Close Window

Assessment System
Exam Viewer - EWAN Chapter 4 - CCNA Exploration: Accessing the WAN (Version 4.!
"elow yo# will $ind the assessment items as presented on the exam as well as the scoring r#les associated with
the item.
%se o$ the exam in$ormation in the Exam Viewer is s#&'ect to the terms o$ the Academy Connection We&site
%sage Agreement &etween yo# and Cisco. (he p#rpose o$ the Exam Viewer is to s#pport instr#ction while not
compromising exam sec#rity $or other Cisco Networ)ing Academies or st#dents. (his material sho#ld not &e
distri&#ted o#tside a proctored and controlled setting. *$ mis#se is $o#nd+ action will &e ta)en to limit access to
assessment content. ,lease remem&er to logo#t and close yo#r &rowser window a$ter #sing the Exam Viewer.
1 Which two statements are tr#e regarding networ) sec#rity- (Choose two.!
Sec#ring a networ) against internal threats is a lower priority &eca#se
company employees represent a low sec#rity ris).
"oth experienced hac)ers who are capa&le o$ writing their own exploit
code and inexperienced indi.id#als who download exploits $rom the
*nternet pose a serio#s threat to networ) sec#rity.
Ass#ming a company locates its we& ser.er o#tside the $irewall and has
ade/#ate &ac)#ps o$ the we& ser.er+ no $#rther sec#rity meas#res are
needed to protect the we& ser.er &eca#se no harm can come $rom it
&eing hac)ed.
Esta&lished networ) operating systems li)e %N*0 and networ) protocols
li)e (C,1*, can &e #sed with their de$a#lt settings &eca#se they ha.e no
inherent sec#rity wea)nesses.
,rotecting networ) de.ices $rom physical damage ca#sed &y water or
electricity is a necessary part o$ the sec#rity policy.
Scoring Rule For: correctness of
response
2ption 3 and 2ption 4 are correct.
5 point $or each correct option.
points i$ more options are selected
than re/#ired.
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.5.3 Common Sec#rity (hreats
2 Which two statements are tr#e a&o#t networ) attac)s- (Choose two.!
Strong networ) passwords mitigate most 8oS attac)s.
Worms re/#ire h#man interaction to spread+ .ir#ses do not.
9econnaissance attac)s are always electronic in nat#re+ s#ch as ping
sweeps or port scans.
A &r#te-$orce attac) searches to try e.ery possi&le password $rom a
com&ination o$ characters.
8e.ices in the 86: sho#ld not &e $#lly tr#sted &y internal de.ices+ and
comm#nication &etween the 86: and internal de.ices sho#ld &e
a#thenticated to pre.ent attac)s s#ch as port redirection.
Scoring Rule For: correctness of
response
2ption 4 and 2ption 4 are correct.
5 point $or each correct option.
points i$ more options are selected
than re/#ired.
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.5.; (ypes o$ Networ) Attac)s
3 %sers are #na&le to access a company ser.er. (he system logs show that the
ser.er is operating slowly &eca#se it is recei.ing a high le.el o$ $a)e re/#ests
$or ser.ice. Which type o$ attac) is occ#rring-
reconnaissance
access
8oS
worm
.ir#s
(ro'an horse
Scoring Rule For: correctness
of response
3 points $or 2ption ;
points $or any other option
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.5.; (ypes o$ Networ) Attac)s
4 An *( director has &eg#n a campaign to remind #sers to a.oid opening e-mail
messages $rom s#spicio#s so#rces. Which type o$ attac) is the *( director
trying to protect #sers $rom-
8oS
88oS
.ir#s
access
reconnaissance
Scoring Rule For: correctness
of response
3 points $or 2ption ;
points $or any other option
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.5.; (ypes o$ Networ) Attac)s
5 Which two statements regarding pre.enting networ) attac)s are tr#e-
(Choose two.!
(he de$a#lt sec#rity settings $or modern ser.er and ,C operating systems
can &e tr#sted to ha.e sec#re de$a#lt sec#rity settings.
*ntr#sion pre.ention systems can log s#spicio#s networ) acti.ity+ &#t
there is no way to co#nter an attac) in progress witho#t #ser
inter.ention.
