module 4 (1130917)
Текст из файла
http://ccna-4.blogspot.comTake Assessment - EWAN Chapter 4 - CCNA Exploration: Accessing the WAN (Version 4.0)1What are two valid methods for upgrading an IOS image? (Choose two.)copy-and-paste through a console connectioncopy-and-paste through a network connectionTFTP through a console connectionTFTP through a network connectionXmodem through a console connectionXmodem through a network connection2A company has a web server on the company DMZ to provide external web services. While reviewing firewall log files, an administratornotices that a connection has been made from the web server to an internal e-mail server.
Upon further investigation, the administratordiscovers that an unauthorized account has been created on the internal server. Which type of attack was successfully carried out?phishingport redirectiontrust exploitationman-in-the-middle3Which two statements are true regarding network security? (Choose two.)Securing a network against internal threats is a lower priority because company employees represent a low security risk.http://ccna-4.blogspot.comBoth experienced hackers who are capable of writing their own exploit code and inexperienced individuals who download exploitsfrom the Internet pose a serious threat to network security.Assuming a company locates its web server outside the firewall and has adequate backups of the web server, no further securitymeasures are needed to protect the web server because no harm can come from it being hacked.Established network operating systems like UNIX and network protocols like TCP/IP can be used with their default settingsbecause they have no inherent security weaknesses.Protecting network devices from physical damage caused by water or electricity is a necessary part of the security policy.4Refer to the exhibit.
Which two statements are true about the configuration shown? (Choose two.)The remote session is encrypted.Telnet is permitted in vty lines 0 and 4.Passwords are sent in clear text.Host 192.168.0.15 is permitted on vty lines 0 through 4.Traffic from networks other than 192.168.0.0 is blocked from traversing Router1.5The Cisco IOS image naming convention allows identification of different versions and capabilities of the IOS. What information can begained from the filename c2600-d-mz.121-4? (Choose two.)The "mz" in the filename represents the special capabilities and features of the IOS.The file is uncompressed and requires 2.6 MB of RAM to run.The software is version 12.1, 4th revision.The file is downloadable and 121.4MB in size.The IOS is for the Cisco 2600 series hardware platform.http://ccna-4.blogspot.com6When a user establishes an SDM connection with a Cisco router and is examining the Configuration Overview area of the home page,which three pieces of information are available? (Choose three.)MAC address of all DHCP clientstotal number of Cisco SDM-supported WAN interfaces on the routertype of compression enabled on WAN interfacestotal number of DMZ interfacesstatus of the DNS servernumber of site-to-site VPN connections7An IT director has begun a campaign to remind users to avoid opening e-mail messages from suspicious sources.
Which type of attackis the IT director trying to protect users from?DoSDDoSvirusaccessreconnaissance8Intrusion detection occurs at which stage of the Security Wheel?securingmonitoringtestingimprovementreconnaissancehttp://ccna-4.blogspot.com9Refer to the exhibit. The network administrator is trying to back up the Cisco IOS router software and receives the output shown. What are two possiblereasons for this output? (Choose two.)The Cisco IOS file has an invalid checksum.The TFTP client on the router is corrupt.The router cannot connect to the TFTP server.The TFTP server software has not been started.There is not enough room on the TFTP server for the software.10The password recovery process begins in which operating mode and using what type of connection? (Choose two.)http://ccna-4.blogspot.comROM monitorboot ROMCisco IOSdirect connection through the console portnetwork connection through the Ethernet portnetwork connection through the serial port11Which two conditions should the network administrator verify before attempting to upgrade a Cisco IOS image using a TFTP server?(Choose two.)Verify the name of the TFTP server using the show hosts command.Verify that the TFTP server is running using the tftpdnld command.Verify that the checksum for the image is valid using the show version command.Verify connectivity between the router and TFTP server using the ping command.Verify that there is enough flash memory for the new Cisco IOS image using the show flash command.12http://ccna-4.blogspot.comRefer to the exhibit.
