CCNA Security Part 1

Approved & Edited by ProProfs Editorial Team

The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.

Learn about Our Editorial Process

| By Kweglar

Kweglar

Community Contributor

Quizzes Created: 1 | Total Attempts: 391

Questions: 118 | Attempts: 391 | Updated: Mar 22, 2023

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

CCNA Security for certification practice. Take this quiz and learn more about CCNA routing and switching.

Questions and Answers

1.

What are the three primary goals of network security?
- A.
  
  Confidentiality
- B.
  
  Redundancy
- C.
  
  Integrity
- D.
  
  Availability
Correct Answer(s)
A. Confidentiality
C. Integrity
D. Availability

Explanation
The three primary goals of network security are confidentiality, integrity, and availability. Confidentiality ensures that only authorized individuals can access and view sensitive information. Integrity ensures that data remains unaltered and trustworthy during transmission and storage. Availability ensures that network resources and services are accessible and usable to authorized users when needed. These goals collectively aim to protect the privacy, reliability, and accessibility of network data and resources.

Rate this question:
2.

Where do most attacks on an organization's computer resources originate?
- A.
  
  From the Internet
- B.
  
  From the inside network
- C.
  
  From universities
- D.
  
  From intruders who gain physical access to the computer resources
Correct Answer
B. From the inside network

Explanation
Most attacks on an organization's computer resources originate from the inside network. This means that the attacks are carried out by individuals who have authorized access to the organization's network or systems. These attackers may be disgruntled employees, contractors, or other insiders with malicious intent. Insider attacks can be particularly damaging as the attackers often have knowledge of the organization's systems and may be able to bypass security measures more easily. It is important for organizations to have strong security protocols in place to detect and prevent insider attacks.

Rate this question:
3.

The U.S government places classified data into which classes?
- A.
  
  SBU
- B.
  
  Confidentual
- C.
  
  Secret
- D.
  
  Top Secret
Correct Answer(s)
B. Confidentual
C. Secret
D. Top Secret

Explanation
The U.S government places classified data into different classes, namely SBU (Sensitive But Unclassified), Confidential, Secret, and Top Secret. SBU refers to data that is sensitive but not classified. Confidential data is considered private and its unauthorized disclosure could cause damage to national security. Secret data is more sensitive than confidential data, and its unauthorized disclosure could cause serious damage to national security. Top Secret data is the highest level of classification, and its unauthorized disclosure could cause exceptionally grave damage to national security.

Rate this question:
4.

Cisco defines 3 catagories of security controls: administrative, physical and technical. Individual controls within these catagories can be further classifies as what 3 specific types of controls?
- A.
  
  Preventive
- B.
  
  Deterrent
- C.
  
  Detective
- D.
  
  Reactive
Correct Answer(s)
A. Preventive
B. Deterrent
C. Detective

Explanation
The correct answer is preventive, deterrent, and detective. Cisco categorizes security controls into three categories: administrative, physical, and technical. Within these categories, controls can be further classified into preventive controls, which aim to prevent security incidents from occurring; deterrent controls, which discourage potential attackers; and detective controls, which identify and respond to security incidents after they have occurred. These three types of controls work together to provide a comprehensive security framework.

Rate this question:
5.

Litigators typicall require 3 of the following elements to present an effective argument when prosecuting information security violations?
- A.
  
  Audit trail
- B.
  
  Motive
- C.
  
  Means
- D.
  
  Opportunity
Correct Answer(s)
B. Motive
C. Means
D. Opportunity

Explanation
Litigators typically require motive, means, and opportunity to present an effective argument when prosecuting information security violations. Motive refers to the reason or intention behind the violation, means refers to the tools or methods used to commit the violation, and opportunity refers to the chance or circumstances that enabled the violation to occur. By establishing these three elements, litigators can build a strong case demonstrating the intent, capability, and opportunity of the defendant to commit the security violation.

Rate this question:
6.

Which type of law typically involves the enforcement of regulations by government agencies?
- A.
  
  Criminal law
- B.
  
  Tort Law
- C.
  
  Administrative law
- D.
  
  Civil law
Correct Answer
C. Administrative law

Explanation
Administrative law typically involves the enforcement of regulations by government agencies. This type of law governs the activities of administrative agencies, such as licensing, rule-making, and adjudication. It deals with the legal principles and procedures that govern the actions of these agencies, ensuring that they act within their authority and follow fair procedures. Administrative law plays a crucial role in maintaining the balance between the powers of the government and the rights of individuals affected by their actions.

Rate this question:
7.

Which of the following is a weakness in an information system that an attacker might leverage to gain unauthorized access to the system or data on the system?
- A.
  
  Risk
- B.
  
  Exploit
- C.
  
  Mitigation
- D.
  
  Vulnerability
Correct Answer
D. Vulnerability

Explanation
A vulnerability refers to a weakness in an information system that can be exploited by an attacker to gain unauthorized access to the system or the data it holds. It represents a security flaw or loophole that can be targeted by an attacker to compromise the system's integrity, confidentiality, or availability. By understanding and exploiting vulnerabilities, attackers can bypass security measures and gain unauthorized access to sensitive information or control over the system. Therefore, vulnerability is the correct answer as it represents a potential weakness that attackers can leverage to compromise an information system.