,hysical sec#rity threat mitigation consists o$ controlling access to
de.ice console ports+ la&eling critical ca&le r#ns+ installing %,S systems+
and pro.iding climate control.
,hishing attac)s are &est pre.ented &y $irewall de.ices.
Changing de$a#lt #sernames and passwords and disa&ling or #ninstalling
#nnecessary ser.ices are aspects o$ de.ice hardening.
Scoring Rule For: correctness of
response
2ption ; and 2ption 4 are correct.
5 point $or each correct option.
points i$ more options are selected
than re/#ired.
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.5.4 <eneral 6itigation (echni/#es
6 *ntr#sion detection occ#rs at which stage o$ the Sec#rity Wheel-
sec#ring
monitoring
testing
impro.ement
reconnaissance
Scoring Rule For: correctness
of response
3 points $or 2ption 3
points $or any other option
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.5.4 (he Networ) Sec#rity Wheel
7 Which two o&'ecti.es m#st a sec#rity policy accomplish- (Choose two.!
pro.ide a chec)list $or the installation o$ sec#re ser.ers
descri&e how the $irewall m#st &e con$ig#red
doc#ment the reso#rces to &e protected
identi$y the sec#rity o&'ecti.es o$ the organi=ation
identi$y the speci$ic tas)s in.ol.ed in hardening a ro#ter
Scoring Rule For: correctness of
response
2ption ; and 2ption 4 are correct.
5 point $or each correct option.
points i$ more options are selected
than re/#ired.
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.5.> (he Enterprise Sec#rity ,olicy
8 What are three characteristics o$ a good sec#rity policy- (Choose three.!
*t de$ines accepta&le and #naccepta&le #se o$ networ) reso#rces.
*t comm#nicates consens#s and de$ines roles.
*t is de.eloped &y end #sers.
*t is de.eloped a$ter all sec#rity de.ices ha.e &een $#lly tested.
*t de$ines how to handle sec#rity incidents.
*t sho#ld &e encrypted as it contains &ac)#ps o$ all important passwords
and )eys.
Scoring Rule For: correctness of
response
2ption 5+ 2ption 3+ and 2ption 4 are
correct.
5 point $or each correct option.
points i$ more options are selected
than re/#ired.
6ax Val#e 7 ;
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.5.> (he Enterprise Sec#rity ,olicy
9 Which two statements de$ine the sec#rity ris) when 8NS ser.ices are ena&led
on the networ)- (Choose two.!
"y de$a#lt+ name /#eries are sent to the &roadcast address
344.344.344.344.
8NS name /#eries re/#ire the ip directed-broadcast command to &e
ena&led on the Ethernet inter$aces o$ all ro#ters.
%sing the glo&al con$ig#ration command ip nae-ser!er on one ro#ter
ena&les the 8NS ser.ices on all ro#ters in the networ).
(he &asic 8NS protocol does not pro.ide a#thentication or integrity
ass#rance.
(he ro#ter con$ig#ration does not pro.ide an option to set #p main and
&ac)#p 8NS ser.ers.
Scoring Rule For: correctness of
response
2ption 5 and 2ption 4 are correct.
5 point $or each correct option.
points i$ more options are selected
than re/#ired.
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.;.5 V#lnera&le 9o#ter Ser.ices and *nter$aces
1" What are two &ene$its o$ #sing Cisco A#toSec#re- (Choose two.!
*t gi.es the administrator detailed control o.er which ser.ices are
ena&led or disa&led.
*t o$$ers the a&ility to instantly disa&le non-essential system processes
and ser.ices.
*t a#tomatically con$ig#res the ro#ter to wor) with S86.
*t ens#res the greatest compati&ility with other de.ices in yo#r networ).
*t allows the administrator to con$ig#re sec#rity policies witho#t ha.ing
to #nderstand all o$ the Cisco *2S so$tware $eat#res.
Scoring Rule For: correctness of
response
2ption 3 and 2ption 4 are correct.
5 point $or each correct option.
points i$ more options are selected
than re/#ired.
