Author: CCNA Security

Which IETF standard defines the PKI digital certificate format? X.500 X.509 * LDAP SSL/TLS Which two statements correctly describe certificate classes used in the PKI? (Choose two.) A class 0 certificate is for testing purposes. * A class 0 certificate is more trusted than a class 1 certificate. The lower the class number, the more trusted the certificate. A class 5 certificate is for users with a focus on verification of email. A class 4 certificate is for online business transactions between companies. * Alice and Bob want to use a CA authentication procedure to authenticate each other. What must…

Which component of AAA allows an administrator to track individuals who access network resources and any changes that are made to those resources? Accessibility Accounting * Authentication Authorization Which of the following offers a free service called Automated Indicator Sharing that enables the real-time exchange of cyberthreat indicators? FireEye Department of Homeland Security * The MITRE Corporation Talos The security policy of an organization allows employees to connect to the office intranet from their homes. Which type of security policy is this? Acceptable use Incident handling Network maintenance Remote access * During the AAA process, when will authorization be implemented?…

In what type of attack is a cybercriminal attempting to prevent legitimate users from accessing network services? DoS * MITM Session hijacking Address spoofing Which network monitoring technology collects IP operational data on packets flowing through Cisco routers and multilayer switches? SNMP SIEM NetFlow * Wireshark What are two monitoring tools that capture network traffic and forward it to network monitoring devices? (Choose two.) SPAN network tap SNMP SIEM Wireshark Which technology is an open source SIEM system? Wireshark StealWatch Splunk ELK What network attack seeks to create a DoS for clients by preventing them from being able to obtain…

A network administrator detects unknown sessions involving port 21 on the network. What could be causing this security breach? An FTP Trojan horse is executing. * A reconnaissance attack is occurring. A denial-of-service attack is occurring. Cisco Security Agent is testing the network. Which example illustrates how malware might be concealed? A botnet of zombies carry personal information back to the hacker. An attack is launched against the public website of an online retailer with the objective of blocking its response to visitors. A hacker uses techniques to improve the ranking of a website so that users are redirected to…

Which network service synchronizes the time across all devices on the network? NetFlow Syslog NTP * SNMP Which network service allows administrators to monitor and manage network devices? NTP SNMP * Syslog NetFlow What are two types of addresses found on network end devices? (Choose two.) UDP return IP TCP MAC Which OSI layer header is rewritten with new addressing information by a router when forwarding between LAN segments? Layer 2 Layer 3 Layer 4 Layer 7 Which wireless parameter is used by an access point to broadcast frames that include the SSID? passive mode security mode channel setting active…

If the default gateway is configured incorrectly on the host, what is the impact on communications? The host is unable to communicate on the local network. There is no impact on communications. The host can communicate with other hosts on remote networks, but is unable to communicate with hosts on the local network. The host can communicate with other hosts on the local network, but isunable to communicate with hosts on remote networks. * Which message delivery option is used when all devices need to receive the same message simultaneously? Duplex Unicast Multicast Broadcast * How is a DHCPDISCOVER transmitted…

Which method can be used to harden a computing device? Allow USB auto-detection. Force periodic password changes. * Allow default services to remain enabled. Update patches on a strict annual basis irrespective of release date. Consider the result of the ls -l command in the Linux output below. What are the group file permissions assigned to the analyst.txt file? Click here to view code image ls -l analyst.txt -rwxrw-r– sales staff 1028 May 28 15:50 analyst.txt Read only Read, write * Full access Read, write, execute Which two methods can be used to harden a computing device? (Choose two.) Allow…

Two pings were issued from a host on a local network. The first ping was issued to the IP address of the default gateway of the host and it failed. The second ping was issued to the IP address of a host outside the local network and it was successful. What is a possible cause for the failed ping? The default gateway device is configured with the wrong IP address. The TCP/IP stack on the default gateway is not working properly. The default gateway is not operational. Security rules are applied to the default gateway device, preventing it from processing…

What is cyberwarfare? It is an attack only on military targets. It is an attack on a major corporation. It is an attack that only involves robots and bots. It is an attack designed to disrupt, corrupt, or exploit national interests. * Which statement describes cyberwarfare? Cyberwarfare is an attack carried out by a group of script kiddies. It is a series of personal protective equipment developed for soldiers involved in nuclear war. It is simulation software for Air Force pilots that allows them to practice under a simulated war scenario. It is Internet-based conflict that involves the penetration of…