Take Assessment - Module 5 Exam - CCNP: Implementing Secure Converged Wide -area Networks (Version 5.

0)

1 Which tool can notify an administrator if a reconnaissance attack is under way?

network-based IPS

port scans

antivirus software

syslog server

Refer to the exhibit. Assume the AutoSecure configuration has been applied to the router. The configuration displayed in the exhibit will
generate the login block-for 60 attempts within 30 command in the running configuration. What is the significance of t his command?
After 5 failed attempts within a 30 second time frame, the router will not accept any additional login attempts for 60 second s.

After 5 failed attempts within a 60 second time frame, the router will not accept any additional login attempts for 30 seconds.

After 5 failed attempts within a 30 minute time frame, the router will not accept any additional login attempts for 60 minute s.

After 5 failed attempts within a 60 minute time frame, the router will not accept any additional login attempts for 30 minutes.

Refer to the exhibit. On the basis of the information that is provided, which two Cisco AutoSecure configuration statements are true?
(Choose two.)
Cisco AutoSecure will prompt the user to enter a banner.
By default, Cisco AutoSecure will automatically configure the ip cef command.

By default, Cisco AutoSecure will use a key modulus size of 512 bits when configuring SSH.
Cisco1 could be used for the enable secret function and the enable password function.

Cisco would be a valid enable secret password.

When prompted to enter the interface facing the Internet, entering Fa0/0 would be valid assuming that the router has a
FastEthernet 0/0 interface.

4 Which command would replace the current running configuration with the configuration file that was saved by the Cisco AutoSec ure
feature?
Router# copy flash:pre-autosec running-config

Router# copy nvram:pre_autosec running -config

 Router# copy flash:pre-autosec.cfg running -config

Router# copy nvram:pre_autosec.cfg running -config

Router# configure replace pre_autosec

Router# configure replace flash:pre_autosec.cfg

5 The act of asking for a username and password credentials and evaluating those credentials is known as which of the following ?
authentication

authorization

administration

access control

accounting

6 Port scans, packet sniffers, and ping sweeps are classified as which type of tools?
access attack tools

application layer attack tools

DoS tools

DDoS tools

reconnaissance tools

trust exploitation tools

7 Which sequence of steps is recommended for worm attack mitigation?

Step 1: Containment
Step 2: Inoculation
Step 3: Quarantine
Step 4: Treatment
Step 1: Containment
Step 2: Quarantine
Step 3: Inoculation
Step 4: Treatment
Step 1: Inoculation
Step 2: Containment
Step 3: Quarantine
Step 4: Treatment
Step 1: Inoculation
Step 2: Quarantine
Step 3: Containment
Step 4: Treatment
Step 1: Quarantine
Step 2: Containment
Step 3: Inoculation
Step 4: Treatment
Step 1: Quarantine
Step 2: Inoculation
Step 3: Containment
Step 4: Treatment

8
 Refer to the exhibit. A router located at IP address 192.168.10.1 has been configured to support SSH. Which TCP port number s hould
be configured in the Tera Term utility to connect to the router using SSH?
port 15

port 22

port 23

port 61

port 78

port 79

9 Which two procedures could be used to specifically mitigate IP spoofing attacks? (Choose two.)
Configure access control.

Configure DHCP spoofing.

Configure dynamic ARP inspection (DAI).

Configure RFC 3704 filtering.

Configure traffic rate limiting.

Keep your operating system and applications current with the latest patches.

10 Which two statements are true about network attacks that use intelligence? (Choose two.)
A Trojan horse can contain a worm.

A virus can contain a Trojan horse and worms.

A worm can contain a Trojan horse.

A worm can contain a Trojan horse and viruses.

A worm executes and installs copies of itself in the memory of the infected computer.

11
 Refer to the exhibit. Routers RTA and RTB have full connectivity between LANs. However, the clock on RTB cannot synchronize w ith
RTA. Which configuration would correct this situation?
RTB(config)# interface fa0/0
RTB(config)# ntp broadcast client
RTB(config)# no ntp authentication -key 2
RTB(config)# ntp authentication-key 1 md5 cisco
RTB(config)# no ntp server 10.10.10.1
RTB(config)# ntp server 10.0.0.1
RTB(config)# ntp trusted-key 2

RTB(config)# ntp peer 10.0.0.1

12 What command enables AAA authentication for privileged EXEC mode access?
authentication login

aaa authentication enable

enable authentication exec

aaa authentication exec

13 If AutoSecure fails to complete its operations, the running -configuration may be corrupted. Within the context of IOS version 12.4, which
command or command sequence would be appropriate in this situation?
erase running-config and reload

copy startup-config running-config

reload

configure replace flash:pre_autosec.cfg

14 To mitigate probes and scans, which two services should be disabled? (Choose two.)
SNMP

Finger

ICMP Unreachable
ICMP redirects

TCP minor services

15 The command crypto key generate rsa general-keys modulus 1024 must be issued to generate keys used by SSH. Which two tasks
must be completed before this command is entered? (Choose two.)
A modulus of 512 bits must be initially generated.

A hostname other than Router must be configured.

SSH must be globally enabled.

The domain name must be configured.

The SSH server IP address must be configured.

 The vty lines must be configured to accept SSH input.

16 Which statement identifies the distinction between a worm and a virus?

A worm spreads automatically over the network from one computer to the next.
Worm attacks are often based on using malicious code, intelligence gathered in the earlier attacks, or insider access to the
network.
A worm appears desirable but actually contains something harmful.

A worm is a malicious program that attaches itself to other programs and executes an unwanted function on a user workstation.

17 Which response indicates that the security server did not reply and the next authentication method will be accessed?
ERROR

FAIL

ABORT

no response

18 Which two statements about network attacks that use intelligence are true? (Choose two.)
DoS, DDos, trust exploitation, and viruses, are examples of network attacks that are based on intelligence.

DoS, DDos, viruses, Trojan horses, and worms are examples of network attacks that are based on i ntelligence.

Human interaction is required to facilitate the spread of a virus.

Human interaction is required to facilitate the spread of a worm.

The anatomy of a worm consists of containment, inoculation, and quarantine.

The anatomy of a worm consists of the enabling vulnerability, a propagation mechanism, and the payload.

19 Which keyword is used for minimal accounting and sends a stop record accounting notice at the end of the requested user process?
stop-only

start-stop

wait-stop

end-stop