Muy buenas msaenzbo he encontrado esto por la red compruebalo por que creo que puede ser el final, estoy a punto de acabar podrias subir el 7,9 y 10 .Perdonar por subirlo asi no se hacerlo para que suba en 1 doc
1) What are three major functions performed by the security management subsystem, CiscoWorks VMS? (Choose three.)
a) to manage access control lists for Cisco PIX Security Appliances
b) to enforce access control policies between two processes running on a server
c) to capture and analyze network traffic, and respond to network intrusions
d) to identify sensitive network resources
e) to respond to first-stage denial of service network attacks
f) to monitor and log access to network resources
2) The Security Wheel promotes a continuous process to retest and reapply updated security measures. What is the core or “hub†component of the Security Wheel?
a) testing policy
b) monitor
c) improve
d) security policy
3) A network administrator has just completed security training and has decided to change from HIDS to HIPS to protect hosts. Which of these would be a major advantage gained from the change?
HIPS does not require host-based client software.
HIPS would prevent the need to update signature files as often.
HIPS would be able to prevent intrusions.
HIPS would consume fewer system resources.
4) XYZ Company recently adopted software for installation on critical servers that will detect malicious attacks as they occur. In addition, the software will stop the execution of the attacks and send an alarm to the network administrator. Which technology does this software utilize?
host-based intrusion detection
host-based intrusion protection
host-based intrusion prevention
host-based intrusion notification
5) Which privilege level has the most access to the Cisco IOS?
level 0
level 1
level 7
level 15
level 16
level 20
6) A security team is charged with hardening network devices. What must be accomplished first before deciding how to configure security on any device?
Audit all relevant network devices.
Document all router configurations.
Create or update security policies.
Complete a vulnerability assessment.
7) Which command will encrypt all passwords in the router configuration file?
enable secret
password encrypt all
enable password-encryption
service password-encryption
no clear-text password
Which two steps are necessary to ensure that your HIDS and HIPS do not miss any exploits? (Choose two.)
upgrade the HIDS and HIPS software as new versions are released
perform periodic vulnerability assessment
monitor alerts and logs
update signatures on a regular basis
ensure that all security patches are loaded on the host machine
9) Which command sets the inactivity timer, for a particular line or group of lines, to four minutes and fifteen seconds?
router(config)# line-timeout 4 15
router(config-line)# line-timeout 4 15
router(config-line)# exec-timeout 255
router(config-line)# timeout 255
router(config-line)# exec-timeout 4 15
router(config-line)# line-timeout 255
10) Real-time intrusion detection occurs at which stage of the Security Wheel?
securing stage
monitoring stage
testing stage
improvement stage
reconnaissance stage
11) Which router command will result in the router only accepting passwords of 16 characters or more?
service password-encryption
enable secret min-length 16
security passwords min-length 16
security passwords max-length 16
12) Why does SSH provide better security than Telnet?
SSH compresses data while Telnet does not compress data.
SSH encrypts data with private key while Telnet uses public key.
SSH encrypts data while Telnet uses clear text in transmitting data.
SSH encrypts data with public key while Telnet uses hashing algorithm.
13) Which encryption type uses the MD5 hash algorithm?
Type 0
Type 1
Type 5
Type 7
14) What is the effect of applying this command to a Cisco router?
router(config)# no service finger
UNIX commands are disabled on the router.
All TCP/IP services are disabled.
PING usage is disabled.
Users logged into the router remotely will not be able to see if other users are logged into the router.
15) A partial router configuration is shown in the graphic. The network administrator adds the following command at the router prompt.
router(config)# security passwords min-length 10
Which of the following is correct?
The current password will continue to be used as a valid password until changed.
No password is required.
The current password is invalid and will not allow a login.
A password that is at least ten characters long must immediately be implemented for a successful login.
16) Which two objectives must a security policy accomplish? (Choose two.)
provide a checklist for the installation of secure servers
describe how the firewall must be configured
document the resources to be protected
identify the security objectives of the organization
identify the specific tasks involved in hardening a router
17) On a Monday morning, network engineers notice that the log files on the central server are larger than normal. Examining the log reveals that the majority of the entries are from sensors deployed on the perimeter of the network. The logs reveal that a worm attack was successfully stopped by the perimeter devices. Based on this information, which of these technologies is this company using?
NIDS using passive technology
HIPS using passive technology
NIDS using active technology
HIDS using passive technology
HIPS using active technology
18) After providing for all operational requirements of the network, the network support team has determined that the servers should be hardened against security threats so that the network can operate at full potential. At which stage of the network life cycle does server hardening occur?
planning
design
implementation
operation
optimization
19) A network administrator installs a new stateful firewall. Which type of security solution is this?
secure connectivity
threat defense
policy enforcement
trust and identity
authentication
20) MD5 can be used for authenticating routing protocol updates for which three protocols? (Choose three.)
RIPv1
RIPv2
IGRP
EIGRP
BGP
21) The network administrator of company XYZ likes to secure routers by disabling the password recovery procedure for anyone who gains physical access to the router. Which command would be used to achieve this goal?
router(config)# no rommon-mode
router(config)# no password-recovery
router(config)# no service password-recovery
router(config)# no rommon-password recovery
22) Which configuration will allow an administrator to access the console port using a password of password?
router(config)# line aux 0
router(config-line)# login
router(config-line)# password password
router(config)# line console 0
router(config-line)# login
router(config-line)# password password
router(config)# line console 0
router(config-line)# password password
router(config)# line console 0
router(config-line)# access
router(config-line)# password password
router(config)# line vty 0
router(config-line)# password password
router(config)# line vty 0
router(config-line)# access
router(config-line)# password password
