SEC 450 Final Examination Answers
Follow
Below Link to Download Tutorial
Question 1. 1. (TCO 1) The component of network security that ensures that authorized users have access to data and network resources is _____. (Points : 6)
data integrity
data confidentiality
data and system availability
data and user authentication
Question 2. 2. (TCO 1) The type of security control that makes use of firewalls is called _____. (Points : 6)
administrative
physical
technical
clerical
Question 3. 3. (TCO 2) To configure a role-based CLI on a Cisco router, the first command to enter in privileged mode is _____. (Points : 6)
parser view
view enable
enable view
config view
super view
Question 4. 4. (TCO 2) The show running-config output can be modified using all of the following pipes except for _____. (Points : 6)
| begin
| end
| include
| exclude
Question 5. 5. (TCO 3) Which of the following is the default number of MAC addresses allowed when you execute the switchport port-security command on a switch port? (Points : 6)
Zero
One
Two
Three
Question 6. 6. (TCO 3) Which switch feature causes a port to skip the listening and learning states, causing the port to enter the forwarding state very quickly? (Points : 6)
fastport
portfast
enablefast
portforward
Question 7. 7. (TCO 4) With zone-based firewalls, which of the following is used to specify actions to be taken when traffic matches a criterion? (Points : 6)
Zones
Class maps
Policy maps
Zone pairs
Question 8. 8. (TCO 4) Which type of access list uses rules placed on the interface where allowed traffic initiates and permits return traffic for TCP, UDP, SMTP, and other protocols? (Points : 6)
Established
Lock and key
Reflexive
CBAC
Question 9. 9. (TCO 5) Which AAA server protocol offers support for ARAP and NETBEUI protocols as well as IP? (Points : 6)
CSACS
RADIUS
OpenACS
TACACS+
Question 10. 10. (TCO 5) Which of the following is not considered a component of AAA? (Points : 6)
Authentication
Authorization
Accounting
Administration
Question 11. 11. (TCO 6) The Cisco IOS command that will display all current IKE security associations (SAs) is _____. (Points : 6)
show crypto ipsec
show crypto isakmp
show crypto ipsec sa
show crypto isakmp sa
show crypto ike sa
Question 12. 12. (TCO 6) The Cisco IOS firewall crypto isakmp policy mode command that will set the isakmp security association lifetime is _____. (Points : 6)
lifetime {days}
lifetime {seconds}
set lifetime {days}
set lifetime {seconds}
Question 13. 13. (TCO 7) Cisco routers implementing IPS can save IPS events in a Syslog server by executing which of the following commands? (Points : 6)
ip ips log {IP Address}
ip ips notify syslog
ip ips notify log
ip ips notify sdee
Question 14. 14. (TCO 7) Which of the following is not an action that can be performed by the IOS firewall IDS router when a packet or packet stream matches a signature? (Points : 6)
Drop the packet immediately.
Send an alarm to the Cisco IOS designated Syslog server.
Set the packet reset flag and forward the packet through.
Block all future data from the source of the attack for a specified time.
Question 15. 15. (TCO 1) Explain how to mitigate a Smurf attack. (Points : 24)
Question 16. 16. (TCO 2) Type the global configuration mode and line configuration mode commands that are required to secure the VTY lines 0 through 15 to use the local username admin with the encrypted password adminpass for remote Telnet or SSH log-ins to the Cisco router. (Points : 24)
Question 17. 17. (TCO 3) What are at least two best practices that should be implemented for unused ports on a Layer 2 switch for switch security? (Points : 24)
Question 18. 18. (TCO 4) Given the commands shown below and assuming F0/0 is the inside interface of the network, explain what this ACL does.
access-list 100 permit tcp any any eq 80 time-range MWF
time-range MWF
periodic Monday Wednesday Friday 8:00 to 17:00
time-range
absolute start 00:00 30 Sept 2014 end 01:00 30 Sept 2014
int f0/0
ip access-group 100 in Correct Answer: (Points : 24)
Question 19. 19. (TCO 5) Type two global configuration mode commands that enable AAA authentication and configure a default log-in method list. Use a TACACS+ server first, then a local username and password, and finally the enable password. (Points : 24)
Question 20. 20. (TCO 6) Discuss the data encryption algorithms DES and 3DES. Discuss the key lengths, and rank the algorithms in order of best security. (Points : 24)
Question 21. 21. (TCO 7) Explain the two benefits of Cisco IPS version 5.x signature format over the Cisco IPS version 4.x signature format. (Points : 22)
Comments
Post a Comment
Homework Lance write high-quality sample essays, term papers, research papers, thesis papers, dissertations, book reviews,nbook reports, speeches, assignments, business papers, Human Resource Management Papers, Accounting Papers, Essay Writing and custom web content
We do custom work 100% original and plagiarism free .If you need help in any assignment just send us requirements with time limit ,we will quote a price and after your confirmation ,we start working on your assignment .An original work ready for submission provided to you . Email us your requirements.
Order us at: ( https://homeworklance.com/homework-answers )
Email us at: ( info.homeworklance@gmail.com )
Advantages of Using Our Service:
A chance to make your studies easier.
Get all your requirements met on time.
Experienced writers from all over the world, proficient in many disciplines.
24/7 support from our team, both the writers and supporters are here for you.
Plagiarism free writing
Advanced Writing
Affordable Pricing
On-time Delivery
Admin
https://homeworklance.com/