New Updated Cisco CCNA Security 640-554 Real Exam Download 151-160

Ensurepass

QUESTION 151

In a brute-force attack, what percentage of the keyspace must an attacker generally search

through until he or she finds the key that decrypts the data?

 

A.      Roughly 50 percent

B.      Roughly 66 percent

C.      Roughly 75 percent

D.      Roughly 10 percent

 

Correct Answer: A

 

 

QUESTION 152

Which three items are Cisco best-practice recommendations for securing a network?

(Choose three.)

 

A.      Routinely apply patches to operating systems and applications.

B.      Disable unneeded services and ports on hosts.

C.      Deploy HIPS software on all end-user workstations.

D.      Require strong passwords, and enable password expiration.

 

Correct Answer: ABD

 

 

QUESTION 153

What Cisco Security Agent Interceptor is in charge of intercepting all read/write requests to the rc

files in UNIX?

 

A.      Configuration interceptor

B.      Network interceptor

C.      File system interceptor

D.      Execution space interceptor

 

Correct Answer: A

 

 

QUESTION 154

Information about a managed device’s resources and activity is defined by a series of objects.

What defines the structure of these management objects?

 

A.      MIB

B.      FIB

C.      LDAP

D.      CEF

 

Correct Answer: A

 

 

QUESTION 155

Which statement is true about vishing?

 

A.      Influencing users to forward a call to a toll number (for example, a long distance or

international number)

B.      Influencing users to provide personal information over a web page

C.      Using an inside facilitator to intentionally forward a call to a toll number (for example, a long

distance or international number)

D.      Influencing users to provide personal information over the phone

 

Correct Answer: D

 

 

QUESTION 156

Which item is the great majority of software vulnerabilities that have been discovered?

 

A.      Stack vulnerabilities

B.      Heap overflows

C.      Software overflows

D.      Buffer overflows

 

Correct Answer: D

 

 

QUESTION 157

Which one of the following items may be added to a password stored in MD5 to make it more

secure?

 

A.      Ciphertext

B.      Salt

C.      Cryptotext

D.      Rainbow table

 

Correct Answer: B

 

 

QUESTION 158

In which two modes can Cisco Configuration Professional Security Audit operate? (Choose two.)

 

A.      Security Audit wizard

B.      Lockdown

C.      One-Step Lockdown

D.      AutoSecure

 

Correct Answer: AC

 

 

QUESTION 159

What are three of the security conditions that Cisco Configuration Professional One-Step

Lockdown can automatically detect and correct on a Cisco router? (Choose three.)

 

A.      One-Step Lockdown can set the enable secret password.

B.      One-Step Lockdown can disable unused ports.

C.      One-Step Lockdown can disable the TCP small server’s service.

D.      One-Step Lockdown can enable IP Cisco Express Forwarding.

E.       One-Step Lockdown can enable DHCP snooping.

F.       One-Step Lockdown can enable SNMP version 3.

 

Correct Answer: ACD

 

 

QUESTION 160

Which statement about Control Plane Policing is true?

 

A.      Control Plane Policing allows QoS filtering to protect the control plane against DoS attacks.

B.      Control Plane Policing classifies traffic into three categories to intercept malicious traffic.

C.      Control Plane Policing allows ACL-based filtering to protect the control plane against DoS

attacks.

D.      Control Plane Policing intercepts and classifies all traffic.

 

Correct Answer: A

 

Download Latest Complete collection of CCNA Security 640-554 Real Exam ,help you to pass exam 100%.

Ensurepass Cisco Certifications Exam Questions and Answers
Ensurepass CCNA Security Exams Questions and Answers

Leave a Reply