A.Routinely apply patches to operating systems and applications
B.Disable unneeded services and ports on hosts
C.Deploy HIPS software on all end-user workstations
D.Require strong passwords and enable password expiration
您可能感兴趣的试卷
你可能感兴趣的试题
A.Cisco IOS router
B.Cisco PIX 500 series security appliance
C.Cisco 4200 series IPS appliance
D.Cisco ASA 5500 series security appliance
A.Two secret keys
B.Two nonsecret keys
C.Two secret numbers
D.Two nonsecret numbers
Based on the username global configuration mode command displayed in the exhibit. What does the optionsecret 5 indicate about the enable secret password?()
A.It is hashed using MD5
B.It is encrypted using a proprietary Cisco encryption algorithm
C.It is hashed using SHA
D.It is encrypted using DH group 5
A.reflexive ACL
B.dynamic ACL
C.queuing
D.netflow
E.state
A.The enable password is present for backward compatibility.
B.Because the enable secret password is a hash, it cannot be decrypted. Therefore, the enable password is used to match the password that was entered, and the enable secret is used to verify that the enablepassword has not been modified since the hash was generated.
C.The enable password is considered to be a router’s public key, whereas the enable secret password is considered to be a router’s private key.
D.The enable password is used for IKE Phase I, whereas the enable secret password is used for IKE Phase II.
Which statement best describes the relationships between AAA function and TACACS+, RADIUS based onthe exhibit shown?()
A.TACACS+ - P4S1 and P4S4RADIUS - P4S2 and P4S3
B.TACACS+ - P4S2 and P4S4RADIUS - P4S1 and P4S3
C.TACACS+ - P4S1 and P4S3Actual RADIUS - P4S2 and P4S4
D.TACACS+ - P4S2 and P4S3RADIUS - P4S1 and P4S4
A.Firmware-level virus detection
B.Signature-based virus filtering
C.Layer 4 virus detection
D.Signature-based spyware filtering
Given the exhibit below. You are a network manager of your company. You are reading your Syslog serverreports. On the basis of the Syslog message shown, which two descriptions are correct?()
A.This is a normal system-generated information message and does not require further investigation.
B.Service timestamps have been globally enabled.
C.This message is unimportant and can be ignored.
D.This message is a level 5 notification message.
A.A copy of the frame is forwarded out all switch ports other than the port the frame was received on.
B.The frame is transmitted on the native VLAN.
C.The switch sends a NACK segment to the frame’s source MAC address.
D.The frame is dropped.
Which description is true about the show login command output displayed in the exhibit?()
A.Three or more login requests have failed within the last 100 seconds.
B.When the router goes into quiet mode, any host is permitted to access the router via Telnet,actual SSH, and HTTP, since the quiet-mode access list has not been configured.
C.The login block-for command is configured to block login hosts for 93 seconds.
D.All logins from any sources are blocked for another 193 seconds.
最新试题
What is a static packet-filtering firewall used for ?()
Which type of intrusion prevention technology will be primarily used by the Cisco IPS security appliances?()
In an IEEE 802.1x deployment,between which two devices EAPOL messages typically are sent?()
Which type of MAC address is dynamically learned by a switch port and then added to the switch’s runningconfiguration?()
Refer to the exhibit. Which statement is correct based on the show login command output shown?()
Which method is of gaining access to a system that bypasses normal security measures?()
When configuring role-based CLI on a Cisco router,which action will be taken first ?()
Which two actions can be configured to allow traffic to traverse an interface when zone-based security isbeing employed?()
When configuring SSH, which is the Cisco minimum recommended modulus value?()
Refer to the exhibit. Based on the VPN connection shown, which statement is true?()