Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. What is the result of the default ip ssh server authenticate user command?
A. It enables the public key, keyboard, and password authentication methods. B. It enables the public key authentication method only.
C. It enables the keyboard authentication method only.
D. It enables the password authentication method only.
Answer: A
Q2. Refer to the exhibit.
Which option describes the expected result of the capture ACL?
A. The capture is applied, but we cannot see any packets in the capture
B. The capture does not get applied and we get an error about mixed policy.
C. The capture is applied and we can see the packets in the capture
D. The capture is not applied because we must have a host IP as the source
Answer: B
Q3. What is a required attribute to configure NTP authentication on a Cisco ASA?
A. Key ID
B. IPsec
C. AAA
D. IKEv2
Answer: A
Q4. Which two statements about Cisco IDS are true? (Choose two.)
A. It is preferred for detection-only deployment.
B. It is used for installations that require strong network-based protection and that include sensor tuning.
C. It is used to boost sensor sensitivity at the expense of false positives.
D. It is used to monitor critical systems and to avoid false positives that block traffic.
E. It is used primarily to inspect egress traffic, to filter outgoing threats.
Answer: A,D
Q5. How many bridge groups are supported on a firewall that operate in transparent mode?
A. 8
B. 16
C. 10
D. 6
Answer: A
Q6. Which ASA feature is used to keep track of suspected attackers who create connections to too many hosts or ports?
A. complex threat detection
B. scanning threat detection
C. basic threat detection
D. advanced threat detection
Answer: B
Q7. At which layer does MACsec provide encryption?
A. Layer 1
B. Layer 2
C. Layer 3
D. Layer 4
Answer: B
Q8. Which component does Cisco ASDM require on the host Cisco ASA 5500 Series or Cisco PIX security appliance?
A. a DES or 3DES license
B. a NAT policy server
C. a SQL database
D. a Kerberos key
E. a digital certificate
Answer: A
Q9. Which option describes the enhancements that SNMPv3 adds over 1 and 2 versions?
A. Predefined events that generate message from the SNMP agent to the NMS
B. Addition of authentication and privacy options
C. Cleartext transmission of data between SNMP server and SNMP agent
D. Addition of the ability to predefine events using traps
E. Pooling of devices using GET-NEXT requests
F. Use of the object identifier
Answer: B
Explanation:
http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf014.html
Q10. When a Cisco ASA is configured in multicontext mode, which command is used to change between contexts?
A. changeto config context
B. changeto context
C. changeto/config context change
D. changeto/config context 2
Answer: B
Q11. What are two reasons for implementing NIPS at enterprise Internet edges? (Choose two.)
A. Internet edges typically have a lower volume of traffic and threats are easier to detect.
B. Internet edges typically have a higher volume of traffic and threats are more difficult to detect.
C. Internet edges provide connectivity to the Internet and other external networks.
D. Internet edges are exposed to a larger array of threats.
E. NIPS is more optimally designed for enterprise Internet edges than for internal network configurations.
Answer: C,D
Q12. Which two VPN types can you monitor and control with Cisco Prime Security Manager? (Choose two.)
A. AnyConnect SSL
B. site-to-site
C. clientless SSL
D. IPsec remote-access
Answer: A,D
Explanation: http://www.cisco.com/c/en/us/td/docs/security/asacx/9-1/user/guide/b_User_Guide_for_ASA_CX_and_PRSM_9_1.pdf
Q13. Which two parameters must be configured before you enable SCP on a router? (Choose two.)
A. SSH
B. authorization
C. ACLs
D. NTP
E. TACACS+
Answer: A,B
Q14. Which two router commands enable NetFlow on an interface? (Choose two.)
A. ip flow ingress
B. ip flow egress
C. ip route-cache flow infer-fields
D. ip flow ingress infer-fields
E. ip flow-export version 9
Answer: A,B
Q15. Which cloud characteristic is used to describe the sharing of physical resources between various entities?
A. Multitenancy
B. Ubiquitous access
C. Elasticity
D. Resiliency
Answer: D