Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. DRAG DROP
Drag and drop the description on the left on to the associated item on the right.
Answer:
Explanation: Collection of similar programs that work together to execute specific tasks: Botnet
Independent malicious program copies itself: Worms
Programs that appear to have one function but actually performs a different function: Trojan horse
Programs that modify other programs: Virus
Q2. MWhich three are RFC 5735 addresses? (Choose three.)
A. 171.10.0.0/24
B. 0.0.0.0/8
C. 203.0.113.0/24
D. 192.80.90.0/24
E. 172.16.0.0/12
F. 198.50.100.0/24
Answer: B,C,E
Q3. Which Three statement about cisco IPS manager express are true? (Choose three)
A. It provides a customizable view of events statistics.
B. It Can provision policies based on risk rating.
C. It Can provision policies based on signatures.
D. It Can provision policies based on IP addresses and ports.
E. It uses vulnerability-focused signature to protect against zero-day attacks.
F. It supports up to 10 sensors.
Answer: A,B,F
Q4. Which two statements about CoPP are true? (Choose two)
A. When a deny rule in an access list is used for MQC is matched, classification continues on the next class
B. It allows all traffic to be rate limited and discarded
C. Access lists that are used with MQC policies for CoPP should omit the log and log-input keywords
D. The mls qos command disables hardware acceleration so that CoPP handles all QoS
E. Access lists that use the log keyword can provide information about the device’s CPU
usage
F. The policy-map command defines the traffic class
Answer: A,C
Q5. Which protocol does VNC use for remote access to a GUI?
A. RTPS
B. RARP
C. E6
D. SSH
E. RFB
Answer: D
Q6. Refer to the exhibit
What is the configuration design to prevent?
A. Man in the Middle Attacks
B. Dynamic payload inspection
C. Backdoor control channels for infected hosts
D. DNS Inspection
Answer: D
Q7. when you configure an ASA with RADIUS authentication and authorization, which attribute is used to differentiate user roles?
A. login-ip-host
B. cisco-priv-level
C. service-type
D. termination-action
E. tunnel-type
Answer: C
Q8. On which two protocols is VNC based?(Choose two)
A. Rdesktop
B. UDP
C. RFB
D. Terminal Services Client
E. CoRD
F. TCP
Answer: C,F
Q9. DRAG DROP
Drag and Drop each Cisco Intrusion Prevention System anomaly detection event action on the left onto the matching description on the right.
Answer:
Explanation:
A-4,B-3,C-1,D-2,E-5,F-7,G-6
Q10. What is the purpose of the vulnerability risk method for assessing risk?
A. It directs the actions an organization can take in response to a reported vulnerability
B. It evaluates the effectiveness and appropriateness of an organization’s current risk management activities
C. It directs the actions an organization can take to ensure perimeter security
D. It prevents and protects against security vulnerabilities in an organization
E. It establishes a security team to perform forensic examinations of known attacks
Answer: C
Q11. Refer to the exhibit. Which statement about this debug output is true ?
A. It was generated by a LAN controller when it responded to a join request from an access point
B. It was generated by a LAN controller when it generated a join request to an access point
C. It was generated by an access point when it sent a join reply message to a LAN controller
D. It was generated by an access point when it received a join request message from a LAN controller
Answer: A
Q12. Refer to the exhibit What type of attack is illustrated?
A. ICMP flood
B. ARP spoofing
C. IP address spoofing
D. CAM overflow
Answer: B
Q13. Refer to the exhibit. R1 and R2 are connected across and ASA with MD5 authentication. Which statement about eBGP peering between the routers could be true?
A. eBGP peering will fail because ASA is transit lacks BGP support.
B. eBGP peering will be successful.
C. eBGP peering will fail because the two routers must be directly connected to allow peering.
D. eBGP peering will fail because of the TCP random sequence number feature.
Answer: C
Q14. Which three statements about RLDP are true? (Choose three)
A. It can detect rogue Aps that use WPA encryption
B. It detects rogue access points that are connected to the wired network
C. The AP is unable to serve clients while the RLDP process is active
D. It can detect rogue APs operating only on 5 GHz
E. Active Rogue Containment can be initiated manually against rogue devices detected on the wired network
F. It can detect rogue APs that use WEP encryption
Answer: A,B,D
Q15. Which two options are benefits of shortcut Switching Enhancements for NHRP on DMVPN networks? (choose two)
A. Its enables the NHRP FIB lookup process to perform route summarization on the hub.
B. It allows data packets to be fast switched while spoke-to-spoke tunnels are being established.
C. It is most beneficial with partial full-mesh DVMPN setup.
D. It supports layered network topologies with the central hubs and direct spoke-to –spoke tunnels between
spokes on different hubs.
E. It enables spokes to use a summary route to build spoke-to-spoke tunnels.
Answer: B,E
Q16. Which three statements about Unicast RPF in strict mode and loose mode are true? (choose three)
A. Inadvertent packet loss can occur when loose mode is used with asymmetrical routing.
B. Strict mode requires a default route to be associated with the uplink network interface.
C. Both loose and strict modes are configured globally on the router.
D. Loose mode requires the source address to be present in the routing table.
E. Strict mode is recommended on interfaces that will receive packets only form the same subnet to which the interface is assigned.
F. Interfaces in strict mode drop traffic with return routes that point to the NULL 0 interface.
Answer: D,E,F