Rate this question:
8.

What type of hacker attempts to hack telephony systems?
- A.
  
  Script kiddy
- B.
  
  Hacktivist
- C.
  
  Phreaker
- D.
  
  White hat hacker
Correct Answer
C. pHreaker

Explanation
A phreaker is a type of hacker who attempts to hack telephony systems. Phreakers are mainly interested in manipulating or exploiting telephone networks and services. They may engage in activities such as making free calls, bypassing billing systems, or gaining unauthorized access to voicemail boxes. Unlike other types of hackers, phreakers focus specifically on telephony systems and their vulnerabilities.

Rate this question:
9.

Which of the following is a method of gaining access to a system that bypasses normal security measures?
- A.
  
  Creating a back door
- B.
  
  Launching a DOS attack
- C.
  
  Starting a Smurf attack
- D.
  
  Conducting social engineering
Correct Answer
A. Creating a back door

Explanation
Creating a back door is a method of gaining access to a system that bypasses normal security measures. This involves creating a secret entry point or vulnerability in the system that allows unauthorized access without triggering any security alarms or measures. It provides a way for attackers to enter the system undetected and carry out malicious activities without being detected by traditional security mechanisms. This method is often used by hackers to gain persistent access to a system and maintain control over it for an extended period of time.

Rate this question:
10.

What security design philosophy uses a layered approach to eliminate single points of failure and provide overlapping protection?
- A.
  
  AVVID
- B.
  
  Defense in Depth
- C.
  
  SONA
- D.
  
  IINS
Correct Answer
B. Defense in Depth

Explanation
Defense in Depth is a security design philosophy that uses a layered approach to eliminate single points of failure and provide overlapping protection. This means that multiple layers of security measures are implemented to protect against potential threats. By having multiple layers, even if one layer fails, there are still other layers in place to provide protection. This approach helps to enhance the overall security of a system or network by making it more difficult for attackers to penetrate and exploit vulnerabilities.

Rate this question:
11.

What are 2 types of IP spoffing attacks?
- A.
  
  Nonblind spoofing
- B.
  
  Promiscuous spoofing
- C.
  
  Autonomous spoofing
- D.
  
  Blind spoofing
Correct Answer(s)
A. Nonblind spoofing
D. Blind spoofing

Explanation
Nonblind spoofing and blind spoofing are two types of IP spoofing attacks. In nonblind spoofing, the attacker sends packets to a target system with a spoofed source IP address, pretending to be a trusted entity. This allows the attacker to bypass security measures that rely on IP addresses for authentication. On the other hand, blind spoofing involves the attacker sending packets to a target system without receiving any response. This type of attack is more challenging as the attacker has to guess the sequence numbers of the packets to establish a successful connection.

Rate this question:
12.

What term refers to the electromagnetic interference (EMI) that can radiate from network cables?
- A.
  
  Doppler waves
- B.
  
  Emanations
- C.
  
  Gaussian distributions
- D.
  
  Multimode distortion
Correct Answer
B. Emanations

Explanation
Emanations refer to the electromagnetic interference (EMI) that can radiate from network cables. EMI can be generated by the electrical signals transmitted through the cables and can interfere with other electronic devices or systems nearby. This interference can cause disruptions or distortions in the signals being transmitted, leading to communication errors or reduced network performance. Therefore, it is important to properly shield and manage network cables to minimize the emanations and ensure reliable and efficient communication.

Rate this question:
13.

What kind of intergrity attack is a collection of small attacks the result in a larger attack when combined?
- A.
  
  Data diddling
- B.
  
  Botnet attack
- C.
  
  Hijacking a session
- D.
  
  Salami attack
Correct Answer
D. Salami attack

Explanation
A salami attack is a type of integrity attack where small, often unnoticed, slices of data or money are taken or manipulated over a period of time. These small attacks may seem insignificant on their own, but when combined, they can result in a significant loss or impact. This type of attack is often used in financial fraud, where small amounts of money are deducted from multiple accounts, eventually leading to a substantial sum. It is called a salami attack because it is similar to slicing off small pieces of salami, which individually may not be noticeable, but collectively can make a significant impact.

Rate this question:
14.

Which of the following best describes a smurf attack?
- A.
  
  It sends a ping request to a subnet, requesting that devices on that subnet send ping replies to a target system.
- B.
  
  It sends ping requests in segments of an invalid size.
- C.
  
  It intercepts the third step in a TCP three-way handshake to hijack a session
- D.
  
  It uses aTrojan horse applications to create a distributed collection of zombie computers, which can be used to launch a coordinated DDoS attack.
Correct Answer
A. It sends a ping request to a subnet, requesting that devices on that subnet send ping replies to a target system.

Explanation
A smurf attack is a type of DDoS attack where the attacker sends a ping request to a subnet, called a smurf amplifier, with the source IP address spoofed to be the target system. The devices on the subnet then send ping replies to the target system, overwhelming it with a flood of responses. This type of attack can cause a denial of service by consuming the target's network bandwidth and resources, making it inaccessible to legitimate users.