A network administrator is trying to configure a router to use SDM, but it is not functioning correctly. What could bethe problem?The privilege level of the user is not configured correctly.The authentication method is not configured correctly.The HTTP server is not configured correctly.The HTTP timeout policy is not configured correctly.13Which two statements are true regarding network attacks? (Choose two.)Reconnaissance attacks are always electronic in nature, such as ping sweeps or port scans.Devices in the DMZ should not be fully trusted by internal devices, and communication between the DMZ and internal devicesshould be authenticated to prevent attacks such as port redirection.Worms require human interaction to spread, viruses do not.Strong network passwords mitigate most DoS attacks.Given time, a brute force attack always yields the password, as long as the password is made up of the characters selected totest.http://ccna-4.blogspot.com14Which two statements define the security risk that is presented by SNMPv1 or SNMPv2 when either is enabled on the network?(Choose two.)SNMP uses authentication strings called community strings, which are stored and sent across the network in plain text.Only the station that acts as a SNMP manager can encrypt the request and respond messages.
All other machines that act asSNMP agents send the messages in plain text.A SNMP agent can encrypt the inform requests but not the trap requests.No access list can be defined for the SNMP messages that are sent by the SNMP agents.SNMP is an easily spoofed, datagram-based transaction protocol.15Refer to the exhibit. Which two statements about the configuration shown are true? (Choose two.)access granted with password "local"SSH server function is enabled on R1SSH client function is enabled on R1remote access connection will fail with no local username databaseremote access connection will be made on secure shell port 44316Which two statements regarding preventing network attacks are true? (Choose two.)The default security settings for modern server and PC operating systems can be trusted to have secure default security settings.Intrusion prevention systems can log suspicious network activity, but there is no way to counter an attack in progress without userintervention.Physical security threat mitigation consists of controlling access to device console ports, labeling critical cable runs, installing UPSsystems, and providing climate control.http://ccna-4.blogspot.comPhishing attacks are best prevented by firewall devices.Changing default usernames and passwords and disabling or uninstalling unnecessary services are aspects of device hardening.17Which two statements define the security risk when DNS services are enabled on the network? (Choose two.)By default, name queries are sent to the broadcast address 255.255.255.255.DNS name queries require the ip directed-broadcast command to be enabled on the Ethernet interfaces of all routers.Using the global configuration command ip name-server on one router enables the DNS services on all routers in the network.The basic DNS protocol does not provide authentication or integrity assurance.The router configuration does not provide an option to set up main and backup DNS servers.18When a user completes the Cisco SDM VPN wizard, what is done with the information that has been entered?The information is saved to a text file that can be used to configure clients.After user confirmation, the Cisco SDM-generated CLI commands are sent to the router.SDM generates traffic to test the configuration before it is applied to the router.A dialog box prompts the user for username and password information.19Which two objectives must a security policy accomplish? (Choose two.)provide a checklist for the installation of secure serversdescribe how the firewall must be configureddocument the resources to be protectedidentify the security objectives of the organizationidentify the specific tasks involved in hardening a router20http://ccna-4.blogspot.comRefer to the exhibit.
Security Device Manager (SDM) is installed on router R1. What is the result of opening a web browser on PC1 andentering the URL https://192.168.10.1?The password is sent in plain text.A Telnet session is established with R1.The SDM page of R1 appears with a dialog box that requests a username and password.The R1 home page is displayed and allows the user to download Cisco IOS images and configuration files.21Which statement is true about Cisco Security Device Manager (SDM)?SDM interrupts network communications when configuration changes are entered into router memory.SDM can run only on Cisco 7000 series routers.SDM is supported by every version of the Cisco IOS software.SDM can be run from router memory or from a PC.http://ccna-4.blogspot.com22Users are unable to access a company server.
Характеристики
Тип файла PDF
PDF-формат наиболее широко используется для просмотра любого типа файлов на любом устройстве. В него можно сохранить документ, таблицы, презентацию, текст, чертежи, вычисления, графики и всё остальное, что можно показать на экране любого устройства. Именно его лучше всего использовать для печати.
Например, если Вам нужно распечатать чертёж из автокада, Вы сохраните чертёж на флешку, но будет ли автокад в пункте печати? А если будет, то нужная версия с нужными библиотеками? Именно для этого и нужен формат PDF - в нём точно будет показано верно вне зависимости от того, в какой программе создали PDF-файл и есть ли нужная программа для его просмотра.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
