Part II: Perimeter Security explores key IOS security features. It assesses skills in configuring routers, understanding security protocols, and managing network security. The quiz is vital for learners aiming to enhance their technical knowledge in network infrastructure security.
Storing configuration files
Storing a digital certificate
Storing a copy of the IOS image
Storing a username/password database
Rate this question:
Because the enable secret password is a hash it cannot be decrypted. Therefore the enable password is used to match the password that was entered and the enable secret is used to verify that the enable password has not been modified since the hash was generated.
The enable password is used for IKE Phase I whereas the enable secret password is used for IKE Phase II.
The enable password is considered to be a router’s public key whereas the enable secret password is considered to be a router’s private key.
The enable password is present for backward compatibility.
The login process is suspended for 10 seconds after 15 unsuccessful login attempts.
The login process is suspended for 15 seconds after 10 unsuccessful login attempts.
The login process is suspended for 30 seconds after 10 unsuccessful login attempts.
The login process is suspended for 10 seconds after 30 unsuccessful login attempts.
Rate this question:
No service timeout
Timeout-line none
Exec-timeout 0 0
Service timeout default
Rate this question:
0
1
15
16
Rate this question:
A CLI view supports only commands configured for that specific view whereas a privilege level supports commands available to that level and all the lower levels.
A CLI view can function without a AAA configuration whereas a privilege level requires AAA to be configured.
A CLI view supports only monitoring commands whereas a privilege level allows a user to make changes to an IOS configuration.
A CLI view and a privilege level perform the same function. However a CLI view is used on a Catalyst switch whereas a privilege level is used on an IOS router.
Rate this question:
The bootset
The configset
The backupset
The backup-config
Rate this question:
The period of time between successive login attempts
A period of time when no one is attempting to log in
The period of time in which virtual login attempts are blocked following repeated failed login attempts
The period of time in which virtual logins are blocked as security services fully initialize
Rate this question:
A single text character that will appear as the message of the day
A delimiter indicating the beginning and end of a message of the day
A reference to a system variable that contains a message of the day
The enable mode prompt from where the message of the day will be entered into the IOS configuration
Rate this question:
QPM
SAA
SMS
SDM
Rate this question:
Running SDM from a router’s flash
Running SDM from the Cisco web portal
Running SDM from within CiscoWorks
Running SDM from a PC
Rate this question:
Security Audit
VPN
ACS
NAT
STP
Rate this question:
Aaa EXEC
Aaa new-model
Configure aaa-model
Configure-model aaa
Rate this question:
With a method list
With a method statement
With the method command
With the method aaa command
Rate this question:
Local
Remote
TACACS+
RADIUS
IPsec
Rate this question:
Privileged EXEC
Command mode
Global configuration
Admin EXEC
Rate this question:
It specifies the login authorization method list named console-in using the local username-password database on the router.
It specifies the login authentication list named console-in using the local user-name-password database on the router.
It specifies the login authentication method list named console-in using the local user database on the router.
It specifies the login authorization method list named console-in using the local RADIUS username-password database.
Rate this question:
Aaa authentication enable level
Aaa authentication enable method default
Aaa authentication enable default local
Aaa authentication enable default
Rate this question:
Cisco NAC support
IPsec support
Network access profiles
NTVLM profiles
Machine access restrictions
Rate this question:
Opera 9.2
Microsoft Internet Explorer 6 with SP1
Netscape 7.1
Firefox 2.0
Netscape 7.2
UDP port 2000
TCP port 2002
UDP port 1645
TCP port 49
UDP port 1812
Rate this question:
Accept
Reject
Approved
Continue
Failed
Rate this question:
Access-Request
Access-Accept
Access-Reject
Access-Allow
Rate this question:
Configure > Tasks > AAA
Configure > Authentication > AAA
Configure > Additional Tasks > AAA
Configure > Additional Authentication > AAA
Rate this question:
Version 2
Version 2c
Version 3
Version 3c
Rate this question:
AutoQoS
AutoSecure
Cisco SDM’s One-Step Lockdown
Cisco IPS Device Manager (IDM)
Rate this question:
Finger
TCP small services
CDP
NTP
Rate this question:
OOB
OTP
SAFE
MARS
Rate this question:
3
4
5
6
Rate this question:
LDAP
CEF
FIB
MIB
Rate this question:
256 bits
512 bits
1024 bits
2048 bits
Rate this question:
Additional Tasks
Interfaces and Connections
Security Audit
Intrusion Prevention
Rate this question:
USB Port (most models)
Unified Network Services
Integrated PoE VoIP port
Integrated Security
Firewire port
Rate this question:
TRUE
FALSE
Rate this question:
It encrypts all passwords in the router’s configuration file with an AES (Advanced Encryption Standard) 256-bit level encryption.
With the exception of the hashed enable secret, all passwords on the router are encrypted.
All passwords on the router are encrypted.
It has no effect unless the service password secret-encrypt command is also issued.
None of the above.
Rate this question:
Commands configure include all terminal
Commands exec include all configure
Commands include exec configure
Commands exec include configure terminal
None of the above.
Rate this question:
Access, accountability, administration
Administration, access, accounting
Accounting, access, administration
Authentication, authorization, accounting
Authorization, accounting, administration
Rate this question:
Must be installed on an existing installation of Windows Server.
Must be installed on an existing installation of Windows Server or Sun Solaris.
An appliance-based solution that supports up to 50 AAA clients, as well as 350 unique user logons in a 24-hour period.
An appliance-based solution.
TACACS+ only
Rate this question:
Packet, character
Character, network
Network, character
Character, packet
Packet, network
Rate this question:
Show aaa local user lockout
Show aaa user all
Show aaa sessions
Show aaa local lockout
None of the above.
Rate this question:
LDAP
Active Directory
OBDC
RADIUS
TACACS+
Rate this question:
RADIUS has rich accounting and TACACS+ is capable of customizable userlevel policies such as command authorization.
RADIUS encrypts the whole communication between the AAA client and server, whereas TACACS+ only encrypts the password.
RADIUS uses UDP for transport and TACACS+ uses TCP.
RADIUS is a proprietary standard, whereas TACACS+ is Open Source.
RADIUS uses UDP ports 1645 and 1646 exclusively
Rate this question:
Configure the AAA network.
Install AAA supplicant software on IP hosts that will authenticate to the IOS router.
Identify traffic to which AAA is applied.
Set up users.
Install Cisco Secure ACS Solution Engine module on the Cisco IOS router.
Rate this question:
Network, Exec
Packet, Character
Character, Packet
Exec, Network
Administrative, User
Rate this question:
How can the confidentiality of logs as well as communicating log messages be assured?
How do you log events from several devices in one central place?
What are the most critical events to log?
What are the most important logs?
None of the above.
Rate this question:
In-band
Inter-vlan
Private
Out-of-band
Intranet
Rate this question:
TRUE
FALSE
Rate this question:
Configure->Router Management->Additional Tasks->Logging
Configure->Additional Tasks->Router Properties->Logging
Monitor->System Properties->Configure->Syslog
Configure->Additional Tasks->Router Properties->Syslog
Monitor->Logging Options->Syslog Setup
Quiz Review Timeline (Updated): Jun 22, 2023 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
Wait!
Here's an interesting quiz for you.