Rate this question:
15.

Which of the following are Cisco best practice recommendations for securing a network?
- A.
  
  Deploy HIPS software on all enduser workstations.
- B.
  
  Routinely apply patches to operating systems and applications.
- C.
  
  Disable unneeded services and ports on hosts.
- D.
  
  Require strong passwords, and enable password expiration.
Correct Answer(s)
B. Routinely apply patches to operating systems and applications.
C. Disable unneeded services and ports on hosts.
D. Require strong passwords, and enable password expiration.

Explanation
The answer suggests three best practice recommendations for securing a network: routinely applying patches to operating systems and applications, disabling unneeded services and ports on hosts, and requiring strong passwords with password expiration enabled. These practices help to ensure that the network is protected against potential vulnerabilities, such as outdated software, unnecessary services that could be exploited, and weak passwords. By regularly applying patches, disabling unneeded services and ports, and enforcing strong passwords, the network can be better protected against potential security threats.

Rate this question:
16.

What are the 5 phases of the system development life cycle (SDLC)? choose 5
- A.
  
  Operations and Maintenance
- B.
  
  Acquisition and development
- C.
  
  Initiation and implementation
- D.
  
  Execution and termination
- E.
  
  Disposition
Correct Answer(s)
A. Operations and Maintenance
B. Acquisition and development
C. Initiation and implementation
E. Disposition

Explanation
The correct answer includes the phases of the system development life cycle (SDLC) which are Operations and Maintenance, Acquisition and development, Initiation and implementation, and Disposition. These phases represent the different stages involved in the development and management of a system, from its initial planning and design to its eventual retirement or replacement.

Rate this question:
17.

Which of the following attemps to ensure that no one employee becomes a pervasive security threat, that data can be recovered from backups and the information system changes do not compromise a sytem's security?
- A.
  
  Strategic security planning
- B.
  
  Implementation seccurity
- C.
  
  Disaster recovery
- D.
  
  Operations security
Correct Answer
D. Operations security

Explanation
Operations security is the correct answer because it focuses on ensuring that no one employee becomes a pervasive security threat by implementing access controls, monitoring systems, and security awareness training. It also includes measures to ensure that data can be recovered from backups and that information system changes do not compromise the security of the system. Strategic security planning involves developing security policies and objectives, while implementation security refers to the process of putting security measures into place. Disaster recovery focuses on the ability to recover from a disaster or system failure.

Rate this question:
18.

Which of the following are network evaluation techniques?
- A.
  
  Using Cisco SDM to perform a network posture validation
- B.
  
  Scanning a network for active IP addresses and open ports on those IP addresses
- C.
  
  Performing end-user training on the use of antispyware software
- D.
  
  Using password-cracking untilities
- E.
  
  Performing virus scans
Correct Answer(s)
A. Using Cisco SDM to perform a network posture validation
D. Using password-cracking untilities
E. Performing virus scans

Explanation
The given answer is correct because it includes three network evaluation techniques. Using Cisco SDM to perform a network posture validation is a technique that assesses the security posture of a network. Using password-cracking utilities is a technique used to test the strength of passwords in a network. Performing virus scans is a technique used to detect and remove any viruses or malware present in a network. These techniques help in evaluating the security and performance of a network.

Rate this question:
19.

What are 3 phases of disaster recovery?
- A.
  
  Emergency response phase
- B.
  
  Return to normal operations phase
- C.
  
  Threat isolation phase
- D.
  
  Recovery phase
Correct Answer(s)
A. Emergency response pHase
B. Return to normal operations pHase
D. Recovery pHase

Explanation
The correct answer includes three phases of disaster recovery: the emergency response phase, the return to normal operations phase, and the recovery phase. In the emergency response phase, immediate actions are taken to ensure the safety of individuals and minimize further damage. The return to normal operations phase involves restoring essential functions and resuming normal operations. Lastly, the recovery phase focuses on long-term restoration and rebuilding efforts to fully recover from the disaster.

Rate this question:
20.

Which of the following is a continually changing document that dictates a set of guidelines for network use?
- A.
  
  Security policy
- B.
  
  Best-practice recommendations
- C.
  
  Identity-based networking policy
- D.
  
  Acceptable-use executive summary
Correct Answer
A. Security policy

Explanation
A security policy is a continually changing document that dictates a set of guidelines for network use. It outlines the rules and procedures that need to be followed to ensure the security and integrity of the network. This document is regularly updated to address new threats and vulnerabilities, as well as to adapt to changes in technology and business requirements. It serves as a reference for employees and network administrators to understand their responsibilities and the measures they need to take to protect the network and its resources.

Rate this question:
21.

Which security policy component contains mandatory practices ( as opposed to recommendations or step-by-step instructions)?
- A.
  
  Guidelines
- B.
  
  Standards
- C.
  
  Procedures
- D.
  
