0 of 32 Preguntas completed
Preguntas:
Ya has completado el examen anteriormente. Por lo tanto no puedes iniciarlo de nuevo.
Cargando Examen…
Debes iniciar sesión o registrarte para empezar el examen.
En primer lugar debes completar esto:
0 de 32 Preguntas respondidas correctamente
Tu tiempo:
El tiempo ha pasado
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Which component of the Cisco Cyber Threat Defense solution provides user and flow context analysis?
Which two statements about AAA authentication are true? (Choose two)
A network administrator applies the following configuration to an IOS device.
What is the process of password checks when a login attempt is made to the device?
The login method is configured on the VTY lines of a router with these parameters.
– The first method for authentication is TACACS
– If TACACS is unavailable, login is allowed without any provided credentials
Which configuration accomplishes this task?
Refer to the exhibit.
What is the effect of the configuration?
Refer to the exhibit.
An engineer must create a configuration that executes the show run command and then terminates the session when user CCNP logs in. Which configuration change is required?
Refer to the exhibit.
Which password allows access to line con 0 for a username of “tommy” under normal operation?
Refer to the exhibit. Which privilege level is assigned to VTY users?
Which technology provides a secure communication channel for all traffic at Layer 2 of the OSI model?
Which feature does Cisco TrustSec use to provide scalable, secure communication throughout a network?
How does Cisco Trustsec enable more access controls for dynamic networking environments and data centers?
What is the difference between the enable password and the enable secret password when password encryption is enable on an IOS device?
Which NGFW mode block flows crossing the firewall?
Which method does the enable secret password option use to encrypt device passwords?
An engineer must protect their company against ransom ware attacks. Which solution allows the engineer to block the execution stage and prevent file encryption?
Which deployment option of Cisco NGFW provides scalability?
Refer to the exhibit.
Security policy requires all idle-exec sessions to be terminated in 600 seconds. Which configuration achieves this goal?
Refer to the exhibit.
An engineer is designing a guest portal on Cisco ISE using the default configuration. During the testing phase, the engineer receives a warning when displaying the guest portal. Which issue is occurring?
Which standard access control entry permits from odd-numbered hosts in the 10.0.0.0/24 subnet?
Refer to the exhibit. An engineer must block all traffic from a router to its directly connected subnet 209.165.200.0/24. The engineer applies access control list EGRESS in the outbound direction on the GigabitEthemet0/0 interface of the router. However, the router can still ping hosts on the 209.165.200.0/24 subnet. Which explanation of this behavior is true?
A client with IP address 209.165.201.25 must access a web server on port 80 at 209.165.200.225. To allow this traffic, an engineer must add a statement to an access control list that is applied in the inbound direction on the port connecting to the web server. Which statement allows this traffic?
Which access controls list allows only TCP traffic with a destination port range of 22-443, excluding port 80?
Refer to the exhibit. An engineer must modify the access control list EGRESS to allow all IP traffic from subnet 10.1.10.0/24 to 10.1.2.0/24. The access control list is applied in the outbound direction on router interface GigabitEthemet 0/1.
Which configuration commands can the engineer use to allow this traffic without disrupting existing traffic flows?
An engineer must deny Telnet traffic from the loopback interface of router R3 to the loopback interface of router R2 during the weekend hours. All other traffic between the loopback interfaces of routers R3 and R2 must be allowed at all times. Which command accomplish this task?
What is the result of applying this access control list?
ip access-list extended STATEFUL
10 permit tcp any any established
20 deny ip any any
Refer to the exhibit. PC-1 must access the web server on port 8080. To allow this traffic, which statement must be added to an access control list that is applied on SW2 port G0/0 in the inbound direction?
Which outbound access list, applied to the WAN interface of a router, permits all traffic except for http traffic sourced from the workstation with IP address 10.10.10.1?
The traceroute fails from R1 to R3. What is the cause of the failure?
An engineer must configure a ACL that permits packets which include an ACK in the TCP header. Which entry must be included in the ACL?
Refer to the exhibit.
Only administrators from the subnet 10.10.10.0/24 are permitted to have access to the router. A secure protocol must be used for the remote access and management of the router instead of clear-text protocols. Which configuration achieves this goal?
hich configuration restricts the amount of SSH that a router accepts 100 kbps?v
Refer to the exhibit. An engineer configures CoPP and enters the show command to verify the implementation. What is the result of the configuration?