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.;.; ?oc)ing 8own @o#r 9o#ter with Cisco A#to Sec#re
11
9e$er to the exhi&it. A networ) administrator is trying to con$ig#re a ro#ter to #se
S86+ &#t it is not $#nctioning correctly. What co#ld &e the pro&lem-
(he pri.ilege le.el o$ the #ser is not con$ig#red correctly.
(he a#thentication method is not con$ig#red correctly.
(he A((, ser.er is not con$ig#red correctly.
(he A((, timeo#t policy is not con$ig#red correctly.
Scoring Rule
For: correctness of response
3 points $or 2ption 5
points $or any other option
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.4.3 Con$ig#ring @o#r 9o#ter to S#pport Cisco S86
12 (he Cisco *2S image naming con.ention allows identi$ication o$ di$$erent
.ersions and capa&ilities o$ the *2S. What in$ormation can &e gained $rom
the $ilename c26""-d-#$121-4- (Choose two.!
(he Bm=B in the $ilename represents the special capa&ilities and $eat#res
o$ the *2S.
(he $ile is #ncompressed and re/#ires 3.> 6" o$ 9A6 to r#n.
(he so$tware is .ersion 53.5+ 4th re.ision.
(he $ile is downloada&le and 535.46" in si=e.
(he *2S is $or the Cisco 3> series hardware plat$orm.
Scoring Rule For: correctness of
response
2ption ; and 2ption 4 are correct.
5 point $or each correct option.
points i$ more options are selected
than re/#ired.
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.4.3 6anaging Cisco *2S *mages
13
9e$er to the exhi&it. (he networ) administrator is trying to &ac) #p the Cisco *2S ro#ter so$tware and recei.es the o#tp#t
shown. What are two possi&le reasons $or this o#tp#t- (Choose two.!
(he Cisco *2S $ile has an in.alid chec)s#m.
(he (C(, client on the ro#ter is corr#pt.
(he ro#ter cannot connect to the (C(, ser.er.
(he (C(, ser.er so$tware has not &een started.
(here is not eno#gh room on the (C(, ser.er $or the so$tware.
Scoring Rule
For: correctness
of response
2ption ; and
2ption 4 are
correct.
5 point $or each
correct option.
points i$ more
options are
selected than
re/#ired.
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.4.4 "ac)ing #p and %pgrading So$tware *mage
14 Which two conditions sho#ld the networ) administrator .eri$y &e$ore
attempting to #pgrade a Cisco *2S image #sing a (C(, ser.er- (Choose
two.!
Veri$y the name o$ the (C(, ser.er #sing the s%o& %osts command.
Veri$y that the (C(, ser.er is r#nning #sing the tftpdnld command.
Veri$y that the chec)s#m $or the image is .alid #sing the s%o& !ersion
command.
Veri$y connecti.ity &etween the ro#ter and (C(, ser.er #sing the ping
command.
Veri$y that there is eno#gh $lash memory $or the new Cisco *2S image
#sing the s%o& flas% command.
Scoring Rule For: correctness of
response
2ption 4 and 2ption 4 are correct.
5 point $or each correct option.
points i$ more options are selected
than re/#ired.
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.4.; 6anaging Cisco *2S *mages
15 (he password reco.ery process &egins in which operating mode and #sing
what type o$ connection- (Choose two.!
926 monitor
&oot 926
Cisco *2S
direct connection thro#gh the console port
networ) connection thro#gh the Ethernet port
networ) connection thro#gh the serial port
Scoring Rule For: correctness of
response
2ption 5 and 2ption 4 are correct.
5 point $or each correct option.
points i$ more options are selected
than re/#ired.
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.4.D 9eco.ering a ?ost 9o#ter ,assword
16
9e$er to the exhi&it. Sec#rity 8e.ice 6anager (S86! is installed on ro#ter 95. What is
the res#lt o$ opening a we& &rowser on ,C5 and entering the %9? %ttps:''192$168$1"$1-
(he password is sent in plain text.
A (elnet session is esta&lished with 95.
(he S86 page o$ 95 appears with a dialog &ox that re/#ests a #sername and
password.
(he 95 home page is displayed and allows the #ser to download Cisco *2S images
and con$ig#ration $iles.