  Tenets
Correct Answer
B. Standards

Explanation
Standards are a security policy component that contains mandatory practices. Unlike guidelines, which are recommendations, or procedures, which are step-by-step instructions, standards are a set of mandatory requirements that must be followed. Tenets, on the other hand, refer to the principles or beliefs that guide the development and implementation of security policies, but they do not necessarily contain specific practices. Therefore, the correct answer is standards.

Rate this question:
22.

Which 3 individuals are most likely to be intimately involved with the creation of a security policy?
- A.
  
  Chief Security Officer (CSO)
- B.
  
  Chief Executive Officer (CEO)
- C.
  
  Chief Information Officer (CIO)
- D.
  
  Chief Information Security Officer (CISO)
Correct Answer(s)
A. Chief Security Officer (CSO)
C. Chief Information Officer (CIO)
D. Chief Information Security Officer (CISO)

Explanation
The three individuals most likely to be intimately involved with the creation of a security policy are the Chief Security Officer (CSO), Chief Information Officer (CIO), and Chief Information Security Officer (CISO). The CSO is responsible for overseeing and implementing security measures within an organization, making them a key player in policy creation. The CIO is responsible for managing the organization's information technology systems and infrastructure, and their involvement ensures that security policies align with the overall IT strategy. The CISO is specifically focused on information security and is responsible for developing and implementing security policies and procedures. Together, these three individuals bring the necessary expertise and authority to create an effective security policy.

Rate this question:
23.

The following formula can be used to calculate annualized loss expectancy:ALE= AV*EF*AROWhich componenet of the formula represents the percentage of loss of an asset that is experience if an anticipated threat occurs?
- A.
  
  ALE
- B.
  
  AV
- C.
  
  EF
- D.
  
  ARO
Correct Answer
C. EF

Explanation
The component of the formula that represents the percentage of loss of an asset that is experienced if an anticipated threat occurs is EF. EF stands for Exposure Factor, which is a measure of the percentage of loss that would occur if a specific threat is realized. It represents the extent to which an asset is vulnerable to a particular threat.

Rate this question:
24.

All of the following are common elements of a network design. Which one is the most important?
- A.
  
  Business needs
- B.
  
  Risk analysis
- C.
  
  Security policy
- D.
  
  Security operations
- E.
  
  They are all equally important
Correct Answer
A. Business needs

Explanation
The most important element of a network design is understanding the business needs. This is because the design should align with the goals and objectives of the organization. By considering the business needs, the network design can be tailored to support the specific requirements of the company, such as scalability, performance, and cost-effectiveness. Without understanding the business needs, the network design may not adequately meet the requirements of the organization, leading to inefficiencies and potential issues in the network infrastructure.

Rate this question:
25.

Which of the following makes the end-user community concious of security issues without necessarily giving any in-depth procedural instruction?
- A.
  
  Education
- B.
  
  Training
- C.
  
  Awareness
- D.
  
  Remediation
Correct Answer
C. Awareness

Explanation
Awareness is the correct answer because it refers to the act of making the end-user community conscious of security issues. Unlike education or training, which involve providing in-depth procedural instructions, awareness focuses on raising general knowledge and understanding about security issues without going into specific details. It aims to make individuals aware of potential risks and threats, encouraging them to be vigilant and take necessary precautions without providing step-by-step instructions on how to address each issue. Remediation, on the other hand, refers to the process of fixing or resolving security issues, which is not related to making the end-user community conscious of these issues.

Rate this question:

0
1
26.

What type of threat combines worm, virus and trojan horse characteristics?
- A.
  
  Heuristic threat
- B.
  
  Blended threat
- C.
  
  Morphing threat
- D.
  
  Intergrated threat
Correct Answer
B. Blended threat

Explanation
A blended threat is a type of threat that combines the characteristics of a worm, virus, and trojan horse. This means that it has the ability to spread like a worm, infect and damage files like a virus, and deceive users like a trojan horse. Blended threats are particularly dangerous because they can exploit multiple vulnerabilities and use different attack vectors to compromise systems and networks. They often use social engineering techniques to trick users into executing malicious code, making them difficult to detect and mitigate.

Rate this question:
27.

What are 3 characteristics of a Cisco Self-Defending Network?
- A.
  
  Integrated
- B.
  
  Collaborative
- C.
  
  Autonomous
- D.
  
  Adaptive
Correct Answer(s)
A. Integrated
B. Collaborative
D. Adaptive

Explanation
A Cisco Self-Defending Network has three key characteristics: integrated, collaborative, and adaptive. "Integrated" means that the network components work together seamlessly, sharing information and coordinating their actions to provide comprehensive security. "Collaborative" refers to the network's ability to communicate and cooperate with other security systems and devices, enhancing overall protection. "Adaptive" means that the network can dynamically adjust its security measures based on real-time threats and changing conditions, ensuring continuous defense. These characteristics enable a Cisco Self-Defending Network to effectively detect, prevent, and respond to security threats, making it a robust and reliable solution.

Rate this question:
28.

Which of the following offers a variety of security solutions including firewall, IPS, VPN, Antispyware, Antivirus and Antiphising features?
- A.
  
