Professional Documents
Culture Documents
Network Defense (NetDef) Course Final Exam Answers
Network Defense (NetDef) Course Final Exam Answers
Network Defense (NetDef) Course Final Exam Answers
Grammarly Learn Mo
IT Questions Bank IOS Command List CCNA » CCNA Security v2.0 » Cybersecurity »
CCNA 1 - Pretest
CCNA 1 - Chapter 1
CCNA 1 - Chapter 2
CCNA 1 - Chapter 3
CCNA 1 - Chapter 4
CCNA 1 - Chapter 5
CCNA 1 - Chapter 6
CCNA 1 - Chapter 7
49
CCNA 1 - Chapter 8
CCNA 1 - Chapter 9
CCNA 1 - Chapter 11
Network Defense (NetDef) Course Final Exam CCNA 1 PT Practice Skills
NOTE: If you have the new question on this test, please comment
Question and Multiple-Choice list in form below this article. We will Related Posts
update answers for you in the shortest time. Thank you! We truly 4.8.2 Access Control Lists Quiz Answers
value your contribution to the website.
1.4.2 Module 1: Understanding Defense Quiz
Answers
used, layers of security are placed through the organization-at the edge,
within the network, and on endpoints. The layers work together to create
the security architecture. In this environment, a failure of one safeguard
does not affect the effectiveness of other safeguards.
internal router
edge router
host
firewall
Recent Comments
coco on CCNA 3 – ENSA Practice PT Skills
Network Defense (NetDef) Course Final Exam Assessment (PTSA) Answers
packet 49
capture application Wireshark Dan on Lab 11: Configuring Advanced Static
Switch Access Port Security
host-based intrusion detection system OSSEC
John on CCNA (200-301) Certification
Close high-level cybersecurity analysis console Sguil Practice Exam Answers (ENSA v7.0)
Apply Now
5. In a comparison of biometric systems, what is the crossover error Ad By Coast Capital Savings
rate?
49
Close
10. Which two features are included by both TACACS+ and RADIUS
protocols? (Choose two.)
11. Refer to the exhibit. A router has an existing ACL that permits all
traffic from the 172.16.0.0 network. The administrator attempts to add a
new ACE to the ACL that denies packets from host 172.16.0.1 and
receives the error message that is shown in the exhibit. What action can
the administrator take to block packets from host 172.16.0.1 while still
permitting all other traffic from the 172.16.0.0 network?
Create a second access list denying the host and apply it to the same
interface.
Manually
49 add the new deny ACE with a sequence number of 15.
Manually add the new deny ACE with a sequence number of 5.
Add a deny any any ACE to access-list 1.
Close
Explanation: Because the new deny ACE is a host address that falls
within the existing 172.16.0.0 network that is permitted, the router rejects
the command and displays an error message. For the new deny ACE to
take effect, it must be manually configured by the administrator with a
sequence number that is less than 10.
14. What are two differences between stateful and stateless firewalls?
(Choose two.)
Close A stateless firewall is able to filter sessions that use dynamic port
negotiations while a stateful firewall cannot.
A stateless firewall will examine each packet individually while a
stateful firewall observes the state of a connection.
stateless firewall provides more stringent control over security than a
stateful firewall.
A stateless firewall will provide more logging information than a stateful
firewall.
A stateful firewall will prevent spoofing by determining whether
packets belong to an existing connection while a stateless firewall
follows pre-configured rule sets.
Stateful firewalls:
are often used as a primary means of defense by filtering unwanted,
unnecessary, or undesirable traffic
strengthen packet filtering by providing more stringent control over
security
improve performance over packet filters or proxy servers
defend against spoofing and DoS attacks by determining whether
packets belong to an existing connection or are from an
unauthorized source
provide more log information than a packet filtering firewall
15. Which statement describes a typical security policy for a DMZ
firewall configuration?
stateless firewall
application gateway firewall
stateful firewall
packet filtering firewall
17. What is the result in the self zone if a router is the source or
destination of traffic?
World-class AI
writing.
30M people use Gramm
write sharper and work
free today.
Grammarly
49
Only traffic that is destined for the router is permitted.
Only traffic that originates in the router is permitted.
No traffic is permitted.
Close All traffic is permitted.
Explanation: All traffic is permitted in the self zone if the traffic
originates from, or is destined for, the router.
World-class AI
writing.
