You’ve just deployed a new Cisco router that connects several network segments in your organization.
The router is physically located in a cubicle near your office. You’ve backed up the router
configuration to a remote location in an encrypted file. You access the router configuration
interface from your notebook computer using an SSH client with a username of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password.
What should you do to increase the security of this device?
Move the router to a secure server room.
Use encrypted type 7 passwords.
Use TFTP to back up the router configuration to a remote location.
Change the default administrative username and password.
Use a Telnet client to access the router configuration.
|
Move the router to a secure server room.
|
You are an IT consultant and are visiting a new client’s site to become familiar with their network. As you walk around their facility, you note the following:
• When you enter the facility, a receptionist greets you and directs you down the hallway to the office manager’s cubicle. The receptionist uses a notebook system that is secured to her desk with a cable lock.
• The office manager informs you that the organization’s servers are kept in a locked closet.
Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access the closet.
• She informs you that server backups are configured to run each night. A rotation of external USB hard disks are used as the backup media.
• You notice the organization’s network switch is kept in an empty cubicle adjacent to the office manager’s workspace.
• You notice that a router/firewall/content You notice that a router/firewall/content filter all filter all–inin–one device has been implemented in the one device has been implemented in the
server closet to protect the internal network from external attacks.
Which security-related recommendations should you make to this client? (Select two.)
Use separate dedicated network perimeter security devices instead of an all-in-one device.
Replace the USB hard disks used for server backups with a tape drive.
Relocate the switch to the locked server closet.
Control access to the work area with locking doors and card readers.
Replace the key lock on the server closet with a card reader.
|
Relocate the switch to the locked server closet. Control access to the work area with locking doors and card readers.
|
Which of the following are solutions that address physical security? (Select two.)
Implement complex passwords.
Require identification and name badges for all employees.
Escort visitors at all times.
Disable guest accounts on computers.
Scan all floppy disks before use
|
Require identification and name badges for all employees. Escort visitors at all times.
|
Which of the following can be used to stop piggybacking from occurring at a front entrance
where employees swipe smart cards to gain entry?
Deploy a mantrap
Install security cameras
Use key locks rather than electronic locks
Use weight scales
|
Deploy a mantrap
|
Which of the following is not an example of a physical barrier access control mechanism?
Fences
Biometric locks
One-time passwords
Mantraps
|
One-time passwords
|
You want to use CCTV to increase your physical security. You want to be able to remotely control
the camera position. Which camera type should you choose?
C-mount
Dome
PTZ
Bulle
|
PTZ
|
You want to use CCTV as a preventative security measure. Which of the following is a
requirement for your plan?
Low LUX or infrared camera
Sufficient lighting
Security guards
PTZ camera
|
Security guards
|
Which of the following CCTV types would you use in areas with little or no light?
C-mount
PTZ
Infrared
A camera with a high LUX rating
|
Infrared
|
Which of the following CCTV camera types lets zoom the focus in and out?
C-mount
Fixed
Varifocal
Infrared
|
Varifocal
|
Which of the following allows for easy exit of an area in the event of an emergency, but prevents
entry? (Select two.)
Anti-passback system
Turnstile
PTZ CCTV
Mantrap
Double-entry door
|
Turnstile Double-entry door
|
Which of the following controls is an example of a physical access control method?
Locks on doors
Passwords
Hiring background checks
Access control lists with permissions
Smart cards
|
Locks on doors
|
Five salesmen who work out of your office. They frequently leave their laptops laying on the desk
in their cubicles. You are concerned that someone might walk by and take one of these laptops.
Which of the following is the best way to address your concerns?
Encrypt all company data on the hard drives.
Require strong passwords in the local security policy.
Use cable locks to chain the laptops to the desks.
Implement screen saver passwords.
|
Use cable locks to chain the laptops to the desks.
|
Hardened
carrier
|
Protected cable distribution
|
Biometric
authenticat
ion
|
Door locks
|
Barricades
|
Perimeter barrier
|
Emergency
escape
plans
|
Safety
|
Alarmed
carrier
|
Protected cable distribution
|
Anti-passback system
|
Physical access control
|
Emergency
lighting
|
Safety
|
Exterior
floodlights
|
Perimeter barrier
|
You are an IT consultant and are visiting a new client’s site to become familiar with their
network. As you walk around their facility, you note the following:
• When you enter the facility, a receptionist greets you and directs you down the hallway to
the office manager’s cubicle. The receptionist uses a notebook system that is secured to her
desk with a cable lock.
• The office manager informs you that the organization’s servers are kept in a locked closet.
Only she has the key to the closet. When you arrive on site, you will be required to get the
key from her to access the closet.
• She informs you that server backups are configured to run each night. A rotation of external
USB hard disks are used as the backup media.
• You notice the organization’s network switch is kept in an empty cubicle adjacent to the
office manager’s workspace.
• You notice that a router/firewall/content filter UTM device has been implemented in the
server closet to protect the internal network from external attacks.
Which security-related recommendations should you make to this client? (Select two.)
Control access to the work area with locking doors and proximity readers.
Use separate dedicated network perimeter security devices instead of a UTM device.
Replace the USB hard disks used for server backups with a tape drive.
Replace the key lock on the server closet with a card reader.
Relocate the switch to the locked server closet.
|
Control access to the work area with locking doors and proximity readers. Relocate the switch to the locked server closet.
|
Which of the following is the most important way to prevent console access to a network switch?
Disconnect the console cable when not in use.
Keep the switch in a room that is locked by a keypad.
Implement an access list to prevent console connections.
Set console and enable secret passwords.
|
Keep the switch in a room that is locked by a keypad.
|