question 35 of 56
35. Question
1 pointsWhat is a limitation to using OOB management on a large enterprise network?
Correct
Incorrect
-
Question 36 of 56
36. Question
1 pointsA company deploys a network-based IPS. Which statement describes a false negative alarm that is issued by the IPS sensor?
Correct
Incorrect
-
Question 37 of 56
37. Question
1 pointsWhat type of ACL offers greater flexibility and control over network access?
Correct
Incorrect
-
Question 38 of 56
38. Question
1 pointsWhich security document includes implementation details, usually with step-by-step instructions and graphics?
Correct
Incorrect
-
Question 39 of 56
39. Question
1 pointsWhat is a characteristic of a DMZ zone?
Correct
Incorrect
-
Question 40 of 56
40. Question
1 pointsWhich type of ASDM connection would provide secure remote access for remote users into corporate networks?
Correct
Incorrect
-
Question 41 of 56
41. Question
3 pointsWhich three forwarding plane services and functions are enabled by the Cisco AutoSecure feature? (Choose three.)
Correct
Incorrect
-
Question 42 of 56
42. Question
1 pointsWhich feature of the Cisco Network Foundation Protection framework prevents a route processor from being overwhelmed by unnecessary traffic?
Correct
Incorrect
-
Question 43 of 56
43. Question
3 pointsWhat three tasks can a network administrator accomplish with the Nmap and Zenmap security testing tools? (Choose three.)
Correct
Incorrect
-
Question 44 of 56
44. Question
2 pointsWhich two end points can be on the other side of an ASA site-to-site VPN configured using ASDM? (Choose two.)
Correct
Incorrect
-
Question 45 of 56
45. Question
1 pointsA company deploys a hub-and-spoke VPN topology where the security appliance is the hub and the remote VPN networks are the spokes. Which VPN method should be used in order for one spoke to communicate with another spoke through the single public interface of the security appliance?
Correct
Incorrect
-
Question 46 of 56
46. Question
2 pointsWhich two types of hackers are typically classified as grey hat hackers? (Choose two.)
Correct
Incorrect
-
Question 47 of 56
47. Question
1 pointsWhich security implementation will provide management plane protection for a network device?
Correct
Incorrect
-
Question 48 of 56
48. Question
1 pointsA security technician is evaluating a new operations security proposal designed to limit access to all servers. What is an advantage of using network security testing to evaluate the new proposal?
Correct
Incorrect
-
Question 49 of 56
49. Question
1 pointsWhich feature is specific to the Security Plus upgrade license of an ASA 5505 and provides increased availability?
Correct
Incorrect
-
Question 50 of 56
50. Question
1 pointsWhat is a characteristic of an ASA site-to-site VPN?
Correct
Incorrect
-
Question 51 of 56
51. Question
1 pointsWhat is a result of enabling the Cisco IOS image resilience feature?
Correct
Incorrect
-
Question 52 of 56
52. Question
1 pointsWhat does the keyword default specify when used with the aaa authentication login command?
Correct
Incorrect
-
Question 53 of 56
53. Question
2 pointsWhat are two protocols that are used by AAA to authenticate users against a central database of usernames and password? (Choose two.)
Correct
Incorrect
-
Question 54 of 56
54. Question
1 pointsWhich service should be disabled on a router to prevent a malicious host from falsely responding to ARP requests with the intent to redirect the Ethernet frames?
Correct
Incorrect
-
Question 55 of 56
55. Question
1 pointsWhat is a characteristic of asymmetric algorithms?
Correct
Incorrect
-
Question 56 of 56
56. Question
2 pointsWhat are two drawbacks in assigning user privilege levels on a Cisco router? (Choose two.)
Correct
Incorrect
Leaderboard: CCNA Security v2.0 Practice Exam Simulator
Pos. | Name | Entered on | Points | Result |
---|---|---|---|---|
Table is loading | ||||
No data available | ||||