  Cisco IOS router
- B.
  
  Cisco ASA 5500 series security appliance
- C.
  
  Cisco PIX 500 series security appliance
- D.
  
  Cisco 4200 series IPS appliance
Correct Answer
B. Cisco ASA 5500 series security appliance

Explanation
The Cisco ASA 5500 series security appliance offers a variety of security solutions including firewall, IPS (Intrusion Prevention System), VPN (Virtual Private Network), Antispyware, Antivirus, and Antiphishing features. This appliance is designed to provide comprehensive security for networks, protecting against various threats such as unauthorized access, malware, and phishing attacks. It is a versatile solution that combines multiple security features into a single device, making it an ideal choice for organizations looking for a comprehensive security solution.

Rate this question:
29.

Which of the following arconcidered IOS security features?
- A.
  
  Stateful firewall
- B.
  
  MARS
- C.
  
  IPS
- D.
  
  VRF-aware firewall
- E.
  
  VPN
Correct Answer(s)
A. Stateful firewall
C. IPS
D. VRF-aware firewall
E. VPN

Explanation
The correct answer includes stateful firewall, IPS, VRF-aware firewall, and VPN as considered IOS security features. A stateful firewall is a security device that monitors and controls network traffic based on the state of the connection. IPS (Intrusion Prevention System) is a security technology that actively monitors network traffic to detect and prevent potential threats. VRF-aware firewall is a feature that allows the firewall to operate in a Virtual Routing and Forwarding (VRF) environment, providing enhanced security for virtual networks. VPN (Virtual Private Network) is a secure network connection that allows users to access private networks over a public network, such as the internet.

Rate this question:
30.

Some ISRs include a USB port, into which a flash drive can connect. What are three common uses for the flash drive?
- A.
  
  Storing configuration files
- B.
  
  Storing digital certificates
- C.
  
  Storing copies of the IOS image
- D.
  
  Storing user name/password database
Correct Answer(s)
A. Storing configuration files
B. Storing digital certificates
C. Storing copies of the IOS image

Explanation
A flash drive can be used to store configuration files, digital certificates, and copies of the IOS image. Storing configuration files on a flash drive allows for easy backup and transfer of device configurations. Storing digital certificates on a flash drive is useful for secure authentication and encryption purposes. Storing copies of the IOS image on a flash drive enables easy installation or recovery of the operating system on the device.

Rate this question:
31.

The enable secret password appears as an M5 hash in a router's configuration file, whereas the enable password is not hashed. Why does Cisco still support the use of both enable secret and enable passwords in a routers configuration?
- A.
  
  Because the enable secret is a hash, it cannot be decrypted. Therefore, the enable password is used to matched the password that was entered, and the enable secret is used to verify that the enable password has not been modified since the hash was generated.
- B.
  
  The enable pasword is used for IKE phase I, whereas the enable secret password is used for IKE phase II
- C.
  
  The enable password is concidered to be a routers public key whereas the enable secret password is concidered to be the router's private key
- D.
  
  The enable password is present for backward compatability
Correct Answer
D. The enable password is present for backward compatability
32.

What is an IOS router's default response to multiple failed login attempts after the "security authentication failure" command has been issued?
- A.
  
  The login process is suspened for 10 seconds after 15 unsuccessful login attemps
- B.
  
  The login process is suspened for 15 seconds after 10 unsuccessful login attemps
- C.
  
  The login process is suspened for 30 seconds after 10 unsuccessful login attemps
- D.
  
  The login process is suspened for 10 seconds after 30 unsuccessful login attemps
Correct Answer
B. The login process is suspened for 15 seconds after 10 unsuccessful login attemps

Explanation
After the "security authentication failure" command has been issued, an IOS router's default response to multiple failed login attempts is to suspend the login process for 15 seconds after 10 unsuccessful login attempts.

Rate this question:
33.

What line configuration mode command would you enter to prevent a line (such as a console, aux, or vty line) connection from timing out because of inactivity?
- A.
  
  No service timeout
- B.
  
  Timeout-line none
- C.
  
  Exec-timeout 0 0
- D.
  
  Service timeout default
Correct Answer
C. Exec-timeout 0 0

Explanation
The correct answer is "exec-timeout 0 0". This command sets the timeout for the line to 0 minutes and 0 seconds, effectively disabling the timeout due to inactivity.

Rate this question:
34.

How is a CLI view different from a privilege level?
- A.
  
  A CLI view supports only commands configured for that specific view, whereas a privilege level supports commands available to that level and all the lowwer levels
- B.
  
  A CLI view can function without a AAA configuration, whereas a privilege level requires AAA to be configured
- C.
  
  A CLI view supports only monitoring commands, whereas a privilege level allows a user to make changes to an IOS configuration
- D.
  
  A CLI view and a privilege level perform the same function. However, a CLI view is used on a catalyst switch, whereas a privilege level is used on a IOS router
Correct Answer
A. A CLI view supports only commands configured for that specific view, whereas a privilege level supports commands available to that level and all the lowwer levels

Explanation
A CLI view is a specific configuration that allows a user to access and execute only the commands that are configured for that particular view. On the other hand, a privilege level allows a user to access and execute commands available to that level and all the lower levels. This means that a user with a higher privilege level can access and execute a wider range of commands compared to a user with a CLI view, who is restricted to only the commands configured for that specific view.

