unsolicited e-mail messages

1. (TCO4) Virtual circuits provide a(n) _____ communication path from one DTE device to another. (Points : 3)

one-direction
any-direction
multidirectional
bidirectional

2. (TCO 7) A person who sends large amounts of unsolicited e-mail messages is a (Points : 3)

phisher.
spammer.
white hat.
cracker.

3. (TCO 7) According to the course textbook, what one piece of network hardware is most vulnerable to security issues? (Points : 3)

Servers
Routers
Cabling
Software

Answers

1. (TCO 7) Over the years the types and methods of security attacks have evolved. What kind of network attack became prevalent starting around 1995? (Points : 3)

Password guessing and code replication
Password cracking and war dialing
Viruses, including the ILOVEYOU worm, Nimda, and Code Red
Trojan horses such as Back Orifice

2. (TCO 7) Securing router network services most commonly needs to be done at what IOS layer? (Points : 3)

Network
Application
Physical
Data link

3. (TCO 7) What type of attacks use dictionary-cracking and brute-force methods? (Points : 3)

Reconnaissance attacks
Password attacks
DoS attacks
Worms, viruses, and Trojan horses

4. (TCO 7) Which network policy defines the standards for connecting to the internal network from outside the organization? (Points : 3)

Account-access-request policy
Remote-access policy
Risk-assessment policy
Audit policy

1. (TCO 3) Which statement best describes a MAC address spoofing attack? (Points : 6)
The attacker gains access to another host and masquerades as that user.
An attacker alters the MAC address of his or her host to match the MAC address of a target host.
An attacker alters the switch’s MAC address to gain access to the network device from a attacker’s host device.
An attacker floods the MAC address table of a switch so that the switch can no longer filter network access based on MAC addresses.

2. (TCO 3) Which port-security command below is used to capture the current MAC address on an interface? (Points : 6)
switchport port-security mac-address
switchport port-security sticky mac-address
switchport port-security mac-address sticky
switchport port-security mac-address capture

3. (TCO 3) Which port-security violation mode requires an administrator to manually reset the port when a violation occurs? (Points : 6)
protect
restrict
no-log
shutdown

4. (TCO 3) Which of the following switch commands will enable portfast on all ports except for trunk ports? (Points : 6)
spanning-tree portfast enable
spanning-tree portfast
spanning-tree portfast F0/20
spanning-tree portfast default

1. (TCO 5) Which is the purpose of the following commands? Router(config)# line con 0 Router(config-line)# login authentication no_tacacs(Points : 6)
Specifies that any other method except TACACS can be used
Specifies that AAA authentication is not necessary when using console
Specifies the AAA authentication list called no_tacacs will be used for console access
Specifies that TACACS+ has been configured with no shared key requirement

2. (TCO 5) Which configuration command causes a start-accounting record for a point-to-point session to be sent to a TACACS+ server? (Points : 6)
aaa accounting ppp start tacacs+
aaa accounting exec default tacacs+
aaa accounting network default stop-only tacacs+
aaa accounting network default start-stop tacacs+

3. (TCO 5) Which of the following is not considered a component of AAA? (Points : 6)
Authentication
Authorization
Accounting
Administration

4. (TCO 5) Which AAA server protocol offers support for ARAP and NETBEUI protocols as well as IP? (Points : 6)
CSACS
RADIUS
OpenACS
TACACS+

1. (TCO 6) Which is a more secure way to use preshared keys between multiple peers? (Points : 4)
Specify the same key to share with multiple remote peers.
Specify different keys for related groups of remote peers.
Specify a different key for every remote peer connection.
Use the hostname of the remote router as a preshared key value.

2. (TCO 6) The default lifetime of an ISAKMP security association (SA) is _____. (Points : 4)
12 hours
24 hours
48 hours
72 hours

3. (TCO 6) The Cisco IOS firewall crypto isakmp policy mode command that will set the data integrity algorithm to MD5 is _____. (Points : 4)
integrity md5
set hash md5
hash md5
set integrity md5