New Updated Cisco CCNA Security 640-554 Real Exam Download 151-160



In a brute-force attack, what percentage of the keyspace must an attacker generally search

through until he or she finds the key that decrypts the data?


A.      Roughly 50 percent

B.      Roughly 66 percent

C.      Roughly 75 percent

D.      Roughly 10 percent


Correct Answer: A




Which three items are Cisco best-practice recommendations for securing a network?

(Choose three.)


A.      Routinely apply patches to operating systems and applications.

B.      Disable unneeded services and ports on hosts.

C.      Deploy HIPS software on all end-user workstations.

D.      Require strong passwords, and enable password expiration.


Correct Answer: ABD




What Cisco Security Agent Interceptor is in charge of intercepting all read/write requests to the rc

files in UNIX?


A.      Configuration interceptor

B.      Network interceptor

C.      File system interceptor

D.      Execution space interceptor


Correct Answer: A




Information about a managed device’s resources and activity is defined by a series of objects.

What defines the structure of these management objects?


A.      MIB

B.      FIB

C.      LDAP

D.      CEF


Correct Answer: A




Which statement is true about vishing?


A.      Influencing users to forward a call to a toll number (for example, a long distance or

international number)

B.      Influencing users to provide personal information over a web page

C.      Using an inside facilitator to intentionally forward a call to a toll number (for example, a long

distance or international number)

D.      Influencing users to provide personal information over the phone


Correct Answer: D




Which item is the great majority of software vulnerabilities that have been discovered?


A.      Stack vulnerabilities

B.      Heap overflows

C.      Software overflows

D.      Buffer overflows


Correct Answer: D




Which one of the following items may be added to a password stored in MD5 to make it more



A.      Ciphertext

B.      Salt

C.      Cryptotext

D.      Rainbow table


Correct Answer: B




In which two modes can Cisco Configuration Professional Security Audit operate? (Choose two.)


A.      Security Audit wizard

B.      Lockdown

C.      One-Step Lockdown

D.      AutoSecure


Correct Answer: AC




What are three of the security conditions that Cisco Configuration Professional One-Step

Lockdown can automatically detect and correct on a Cisco router? (Choose three.)


A.      One-Step Lockdown can set the enable secret password.

B.      One-Step Lockdown can disable unused ports.

C.      One-Step Lockdown can disable the TCP small server’s service.

D.      One-Step Lockdown can enable IP Cisco Express Forwarding.

E.       One-Step Lockdown can enable DHCP snooping.

F.       One-Step Lockdown can enable SNMP version 3.


Correct Answer: ACD




Which statement about Control Plane Policing is true?


A.      Control Plane Policing allows QoS filtering to protect the control plane against DoS attacks.

B.      Control Plane Policing classifies traffic into three categories to intercept malicious traffic.

C.      Control Plane Policing allows ACL-based filtering to protect the control plane against DoS


D.      Control Plane Policing intercepts and classifies all traffic.


Correct Answer: A


Download Latest Complete collection of CCNA Security 640-554 Real Exam ,help you to pass exam 100%.

Ensurepass Cisco Certifications Exam Questions and Answers
Ensurepass CCNA Security Exams Questions and Answers


You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by