Rate this question:
35.

An IOS router's privileged mode, which you can access by entering the enable command followed by the appropriate password, has which privilege level?
- A.
  
  0
- B.
  
  1
- C.
  
  15
- D.
  
  16
Correct Answer
C. 15

Explanation
In an IOS router, the privileged mode is accessed by entering the enable command followed by the appropriate password. This mode has a privilege level of 15. This level allows users to access all router commands and make configuration changes. It is the highest privilege level in IOS routers, granting full administrative control over the device.

Rate this question:
36.

To protect a routers image and configuration against a attackers attemp to erase those files, the Cisco IOS Resilient Configuration feature keeps a secure copy of these files. What are these files called?
- A.
  
  The Bootset
- B.
  
  The configset
- C.
  
  The backupset
- D.
  
  Thebackup-config
Correct Answer
A. The Bootset

Explanation
The files that are kept secure by the Cisco IOS Resilient Configuration feature to protect a router's image and configuration against attackers attempting to erase them are called the Bootset.

Rate this question:
37.

When you configure Cisco IOS login enhancements for virtual connections, what is the "quiet period"?
- A.
  
  The period of time between successive login attempts
- B.
  
  The period of time when no one is attempting to login
- C.
  
  The period of time in which virtual loging attempts are blocked, following repeated failed login attempts
- D.
  
  The period of time in which virtual logins are blocked as security services fully initialize
Correct Answer
C. The period of time in which virtual loging attempts are blocked, following repeated failed login attempts

Explanation
The "quiet period" refers to the period of time in which virtual login attempts are blocked, following repeated failed login attempts. This is a security measure to prevent unauthorized access by blocking further login attempts for a certain duration after multiple failed attempts. During this quiet period, the system restricts any further login attempts from the same source to protect against potential brute-force attacks or unauthorized access.

Rate this question:
38.

In the banner motd # command, what does # represent?
- A.
  
  As ingle text character that will appear as the message of the day
- B.
  
  A delimiter indicating the beginning and the end of a message of the day
- C.
  
  A reference to a system variable that contains a message of the day
- D.
  
  The enable mode prompt from where the message of the day will be entered into the IOS configuration
Correct Answer
B. A delimiter indicating the beginning and the end of a message of the day

Explanation
The correct answer is a delimiter indicating the beginning and the end of a message of the day. In the banner motd command, the # symbol is used to mark the start and end of the message of the day. It helps to separate the message from the rest of the configuration and makes it easier to identify and modify the MOTD.

Rate this question:
39.

What Cisco IOS feature provides a graphical user interface for configuring a wide variety of features on an IOS router and also provides multiple "smart wizards" and configuration tutorials?
- A.
  
  QPM
- B.
  
  SAA
- C.
  
  SMS
- D.
  
  SDM
Correct Answer
D. SDM

Explanation
SDM stands for Security Device Manager, which is a Cisco IOS feature that provides a graphical user interface for configuring a wide variety of features on an IOS router. It also offers multiple "smart wizards" and configuration tutorials, making it easier for users to configure and manage their routers.

Rate this question:
40.

What are two options for running Cisco SDM?
- A.
  
  Running SDM from a router flash
- B.
  
  Running SDM from the Cisco web portal
- C.
  
  Running SDM from within CiscoWorks
- D.
  
  Running SDM from a PC
Correct Answer(s)
A. Running SDM from a router flash
D. Running SDM from a PC

Explanation
SDM (Security Device Manager) is a Cisco tool used for configuring and managing Cisco routers. It can be run from two different options. The first option is running SDM from a router flash, which means accessing and running the SDM software directly from the flash memory of the router. The second option is running SDM from a PC, which involves installing the SDM software on a computer and accessing the router's configuration through a web browser. These two options provide flexibility for users to choose the most convenient method for running SDM based on their specific needs and preferences.

Rate this question:
41.

Which of the following are valid SDM configuration wizards?
- A.
  
  Security Audit
- B.
  
  VPN
- C.
  
  ACS
- D.
  
  NAT
- E.
  
  STP
Correct Answer(s)
A. Security Audit
B. VPN
D. NAT

Explanation
The valid SDM configuration wizards are Security Audit, VPN, and NAT. SDM (Security Device Manager) is a web-based configuration tool for Cisco routers that simplifies the configuration and management of security features. The Security Audit wizard helps in analyzing the security of the router configuration. The VPN wizard assists in setting up virtual private network connections. The NAT wizard is used to configure Network Address Translation, allowing private IP addresses to be translated to public IP addresses for internet access. Therefore, these three wizards are valid options for SDM configuration.

Rate this question:
42.

Which of the following commands is used in global configuration mode to enable AAA?
- A.
  
  AaaEXEC
- B.
  
  Aaa new-model
- C.
  
  Configure aaa-model
- D.
  
