CCNA® Security Study Guide > Securing Administrative Access > Review Questions

Table of Contents

Download Safari Books Online apps: Apple iOS | Android

Entire Site

Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

This Book

CCNA® Security Study Guide

Search

Dedication

Acknowledgments

About The Author

About the Contributor

Introduction

Assessment Test

Ch. 1. Introduction to Network Security

Ch. 2. Creating the Secure Network

Ch. 3. Securing Administrative Access

Securing Administrative Access

Cisco ISR Routers

Cisco Security Device Manager (SDM)

Answers to Review Questions

Answers to Written Lab

Ch. 4. Configuring AAA Services

Ch. 5. Securing Your Router

Ch. 6. Layer 2 Security

Ch. 7. Implementing Cisco IOS Firewall

Ch. 8. Implementing Cisco IOS Intrusion Prevention

Ch. 9. Understanding Cryptographic Solutions

Ch. 10. Using Digital Signatures

Ch. 11. Using Asymmetric Encryption and PKI

Ch. 12. Implementing Site-to-Site IPsec VPN Solutions

Appx. A. Securing Voice Solutions

Appx. B. Introduction to SAN Security

Appx. C. Exploring Endpoint Security

Appx. D. Capstone Exercise

Appx. E. About the Companion CD

Glossary

Index

3.8. Review Questions

Which of the following is not a Cisco IOS security feature commonly found on Cisco ISRs?
1. CDP
2. IPS
3. Stateful firewall
4. VPN
5. VRF-aware firewall
Which command can turn on logging of unsuccessful login attempts? (Choose two.)
1. auto secure
2. logging failure
3. login on failure log
4. logging login failure
5. auto log
What is the name of the secure files used in conjunction with the Cisco IOS Resilient Configuration?
1. configset
2. bootset
3. startup-config-secure
4. running-config-secure
5. config-set
Which of the following is the graphical user environment that is used to configure many router settings and provides several wizards to automate certain tasks?
1. ACS
2. ASDM
3. STP
4. SDM
5. CDP
Which of the following is not one of the high-level tasks that you can perform from Cisco SDM?
1. VPN
2. Security Audit
3. Interfaces and Connections
Cisco SDM can be installed where?
1. On the administrator's PC
2. On the router's flash memory
3. On both the administrator's PC and router's flash memory
4. In the running configuration
5. In the startup configuration
You have been asked to configure SSH using the command-line interface. However, you have discovered that some keys were left over on the router. What command is used to clear the RSA keys so that you can regenerate them?
1. Router1# clear rsa keys
2. Router1# (config)rsa clear keys
3. Router1# (config)crypto key zeroize rsa
4. Router1# crypto rsa key zeroize
5. Router1# crypto key zeroize rsa
Which command confers the traceroute command privileges to level 4?
1. privilege exec level 4 traceroute
2. privilege level 4 traceroute
3. privilege 4 traceroute
4. authorization 4 traceroute
Which of the following is the command to configure a minimum password length of 8 for any passwords configured on the router?
1. security password length 8
2. security password min-length 8
3. password length 8
4. password security length 8
Which of the following is the global configuration mode command to encrypt any plaintext passwords in a Cisco configuration?
1. service-password encryption
2. service password-encryption
3. service encryption-password
4. service-encryption
5. service level encryption
Which of the following is not one of the files necessary to run Cisco SDM on your router?
1. es.tar
2. sdm.tar
3. common.tar
4. sdm.bin
What is the default delay between successive login attempts if the login block-for command is issued without further qualifications?
1. 1 sec
2. 10 sec
3. 5 sec
4. 15 sec
5. 1 minute
What is the global configuration mode command that allows you to configure a banner message for use when attempting to access a router via Telnet or SSH?
1. banner
2. message banner
3. motd
4. banner config
5. banner motd
What is the global configuration mode command that will allow you to specify the number of failed login attempts that trigger a quiet period?
1. login block-for
2. login exec timeout
3. login block
4. login timeout
5. exec timeout
Which command would you enter to use Cisco SDM in a secure web session?
1. ip http secure
2. ip https
3. ip https secure-server
4. ip http secure-server
5. ip secure-server
What is the command that will reset the RSA keys on a Cisco router?
1. zero-out
2. zeroout
3. zeroize
4. reset
5. clear keys all
In generating RSA keys, what does Cisco recommend for the key modulus size?
1. 512
2. 2048
3. 1024
4. 4096
5. 256
What feature must be enabled prior to configuring command-line interface (CLI) views?
1. ACS
2. CLI
3. AAA
4. NTP
Which of the following are not wizards that can be used with Cisco SDM? (Choose two.)
1. VPN
2. Security Audit
3. BGP
4. CDP
What type of encryption is used with a Type 5 encrypted password in a Cisco router configuration?
1. SHA
2. MD5
3. SSL
4. RC4

You are currently reading a PREVIEW of this book.

Get instant access to over
$1 million worth of books and videos.

Start a Free Trial

Download Safari Books Online apps: Apple iOS | Android

This Book

Search

Contents

Chapter 3. Securing Administrative Access > Review Questions

3.8. Review Questions