CCNA Security » Cisco IOS Zone based Firewall Tutorial

Ensurepass In this tutorial we will learn about Zone Based Firewall, but before digging into details let’s start with basic concepts. Security zone is a group of interfaces to which a policy can be applied. By default, traffic can flow freely within that zone but all traffic to and from that zone is dropped by default. To allow traffic pass between zones, administrators must explicitly declare by creating a zone-pair and a policy for that zone. Another notice is that traffic originated Read more […]

CCNA Security » Zone-based Firewall SDM Simlet

Ensurepass Instructions To access the Cisco Router and Security Device Manager(SDM) utility click on the console host icon that is connected to a ISR router.You can click on the grey buttons below to view the different windows. Each of the windows can be minimized by clicking on the [-].You can also reposition a window by dragging it by the title bar. The “Tab” key and most commands that use the “Control”or “Escape” keys are not supported and are not necessary Read more […]

CCNA Security » Port Security Lab Sim

Ensurepass Question You are the network security administrator for Big Money Bank Co. You are informed that an attacker has performed a CAM table overflow attack by sending spoofed MAC addresses on one of the switch ports. The attacker has since been identified and escorted out of the campus. You now need to take action to configure the switch port to protect against this kind of attack in the future. For purposes of this test, the attacker was connected via a hub to the Fa0/12 interface of the Read more […]

CCNA Security » Site-to-site VPN SDM Lab Sim

Ensurepass Question Next Gen University main campus is located in Santa Cruz. The University has recently established various remote campuses offering e-learning services. The University is using Ipsec VPN connectivity between its main and remote campuses San Jose(SJ), Los Angeles(LA), Sacremento(SAC). As a recent addition to the IT/Networking team, you have been tasked to document the Ipsec VPN configurations to the remote campuses using the Cisco Router and SDM utility. Using the SDM Read more […]

» Security Device Manager SDM

EnsurepassHere you will find answers to Security  Device  Manager SDM Questions Question 1 For the following options, which one accurately matches the CU command(s) to the equivalent SDM wizard that performs similar configuration functions? A. setup exec command and the SDM Security Audit wizard B. auto secure exec command and the SDM One-Step Lockdown wizard C. aaa configuration commands and the SDM Basic Firewall wizard D. Cisco Common Classification Policy Language configuration commands Read more […]

» IPsec Questions

EnsurepassHere you will find answers to IPsec Questions Question 1 Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a data stream. IPsec operation requires which two functions? (Choose two) A. using PKI for pre-shared-key authentication B. using AH protocols for encryption and authentication C. using IKE to negotiate the SA D. using Diffie-Hellman to establish a shared-secret key   Answer: Read more […]

» Implementing Firewall Technologies

EnsurepassHere you will find answers to Implementing Firewall Technologies Questions Question 1 Which kind of table will be used by most firewalls today to keep track of the connections through the firewall? A. queuing B. netflow C. dynamic ACL D. reflexive ACL E. state   Answer: E Explanation There are four generations of firewall technologies developed between 1983 and 1995: static packet-filtering firewalls, circuit-level firewalls, application layer firewalls and dynamic packet-filtering Read more […]

» Authentication Authorization & Accounting

EnsurepassHere you will find answers to Authentication Authorization & Accounting Questions Question 1 How do you define the authentication method that will be used with AAA? A. With a method list B. With the method command C. With the method aaa command D. With a method statement   Answer: A Explanation A method list is a sequential list of authentication methods to query to authenticate a user. Method lists enable you to designate one or more security protocols to be used for authentication, Read more […]

» Managing a Secure Network

EnsurepassHere you will find answers to Managing a Secure Network Questions Question 1 For the following attempts, which one is to ensure that no employee becomes a pervasive security threat, that data can be recovered from backups, and that information system changes do not compromise a system’s security? A.    Disaster recovery B.    Strategic security planning C.    Implementation security D.    Operations security   Answer: D Note: Operations security: day-to-day security Read more […]

» Securing Network Devices

EnsurepassHere you will find answers to Securing Network Devices Questions Question 1 As a network engineer at, you are responsible for the network. Which one will be necessarily taken into consideration when implementing Syslogging in your network? A. Log all messages to the system buffer so that they can be displayed when accessing the router. B. Use SSH to access your Syslog information. C. Enable the highest level of Syslogging available to ensure you log all possible event Read more […]

» Implementing Virtual Private Networks

EnsurepassHere you will find answers to Implementing Virtual Private Networks Questions Question 1 You work as a network engineer, do you know an IPsec tunnel is negotiated within the protection of which type of tunnel? A. GRE tunnel B. L2TP tunnel C. L2F tunnel D. ISAKMP tunnel   Answer: D Question 2 For the following items, which one acts as a VPN termination device and is located at a primary network location? A. Headend VPN device B. Tunnel C. Broadband service D. VPN access device   Answer: Read more […]

» Modern Network Security Threats

EnsurepassHere you will find answers to Modern Network Security Questions Question 1 Which item is the great majority of software vulnerabilities that have been discovered? A. Stack vulnerabilities B. Software overflows C. Heap overflows D. Buffer overflows   Answer: D Question 2 Which statement is true about vishing? A. Influencing users to forward a call to a toll number (for example, a long distance or international number) B. Influencing users to provide personal information over the Read more […]

» Cryptographic Systems

EnsurepassHere you will find answers to Cryptographic Systems Questions   Question 1 Please choose the correct matching relationships between the cryptography algorithms and the type of algorithm. 1 3DES 2 RSA 3 Diffie-Hellman 4 AES 5 IDEA 6 Elliptical Curve A. Symmetric – 1, 2 and 3 Asymmetric – 4, 5 and 6 B. Symmetric – 1, 4 and 5 Asymmetric – 2, 3 and 6 C. Symmetric – 2, 4 and 5 Asymmetric – 1, 3 and 6 D. Symmetric – 2, 5 and 6 Asymmetric – 1, 3 and 4   Answer: Read more […]

» Drag and Drop Questions

EnsurepassHere you will find answers to Drag and Drop Questions Notice: In the exam, some Drag and Drop Questions may be represented as multiple-choice questions. Question 1 On the basis of the description of SSL-based VPN, place the correct descriptions in the proper locations.   Answer: + The authentication process uses hashing technologies. + Asymmetric algorithms are used for authentication and key exchange. + Symmetric algorithms are used for bulk encryption. Question 2 Which three Read more […]

Pages: 1 2 Next
Proudly powered by WordPress   Premium Style Theme by