Scoring Rule
For: correctness of
response
3 points $or 2ption ;
points $or any other
option
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.4.; Starting Cisco S86
17 Which statement is tr#e a&o#t Cisco Sec#rity 8e.ice 6anager (S86!-
S86 can r#n only on Cisco D series ro#ters.
S86 can &e r#n $rom ro#ter memory or $rom a ,C.
S86 sho#ld &e #sed $or complex ro#ter con$ig#rations.
S86 is s#pported &y e.ery .ersion o$ the Cisco *2S so$tware.
Scoring Rule For: correctness
of response
3 points $or 2ption 3
points $or any other option
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.4.5 Cisco S86 2.er.iew
18 Which step is re/#ired to reco.er a lost ena&le password $or a ro#ter-
Set the con$ig#ration register to &ypass the start#p con$ig#ration.
Copy the r#nning con$ig#ration to the start#p con$ig#ration.
9eload the *2S $rom a (C(, ser.er $rom 92662N.
9econ$ig#re the ro#ter #sing set#p mode.
Scoring Rule For: correctness
of response
3 points $or 2ption 5
points $or any other option
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.4.D 9eco.ering a ?ost 9o#ter ,assword
19 What is the &est de$ense $or protecting a networ) $rom phishing exploits-
Sched#le anti.ir#s scans.
Sched#le antispyware scans .
Sched#le training $or all #sers.
Sched#le operating systems #pdates.
Scoring Rule For: correctness
of response
3 points $or 2ption ;
points $or any other option
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.5.3 Common Sec#rity (hreats
2"
9e$er to the exhi&it. Sec#rity 8e.ice 6anager (S86! has &een #sed to con$ig#re a re/#ired
le.el o$ sec#rity on the ro#ter. What wo#ld &e accomplished when the S86 applies the next
step on the sec#rity pro&lems that are identi$ied on the ro#ter-
S86 will a#tomatically in.o)e the A#toSec#re command.
S86 will generate a report that will o#tline the proper con$ig#ration actions to alle.iate
the sec#rity iss#es.
S86 will create a con$ig#ration $ile that can &e copy and pasted into the ro#ter to
recon$ig#re the ser.ices.
S86 will recon$ig#re the ser.ices that are mar)ed in the exhi&it as E$ix itF to apply the
s#ggested sec#rity changes.
Scoring Rule
For: correctness of
response
3 points $or 2ption 4
points $or any
other option
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.4.> ?oc)ing 8own a 9o#ter with Cisco S86
21
9e$er to the exhi&it. What is the p#rpose o$ the Bip ospf essage-digest-(e) 1
d5 ciscoB statement in the con$ig#ration-
to speci$y a )ey that is #sed to a#thenticate ro#ting #pdates
to sa.e &andwidth &y compressing the tra$$ic
to ena&le SSA encryption o$ tra$$ic
to create an *,sec t#nnel
Scoring Rule
For: correctness of response
3 points $or 2ption 5
points $or any other option
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.;.3 Sec#ring 9o#ting ,rotocols
22
9e$er to the exhi&it. What is accomplished when &oth commands are con$ig#red on
the ro#ter-
(he commands $ilter %8, and (C, tra$$ic coming to the ro#ter.
(he commands disa&le any (C, or %8, re/#est sent &y the ro#ting protocols.
(he commands disa&le the ser.ices s#ch as echo+ discard+ and chargen on the
ro#ter to pre.ent sec#rity .#lnera&ilities.
(he commands disa&le the "22(, and (C(, ser.er ser.ices to pre.ent sec#rity
.#lnera&ilities.
Scoring Rule
For: correctness of response
3 points $or 2ption ;
points $or any other option
6ax Val#e 7 3
(his item re$erences content $rom the $ollowing areas:
CCNA Exploration: Accessing the WAN
4.;.5 V#lnera&le 9o#ter Ser.ices and *nter$aces
Showing 5 o$ 5 ,re. ,age: Next
Close Window
All contents copyright G35-3H Cisco Systems+ *nc. All rights reser.ed. ,ri.acy Statement and (rademar)s.