Posts by Admin

 

What three tasks can a network administrator accomplish with the Nmap and Zenmap security testing tools? (Choose three.)

Posted on by

What three tasks can a network administrator accomplish with the Nmap and Zenmap security testing tools? (Choose three.) operating system fingerprinting assessment of Layer 3 protocol support on hosts open UDP and TCP port detection security event analysis and reporting password recovery development of IDS signatures Answers Explanation & Hints: Nmap is a low-level network […]
Continue reading…

 

What type of network security test uses simulated attacks to determine the feasibility of an attack as well as the possible consequences if the attack occurs?

Posted on by

What type of network security test uses simulated attacks to determine the feasibility of an attack as well as the possible consequences if the attack occurs? penetration testing network scanning integrity checking vulnerability scanning Answers Explanation & Hints: There are many tests that are used by security specialists to assess the status of a system. […]
Continue reading…

 

Refer to the exhibit. A network administrator is configuring PAT on an ASA device to enable internal workstations to access the Internet. Which configuration command should be used next?

Posted on by

Refer to the exhibit. A network administrator is configuring PAT on an ASA device to enable internal workstations to access the Internet. Which configuration command should be used next? nat (inside,outside) dynamic NET1 nat (outside,inside) dynamic NET1 nat (inside,outside) dynamic interface nat (outside,inside) dynamic interface Answers Explanation & Hints: The nat (inside,outside) dynamic interface command […]
Continue reading…

 

In the implementation of network security, how does the deployment of a Cisco ASA firewall differ from a Cisco IOS router?

Posted on by

In the implementation of network security, how does the deployment of a Cisco ASA firewall differ from a Cisco IOS router? ASA devices use ACLs that are always numbered. ASA devices do not support an implicit deny within ACLs. ASA devices support interface security levels. ASA devices use ACLs configured with a wildcard mask. Answers […]
Continue reading…

 

Refer to the exhibit. A network administrator is configuring an object group on an ASA device. Which configuration keyword should be used after the object group name SERVICE1 ?

Posted on by

Refer to the exhibit. A network administrator is configuring an object group on an ASA device. Which configuration keyword should be used after the object group name SERVICE1 ? ip tcp udp icmp Answers Explanation & Hints: Because this is a service object group, the keyword should indicate which protocol is used. The options are […]
Continue reading…

 

Refer to the exhibit. A network administrator is configuring the security level for the ASA. What is a best practice for assigning the security level on the three interfaces?

Posted on by

Refer to the exhibit. A network administrator is configuring the security level for the ASA. What is a best practice for assigning the security level on the three interfaces? Outside 0, Inside 35, DMZ 90 Outside 40, Inside 100, DMZ 0 Outside 0, Inside 100, DMZ 50 Outside 100, Inside 10, DMZ 40 Answers Explanation […]
Continue reading…

 

Which special hardware module, when integrated into ASA, provides advanced IPS features?

Posted on by

Which special hardware module, when integrated into ASA, provides advanced IPS features? Content Security and Control (CSC) Advanced Inspection and Prevention (AIP) Advanced Inspection and Prevention Security Services Card (AIP-SSC) Advanced Inspection and Prevention Security Services Module (AIP-SSM) Answers Explanation & Hints: The advanced threat control and containment services of an ASA firewall are provided […]
Continue reading…

 

Refer to the exhibit. An administrator creates three zones (A, B, and C) in an ASA that filters traffic. Traffic originating from Zone A going to Zone C is denied, and traffic originating from Zone B going to Zone C is denied. What is a possible scenario for Zones A, B, and C?

Posted on by

Refer to the exhibit. An administrator creates three zones (A, B, and C) in an ASA that filters traffic. Traffic originating from Zone A going to Zone C is denied, and traffic originating from Zone B going to Zone C is denied. What is a possible scenario for Zones A, B, and C? A – […]
Continue reading…

 

What is the purpose of configuring multiple crypto ACLs when building a VPN connection between remote sites?

Posted on by

What is the purpose of configuring multiple crypto ACLs when building a VPN connection between remote sites? By applying the ACL on a public interface, multiple crypto ACLs can be built to prevent public users from connecting to the VPN-enabled router. Multiple crypto ACLs can be configured to deny specific network traffic from crossing a […]
Continue reading…

 

What are two hashing algorithms used with IPsec AH to guarantee authenticity? (Choose two.)

Posted on by

What are two hashing algorithms used with IPsec AH to guarantee authenticity? (Choose two.) MD5 SHA AES DH RSA Answers Explanation & Hints: The IPsec framework uses various protocols and algorithms to provide data confidentiality, data integrity, authentication, and secure key exchange. Two popular algorithms used to ensure that data is not intercepted and modified […]
Continue reading…

 

What is a benefit of having users or remote employees use a VPN to connect to the existing network rather than growing the network infrastructure?

Posted on by

What is a benefit of having users or remote employees use a VPN to connect to the existing network rather than growing the network infrastructure? security scalability cost savings compatibility Answers Explanation & Hints: A benefit of VPNs is scalability because organizations can use the Internet and easily add new users without adding significant infrastructure. […]
Continue reading…

 

Posted on by

What is the standard for a public key infrastructure to manage digital certificates? PKI NIST-SP800 x.503 x.509 Answers Explanation & Hints: The x.509 standard is for a PKI infrastructure and x.500 if for directory structures.​
Continue reading…

 

Which two statements correctly describe certificate classes used in the PKI? (Choose two.)

Posted on by

Which two statements correctly describe certificate classes used in the PKI? (Choose two.) A class 0 certificate is for testing purposes. A class 0 certificate is more trusted than a class 1 certificate. The lower the class number, the more trusted the certificate. A class 5 certificate is for users with a focus on verification […]
Continue reading…