Monday, July 6, 2015

CCIE Security 350-018 Quiz

Security Protocols
1. RADIUS and TACACS+ can be configured to be used on the same router under what conditions?
a. They cannot be configured together.
b. If you have the same list names applied to the same interfaces.
c. If multilink PPP is configured.
d. If you have different list names applied to different interfaces.

2. In IPsec, what encapsulation protocol encrypts only the data and not the IP header?
a. ESP
b. AH
c. MD5

3. What is the maximum number of key combinations possible with a 56-bit key?
a. 1024
b. 256
c. 512
d. 128
e. 2048
f. 7.2057594 . 10^16

4. When maintaining an IPsec connection over the Internet, what attack must be mitigated to protect user data?
a. Spoof attack
b. Man-in-the-middle attack
c. Trojan horse attack
d. Smurf attack

5. What would be the most important reason for implementing L2TP for a VPN client?
a. L2TP uses TCP as a lower-level protocol, so transmission is connection oriented.
b. L2TP uses PPP, so address allocation and authentication is built in to the protocol.
c. L2TP has less overhead than GRE.

6. 802.1X uses the following protocol between the supplicant and authenticator:
c. EAP over LAN

7. Identify IKEv2 advantages over IKEv1.
a. Supports EAP authentication
b. NAT Traversal
c. Encryption protection

8. DNSSEC was designed for
a. DNS flood attacks
b. DNS fragmentation attacks
c. DNS reply attacks
d. DNS man-in-the-middle attacks

9. DNSESEC provides the following functionality:
a. Data confidentiality of DNS query
b. Access restriction of DNS zone transfer
c. Origin authentication of DNS data

Application and Infrastructure Security
1. Which protocol is used by the Simple Certificate Enrollment Protocol (SCEP)?
a. TCP
b. FTP
c. Syslog
e. UDP

2. How is security provided in TFTP? (Choose all that apply.)
a. Clear-text authentication via username and password
b. Predefining a directory
c. Predefining filenames of the files to be transferred

3. TFTP uses which protocol and port number?
a. UDP 161
b. TCP 21
c. UDP 53
d. UDP 69

4. True or false: TFTP, like FTP, requires user authentication.
a. True
b. False

5. What is the purpose and characteristics of TFTP? (Choose all that apply.)
a. Transfer of files between two devices
b. Uses UDP as the transport protocol
c. Uses TCP as the transport protocol
d. Requires user authentication
e. Does not require user authentication

6. What command can be used to modify the router log size on a Cisco router?
a. logging console
b. logging buffered
c. show logging
d. logging buffered buffer-size
e. None of the above

7. Identify desktop the sharing application that uses TCP ports 5800 and 5900.
a. RDP
b. Remote windows
c. VNC

8. Identify the Microsoft protocol that operates over TCP port 3389.
a. Desktop shadowing
b. VNC
c. Remote desktop protocol

9. Which UDP ports does DHCP use?
a. UDP port 67 and 68
b. UDP ports 67 and 69
c. UDP ports 69 and 70

10. Identify three SNMPv3 security features.
a. Message Integrity
b. DDoS
c. Authentication
d. Authorization
e. Encryption

11. Identify the correct DHCP IP address assignment process.
a. Request, Offer, Ack
b. Discover, Offer, Request, Ack
c. Discover, Assign, Ack
d. Discover,

Threats, Vulnerability Analysis, and Mitigation
1. Identify various Spanning Tree protection mechanisms.
a. Unicast RPF
b. Root guard
c. Port security
d. BPDU guard

2. What are QoS configuration components?
a. policy
b. class-map
c. policy-map
d. service-policy

3. Which technology and mitigation techniques do RFC 2827 identify?
a. Restriction of directed broadcast
b. Prevention of DoS attacks from legitimate systems
c. Prevention of DoS stacks that use IP source address spoofing

4. Identify the mechanism that prevents MITM attacks.
a. TCP sliding window
b. IPsec VPNs
c. NAT
d. SSL

5. Identify the form of attack that results in administrative access to the router/server using TCP port 8443.
a. Botnet
b. DDoS
c. DoS
d. Privilege escalation

6. Identify the form of attack that causes manipulation of DSCP and IP precedence.
a. QoS marking attack
b. DHCP starvation
c. TCP SYN flood

Cisco Security Products, Features, and Management
1. Which of the following multicast capabilities are not supported by the ASA appliance?
a. Multicast traffic over VPN tunnel
b. Multicast NAT
c. Multicast RP

2. What type of output queuing is used on the ASA?
a. Priority queuing
b. WFQ
c. Custom queuing

3. What option must be enabled for botnet filtering on ASA?
a. DNS inspection and snooping
b. ACL
c. HTTP inspection

4. ASA transparent firewall mode has the following characteristics (choose two):
a. It supports static routes.
b. It doesn’t participate as a routed next-hop.
c. PAT and ANT are not supported.

Cisco Security Technologies and Solution
1. Which following statements are true about VLANs? (Choose two.)
a. VLAN is a broadcast domain.
b. VLAN can be created only if the VLAN ID and type are known.
c. VLANs can be connected across the WAN.

2. Which of the following QoS markings are local to the router alone?
b. EXP
c. IP Precendence
d. QoS Group

3. What mechanisms can be used to secure the IP data plane?
a. ACLs
b. uRPF
c. QoS
d. MD5

4. Identify the MPLS label used for PHP.
a. exp-null
b. push
c. pop
d. imp-null

5. What feature prevents MPLS packet loss?
a. BGP
b. LDP
d. LDP IGP sync

Security Policies and Procedures
1. Place the following steps for IDS tuning in correct order:
1. Apply initial configuration.
2. Analyze alarms, tune out false positives, and implement signature tuning (if needed).
3. Identify potential locations for sensors.
4. Monitor the sensor while tuning.
5. Update sensors with new signatures.
6. Implement response actions.
a. 1, 2, 3, 4, 5, 6
b. 2, 1, 3, 4, 5, 6
c. 3, 1, 2, 4, 5, 6
d. 3, 1, 4, 2, 6, 5

2. What is a Trojan?
a. Malicious code that disguises itself as legitimate code and runs on your system
b. An unauthorized user gaining access to your host
c. A program that captures your username and password
d. A bastion host

3. In which of the following exploits does a hacker send large quantities of ICMP echo (ping) traffic to IP broadcast addresses, which all have a victim’s spoofed source address?
a. Spoof attack
b. Smurf attack
c. Man-in-the-middle attack
d. TCP/SYN attack

No comments:

Post a Comment