  Configure-mdel aaa
Correct Answer
B. Aaa new-model

Explanation
The command "aaa new-model" is used in global configuration mode to enable AAA (Authentication, Authorization, and Accounting) services on a Cisco device. AAA provides a framework for controlling access to network resources and managing user privileges. By enabling AAA with this command, the device will be able to authenticate users, authorize their access to specific resources, and track their activities for accounting purposes.

Rate this question:
43.

How do you define the authentication methos that will be used with AAA?
- A.
  
  With a method list
- B.
  
  With a "method" statemement
- C.
  
  With the "method" command
- D.
  
  With the "method aaa" command
Correct Answer
A. With a method list

Explanation
The authentication method used with AAA is defined with a method list. This list includes the specific authentication methods that will be used for authentication. Each method in the list is applied in a specific order until a successful authentication is achieved.

Rate this question:
44.

Which of the following are authentication methods that may be used with AAA?
- A.
  
  Local
- B.
  
  Remote
- C.
  
  TACACS+
- D.
  
  RADIUS
- E.
  
  IPSec
Correct Answer(s)
A. Local
C. TACACS+
D. RADIUS

Explanation
Authentication methods that may be used with AAA (Authentication, Authorization, and Accounting) include Local, TACACS+, and RADIUS. The Local method refers to authenticating users locally on the device itself. TACACS+ and RADIUS are both remote authentication methods, allowing users to authenticate against a central server. TACACS+ provides separate authentication, authorization, and accounting services, while RADIUS combines these functions into a single protocol. IPSec, on the other hand, is not an authentication method but a security protocol used for encrypting and authenticating IP packets.

Rate this question:
45.

To configure accounting in AAA, from which mode should the aaa accounting command be issued?
- A.
  
  Privileged EXEC
- B.
  
  Command mode
- C.
  
  Global configuration
- D.
  
  Admin EXEC
Correct Answer
C. Global configuration

Explanation
The aaa accounting command should be issued from the Global configuration mode in order to configure accounting in AAA. This mode allows the user to make changes to the global configuration of the device, including enabling and configuring AAA accounting. By issuing the command in this mode, the user can specify the accounting parameters and settings that will be applied to all users and services on the device.

Rate this question:
46.

What does the aaa authentication login console-in local command do?
- A.
  
  It specifies the login authorization method list console-in using the local username-password database on the router.
- B.
  
  It specifies the login authorization list console-in using the local username-password database on the router.
- C.
  
  It specifies the login authorization method list console-in using the local user database on the router
- D.
  
  It specifies the login authorization method list console-in using the local RADIUS username-password database
Correct Answer
C. It specifies the login authorization method list console-in using the local user database on the router

Explanation
The correct answer is "It specifies the login authorization method list console-in using the local user database on the router." This command is used to configure the router to authenticate users attempting to log in to the console using the local user database. The "aaa authentication login" command is used to specify the authentication method, and in this case, it is set to "local" which means the router will use its own local user database for authentication. The "console-in" parameter specifies the method list to be used for console login.

Rate this question:
47.

Which command should be used to enable AAA authetication to determine if a user can access the privilege command level?
- A.
  
  Aaa authentication enable level
- B.
  
  Aaa authentication enable method default
- C.
  
  Aaa authentication enable default local
- D.
  
  Aaa authentication enable default
Correct Answer
D. Aaa authentication enable default

Explanation
The command "aaa authentication enable default" should be used to enable AAA authentication to determine if a user can access the privilege command level. This command specifies the default authentication method to be used for enabling privileged commands. By using the "default" keyword, it ensures that the default authentication method is applied. The "local" keyword specifies that the authentication should be performed locally on the device.

Rate this question:
48.

Which of the following are features provided by Cisco Secure ACS 4.0 for windows?
- A.
  
  Cisco NAC support
- B.
  
  IPsec support
- C.
  
  Network access profiles
- D.
  
  NTVLM profiles
- E.
  
  Machine access restrictions
Correct Answer(s)
A. Cisco NAC support
C. Network access profiles
E. Machine access restrictions

Explanation
Cisco Secure ACS 4.0 for Windows provides several features. One of the features is Cisco NAC support, which allows the ACS to integrate with Cisco Network Admission Control for network access control. Another feature is network access profiles, which are used to define access policies for different types of users or devices. Additionally, machine access restrictions are provided, allowing administrators to restrict access based on the characteristics of the connecting machine.

Rate this question:
49.

Which of the following browsers are supported for use with Cisco Secure ACS?
- A.
  
  Opera 9.2
- B.
  
  Microsoft Internet Explorer 6 with SP1
- C.
  
  Netscape 7.1
- D.
  
  Firefox 2.0
- E.
  
  Netscape 7.2
Correct Answer(s)
B. Microsoft Internet Explorer 6 with SP1
C. Netscape 7.1
E. Netscape 7.2

Explanation
The supported browsers for use with Cisco Secure ACS are Microsoft Internet Explorer 6 with SP1, Netscape 7.1, and Netscape 7.2. These browsers have been tested and confirmed to be compatible with Cisco Secure ACS. Opera 9.2 and Firefox 2.0 are not listed as supported browsers, so they may not work properly or have not been tested for compatibility.