Grammarly
network control
customer endpoints
application
data
identity management
Explanation: Hosting software development and distribution processes
is an example of the PaaS model. In the shared security responsibility
model, the cloud customer is responsible for data and endpoints
security.
24. A company implements a security policy that ensures that a file sent
from the headquarters office to the branch office can only be opened
with a predetermined code. This code is changed every day. Which two
algorithms can be used to achieve this task? (Choose two.)
MD5 49
AES
SHA-1
HMAC
Close 3DES
Explanation: The task to ensure that only authorized personnel can
open a file is data confidentiality, which can be implemented with
encryption. AES and 3DES are two encryption algorithms. HMAC can be
used for ensuring origin authentication. MD5 and SHA-1 can be used to
ensure data integrity.
CRL
OCSP
subordinate CA
LDAP
DNS
26. Before data is sent out for analysis, which technique can be used to
replace sensitive data in nonproduction environments to protect the
underlying information?
steganography
steganalysis
software obfuscation
49
data masking substitution
ACL
VPN
NAT
syslog
HTTPS
DNS
HTML
DHCP
HTTP
29. How can IMAP be a security threat to a company?
World-class AI
writing.
30M people use Gramm
write sharper and work
free today.
49
Grammarly
Close
It can be used to encode stolen data and send to a threat actor.
An email can be used to bring malware to a host.
Encrypted data is decrypted.
Someone inadvertently clicks on a hidden iFrame.
30. Refer to the exhibit. Which technology generated the event log?
web proxy
syslog
Netflow
Wireshark
31. Which two tools have a GUI interface and can be used to view and
analyze full packet captures? (Choose two.)
49
Wireshark
Splunk
Cisco Prime Network Analysis Module
Close nfdump
tcpdump
Explanation: The Network Analysis Module of the Cisco Prime
Infrastructure system and Wireshark have GUI interfaces and can
display full packet captures. The tcpdump tool is a command-line packet
analyzer.
false positive
true negative
true positive
false negative
false positive
true positive
false negative
true negative
RAID 549
RAID 0
RAID 1
RAID 6
Close
World-class AI
writing.
30M people use Gramm
write sharper and work
free today.
Grammarly
Telnet
WPA
SSH
SCP
41. A company has a file server that shares a folder named Public. The
network security policy specifies that the Public folder is assigned
Read-Only rights to anyone who can log into the server while the Edit
rights are assigned only to the network admin group. Which component
is addressed in the AAA network service framework?
49
Close
automation
authorization
accounting
authentication
echo request
echo reply
time-stamp reply
time-stamp request
router advertisement
43. Which two statements describe the effect of the access control list
wildcard mask 0.0.0.15? (Choose two.)
___
unreachable
source quench
echo-reply
echo
46. When ACLs are configured to block IP address spoofing and DoS
flood attacks, which ICMP message should be allowed both inbound
49
and outbound?
source quench
echo
Close unreachable
echo reply
Explanation: Source quench ICMP messages provide the ability to have
the sender throttle down the rate of messages when necessary. These
messages should be allowed through the firewall in both inbound and
outbound directions.
47. What are two elements that form the PRI value in a syslog message?
(Choose two.)
header
timestamp
facility
severity
hostname
48. Which two options are network security monitoring approaches that
use advanced analytic techniques to analyze network telemetry data?
(Choose two.)
NBAD
NBA
IPFIX
Snorby
Sguil
NetFlow
Explanation: Network behavior analysis (NBA) and network behavior
anomaly detection (NBAD) are approaches to network security
monitoring that use advanced analytical techniques to analyze NetFlow
or IPFIX network telemetry data.
49
Close
World-class AI
writing.
30M people use Gramm
write sharper and work
free today.
Grammarly
49
Close
51. What are two physical security precautions that a business can take
to protect its computers and systems? (Choose two.)
49
Close
salting
AES
MD5
HMAC
54. Which two keywords can be used in an access control list to replace
a wildcard mask or address and wildcard mask pair? (Choose two.)
any
gt
some
all
host
most
55. What is the function of the pass action on a Cisco IOS Zone-Based
Policy Firewall?
49
tracking the state of connections between zones
inspecting traffic between zones for traffic control
logging of rejected or dropped packets
Close forwarding traffic from one zone to another
56. Which statement describes the threat to a public cloud due to a poor
cloud security architecture strategy?
