Author: CCNA Security

CCNA Security Chapter 5 Exam Answers What is the purpose in configuring an IOS IPS crypto key when enabling IOS IPS on a Cisco router? to secure the IOS image in flash to enable Cisco Configuration Professional to be launched securely to encrypt the master signature file to verify the digital signature for the master signature file* The crypto key verifies the digital signature for the master signature file (sigdef-default.xml). The content of the file is signed by a Cisco private key to guarantee its authenticity and integrity. Refer to the exhibit. What is the result of issuing the Cisco…

CCNA Security Chapter 4 Exam Answers Which statement describes a typical security policy for a DMZ firewall configuration? Traffic that originates from the inside interface is generally blocked entirely or very selectively permitted to the outside interface. Traffic that originates from the DMZ interface is selectively permitted to the outside interface.* Traffic that originates from the outside interface is permitted to traverse the firewall to the inside interface with few or no restrictions. Return traffic from the inside that is associated with traffic originating from the outside is permitted to traverse from the inside interface to the outside interface. Return…

CCNA Security Chapter 3 Exam Answers [alert-note]NOTE: If you have the new question on this test, please comment Question and Multiple-Choice list in form below this article. We will update answers for you in the shortest time. Thank you! We truly value your contribution to the website.[/alert-note] Refer to the exhibit. Router R1 has been configured as shown, with the resulting log message. On the basis of the information that is presented, which two statements describe the result of AAA authentication operation? (Choose two.) The locked-out user stays locked out until the clear aaa local user lockout username Admin command…

CCNA Security Chapter 2 Exam Answers Which three areas of router security must be maintained to secure an edge router at the network perimeter? (Choose three.) remote access security zone isolation router hardening* operating system security* flash security physical security* There are three areas of router security to maintain: 1) physical security 2) router hardening 3) operating system security Which recommended security practice prevents attackers from performing password recovery on a Cisco IOS router for the purpose of gaining access to the privileged EXEC mode? Locate the router in a secure locked room that is accessible only to authorized personnel.*…

CCNA Security Chapter 1 Exam Answers What causes a buffer overflow? launching a security countermeasure to mitigate a Trojan horse sending repeated connections such as Telnet to a particular device, thus denying other data sources. downloading and installing too many software updates at one time attempting to write more data to a memory location than that location can hold* sending too much information to two or more interfaces of the same device, thereby causing dropped packets By sending too much data to a specific area of memory, adjacent memory locations are overwritten, which causes a security issue because the program…