Rate this question:
50.

Which of the following ports are used with RADIUS authentication and authorization?
- A.
  
  UDP port 2000
- B.
  
  TCP port 2002
- C.
  
  UDP port 1645
- D.
  
  TCP port 49
- E.
  
  UDP port 1812
Correct Answer(s)
C. UDP port 1645
E. UDP port 1812

Explanation
RADIUS (Remote Authentication Dial-In User Service) is a protocol used for authentication, authorization, and accounting of remote network users. It operates over both UDP and TCP protocols. UDP port 1645 is used for authentication, while UDP port 1812 is used for accounting. TCP port 49 is used for RADIUS accounting, not authentication or authorization. Therefore, the correct answer is UDP port 1645 and UDP port 1812.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 22, 2023

Quiz Edited by
ProProfs Editorial Team
Nov 26, 2009

Quiz Created by
Kweglar

CCNA Security Part 1

What are the three primary goals of network security?

Where do most attacks on an organization's computer resources originate?

The U.S government places classified data into which classes?

Cisco defines 3 catagories of security controls: administrative, physical and technical. Individual controls within these catagories can be further classifies as what 3 specific types of controls?

Litigators typicall require 3 of the following elements to present an effective argument when prosecuting information security violations?

Which type of law typically involves the enforcement of regulations by government agencies?

Which of the following is a weakness in an information system that an attacker might leverage to gain unauthorized access to the system or data on the system?

What type of hacker attempts to hack telephony systems?

Which of the following is a method of gaining access to a system that bypasses normal security measures?

What security design philosophy uses a layered approach to eliminate single points of failure and provide overlapping protection?

What are 2 types of IP spoffing attacks?

What term refers to the electromagnetic interference (EMI) that can radiate from network cables?

What kind of intergrity attack is a collection of small attacks the result in a larger attack when combined?

Which of the following best describes a smurf attack?

Which of the following are Cisco best practice recommendations for securing a network?

What are the 5 phases of the system development life cycle (SDLC)? choose 5

Which of the following attemps to ensure that no one employee becomes a pervasive security threat, that data can be recovered from backups and the information system changes do not compromise a sytem's security?

Which of the following are network evaluation techniques?

What are 3 phases of disaster recovery?

Which of the following is a continually changing document that dictates a set of guidelines for network use?

Which security policy component contains mandatory practices ( as opposed to recommendations or step-by-step instructions)?

Which 3 individuals are most likely to be intimately involved with the creation of a security policy?

The following formula can be used to calculate annualized loss expectancy:ALE= AV*EF*AROWhich componenet of the formula represents the percentage of loss of an asset that is experience if an anticipated threat occurs?

All of the following are common elements of a network design. Which one is the most important?

Which of the following makes the end-user community concious of security issues without necessarily giving any in-depth procedural instruction?

What type of threat combines worm, virus and trojan horse characteristics?

What are 3 characteristics of a Cisco Self-Defending Network?

Which of the following offers a variety of security solutions including firewall, IPS, VPN, Antispyware, Antivirus and Antiphising features?

Which of the following arconcidered IOS security features?

Some ISRs include a USB port, into which a flash drive can connect. What are three common uses for the flash drive?

The enable secret password appears as an M5 hash in a router's configuration file, whereas the enable password is not hashed. Why does Cisco still support the use of both enable secret and enable passwords in a routers configuration?

What is an IOS router's default response to multiple failed login attempts after the "security authentication failure" command has been issued?

What line configuration mode command would you enter to prevent a line (such as a console, aux, or vty line) connection from timing out because of inactivity?

How is a CLI view different from a privilege level?

An IOS router's privileged mode, which you can access by entering the enable command followed by the appropriate password, has which privilege level?

To protect a routers image and configuration against a attackers attemp to erase those files, the Cisco IOS Resilient Configuration feature keeps a secure copy of these files. What are these files called?

When you configure Cisco IOS login enhancements for virtual connections, what is the "quiet period"?

In the banner motd # command, what does # represent?

What Cisco IOS feature provides a graphical user interface for configuring a wide variety of features on an IOS router and also provides multiple "smart wizards" and configuration tutorials?

What are two options for running Cisco SDM?

Which of the following are valid SDM configuration wizards?

Which of the following commands is used in global configuration mode to enable AAA?

How do you define the authentication methos that will be used with AAA?

Which of the following are authentication methods that may be used with AAA?

To configure accounting in AAA, from which mode should the aaa accounting command be issued?

What does the aaa authentication login console-in local command do?

Which command should be used to enable AAA authetication to determine if a user can access the privilege command level?

Which of the following are features provided by Cisco Secure ACS 4.0 for windows?

Which of the following browsers are supported for use with Cisco Secure ACS?

Which of the following ports are used with RADIUS authentication and authorization?

The following formula can be used to calculate annualized loss expectancy:ALE= AVEFAROWhich componenet of the formula represents the percentage of loss of an asset that is experience if an anticipated threat occurs?