World-class AI
writing.
30M people use Gramm
write sharper and work
free today.
Grammarly
when a cloud customer does not have full visibility into the cloud services
when user accounts or access privileges are not properly secured and
are hijacked by threat actors
when a cloud customer employee, contractor, or business partner
maliciously or unintentionally compromise the cloud service
when the shared security responsibilities between a cloud
customer and cloud provider are not implemented correctly
security logs
application logs
setup logs
system logs
vulnerability management
risk management
asset management
configuration management
60. What are two uses of an access control list? (Choose two.)
49
Close
Get 1TB Storag
- $8
Now Consolidate All You
Photos & Videos To One
Photobucket.
Photobucket
ACLs can permit or deny traffic based upon the MAC address originating
on the router.
Standard ACLs can restrict access to specific applications and ports.
ACLs can control which areas a host can access on a network.
ACLs assist the router in determining the best path to a destination.
ACLs provide a basic level of security for network access.
61. When implementing a ZPF, what is the default security setting when
forwarding traffic between two interfaces in the same zone?
Traffic between interfaces in the same zone is not subject to any
policy and passes freely.
Traffic between interfaces in the same zone is blocked.
Traffic between interfaces in the same zone is selectively forwarded
based on Layer 3 information.
Traffic between interfaces in the same zone is selectively forwarded
based on the default policy restrictions.
62.
Close You have been asked to implement a data integrity program to
protect data files that need to be electronically downloaded by the sales
staff. You have decided to use the strongest hashing algorithm
available on your systems. Which hash algorithm would you select?
AES
SHA-1
SHA-256
MD5
Explanation: MD5 and SHA are the two most popular hashing
algorithms. SHA-256 uses a 256-bit hash, whereas MD5 produces a
128-bit hash value.
64. Which network logs contain information that a security analyst can
use to determine if packets received from the web are in response to
legitimate requests or are part of an exploit?
NetFlow logs
content filter logs
NBAR logs
proxy logs
65. Why can ACLs give a false sense of security if overly relied upon as
49
a network security technology?
Photobucket
69. Which two statements describe the effects of the access control list
wildcard
Close mask 0.0.0.31? (Choose two.)
Bro
ELK
CapME
Sguil
71. Which term describes the ability of a web server to keep a log of the
users who access the server, as well as the length of time they use it?
assigning permissions
authentication
accounting
authorization
Write sharper in
seconds.
49
Grammarly
Close
49
Explanation: The sid field in a Snort alert message indicates the Snort
security rule that is triggered.
Close
74. What does it indicate if the timestamp in the HEADER section of a
syslog message is preceded by a period or asterisk symbol?
75. A SOHO office is using a public cloud provider to host their website.
The IT technician is choosing an approach to protect transaction data
between the website and visitors from the internet. Which type of
encryption key management method should the technician choose?
Any interface can be configured with both a ZPF and an IOS Classic
Firewall.
Policies are applied to unidirectional traffic between zones.
Virtual and physical interfaces are put in different zones to enhance
security.
Policies are defined exclusively with ACLs.
Policies provide scalability because they are easy to read and
troubleshoot.
Explanation:
49 There are several benefits of a ZPF:
– It is not dependent on ACLs.
– The router security posture is to block unless explicitly allowed.
– Policies are easy to read and troubleshoot. This provides scalability
Close
because one policy affects any given traffic, instead of needing multiple
ACLs and inspection actions for different types of traffic.
– Virtual and physical interfaces can be grouped into zones.
– Policies are applied to unidirectional traffic between zones.
Both IOS Classic Firewalls and ZPFs can be enabled concurrently on a
Cisco router. However, the models cannot be combined on a single
interface.
77. Why could network Syslog servers be a target for threat actors?
World-class AI
writing.
30M people use Gramm
write sharper and work
free today.
Grammarly
78. What effect does the use of hashing have on stored passwords?
Less digital storage is required for user credentials that include hashed
passwords.
Enforces the use of complex passwords.
The recovery of forgotten passwords is faster.
The password cannot be restored from the stored unique hash.
workplace
workload
workflow
workforce
A new way of
working.
49
Grammarly
Close
82. Place the steps for configuring zone-based policy (ZPF) firewalls in
order from first to last.
49
Close
Find your way w
words.
Grammarly
Subscribe
49
{} [+]
49 COMMENTS
Close