CCNAS Chapter 7 CCNA Security 1.0 2012 100%-CCNAS Chapter 7 – CCNA Security: Implementing Network Security (Version 1.0) – Answers – 2011 – 2012

1. Which symmetrical encryption algorithm is the most difficult to crack?3DESAESDESRSASHA2. What is the basic method used by 3DES to encrypt plaintext?The data is encrypted three times with three different keys.The data is encrypted, decrypted, and encrypted using three different keys.The data is divided into three blocks of equal length for encryption.The data is encrypted using a key length that is three times longer than the...

Read more ...

CCNAS Chapter 8 CCNA Security 1.0 2012 100%-CCNAS Chapter 8 – CCNA Security: Implementing Network Security (Version 1.0) – Answers – 2011 – 2012

1. Which IPsec protocol should be selected when confidentiality is required?tunnel modetransport modeauthentication headerencapsulating security payloadgeneric routing encapsulation2. When using ESP tunnel mode, which portion of the packet is not authenticated?ESP headerESP trailernew IP headeroriginal IP header.3. When configuring an IPsec VPN, what is used to define the traffic that is sent through the IPsec tunnel and protected...

Read more ...

CCNAS Chapter 6 CCNA Security 1.0 2012 100%-CCNAS Chapter 6 – CCNA Security: Implementing Network Security (Version 1.0) – Answers – 2011 – 2012

1. Which two measures are recommended to mitigate VLAN hopping attacks? (Choose two.)Use a dedicated native VLAN for all trunk ports.Place all unused ports in a separate guest VLAN.Disable trunk negotiation on all ports connecting to workstations.Enable DTP on all trunk ports.Ensure that the native VLAN is used for management traffic.2. As a recommended practice for Layer 2 security, how should VLAN 1 be treated?All access ports...

Read more ...

CCNAS Chapter 4 CCNA Security 1.0 2012 100%-CCNAS Chapter 4 – CCNA Security: Implementing Network Security (Version 1.0) – Answers – 2011 – 2012

1. Which statement accurately describes Cisco IOS zone-based policy firewall operation?The pass action works in only one direction.A router interface can belong to multiple zones.Service policies are applied in interface configuration mode.Router management interfaces must be manually assigned to the self zone.2.Which location is recommended for extended numbered or extended named ACLs?a location as close to the destination of...

Read more ...

CCNAS Chapter 5 CCNA Security 1.0 2012 100%-CCNAS Chapter 5 – CCNA Security: Implementing Network Security (Version 1.0) – Answers – 2011 – 2012

1. An IPS sensor has detected the string confidential across multiple packets in a TCP session. Which type of signature trigger and signature type does this describe?Trigger: Anomaly-based detectionType: Atomic signatureTrigger: Anomaly-based detectionType: Composite signatureTrigger: Pattern-based detectionType: Atomic signatureTrigger: Pattern-based detectionType: Composite signatureTrigger: Policy-based detectionType: Atomic...

Read more ...

CCNAS Chapter 3 CCNA Security 1.0 2012 100%-CCNAS Chapter 3 – CCNA Security: Implementing Network Security (Version 1.0) – Answers – 2011 – 2012

1. Why is local database authentication preferred over a password-only login?It specifies a different password for each line or port.It provides for authentication and accountability.It requires a login and password combination on console, vty lines, and aux ports.It is more efficient for users who only need to enter a password to gain entry to a device.2. What is a characteristic of AAA?Authorization can only be implemented...

Read more ...

CCNAS Chapter 2 CCNA Security 1.0 2012 100% CCNAS Chapter 2 – CCNA Security: Implementing Network Security (Version 1.0) – Answers – 2011 – 2012

1.Refer to the exhibit. What two pieces of information can be gathered from the generated message? (Choose two. )This message is a level five notification message.This message appeared because a minor error occurred requiring further investigation.This message appeared because a major error occurred requiring immediate action.This message indicates that service timestamps have been globally enabled.This message indicates that...

Read more ...

CCNAS Chapter 1 CCNA Security 1.0 2012 100%-CCNAS Chapter 1 – CCNA Security: Implementing Network Security (Version 1.0) – Answers – 2011 – 2012

1. What are the basic phases of attack that can be used by a virus or worm in sequential order?paralyze, probe, penetrate, persist, and propagateprobe, penetrate, persist, propagate, and paralyzepenetrate, persist, propagate, paralyze, and probepersist, propagate, paralyze, probe, and penetrate2. Which two are characteristics of DoS attacks? (Choose two.)They always precede access attacks.They attempt to compromise the availability...

Read more ...

Ipv6 Rs (ccnp642-901)

The router sends its prefix and then the node adds its interface ID to make its own IPv6 address, thus Answer A is correct.The following is the actual procedure for IPv6 stateless address autoconfiguration:(1) The new node on the network generates link local address and allocates it to the interface. Link-local address takes the following form: fe80:0000:0000:0000:0000:(2) The node confirms that generated link local address...

Read more ...