Security Pro – 6.6.7, 6.7.8, 6.8.7

In the VLAN configuration shown in in the diagram above, workstations in VLAN1 are not able to communicate with workstations in VLAN2, even though they are connected to the same physical switch.

Which of the following can you use to allow workstations in VLAN1 to communicate with the workstations in VLAN2? (Select 2. Each correct answer is a complete solution.)

Use a router to route packets between VLAN1 and VLAN2. Use a Layer 3 switch to route packets between VLAN1 and VLAN2.

Which of the following is Which of the following is not an administrative benefit of implementing VLANs?

You can simplify routing traffic between separate networks.

Which of the following is an appropriate definition of a VLAN?

A logical grouping of devices based on service need, protocol, or other criteria.

The IT manager has asked you to create a separate VLAN to be used exclusively for wireless guest devices to connect to. Which of the following is the primary benefit of creating this VLAN?

You can control security by isolating wireless guest devices within this VLAN.

Based on the VLAN configuration shown in the diagram above, which of the following is not true?

Workstations in VLAN1 are able to communicate with workstations in VLAN2 because they are connected to the same physical switch. they are connected to the same physical switch.

You’ve just deployed a new Cisco router that connects several network segments in your organization.
The router is physically located in a server room that requires an ID for access. You’ve backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with a user name of admin and a password of admin. You have used the MD5 hashing algorithm to protect the password.

What should you do to increase the security of this device? (Select two.)

Change the default administrative user name and password. Use an SSH client to access the router configuration.

What should you do to increase the security of this device?

Move the router to a secure server room.

What should you do to increase the security of this device?

Use SCP to back up the router configuration of this device.

You can use a variety of methods to manage the configuration of a network router. Match the management option on the right with its corresponding description on the left. (Each option can be used more than once.)

SSL – Uses public-key cryptography HTTP – Transfers data in cleartext SSH – Uses public-key cryptography Telnet – Transfers data in cleartext Console port – Cannot be sniffed

Which of the following can make passwords useless on a router?

Not controlling physical access to the router.

You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks.

What solution should you implement?

Host-based IDS.

What do host based intrusion detection systems often rely upon to perform their detection activities?

Host system auditing capabilities.

Which actions can a typical passive intrusion detection system (IDS) take when it detects an attack? (Select two.)

The IDS logs all pertinent data about the intrusion. An alert is generated and delivered via email, the console, or an SNMP trap.

Network-based intrusion detection is most suited to detect and prevent which types of attacks?

Bandwidth-based denial of service.

Which of the following activities are considered passive in regards to the function of an intrusion detection system? (Choose two.)

Listening to network traffic Monitoring the audit trails on a server

Which of the following devices can monitor a network and detect potential security attacks?

IDS

Which of the following are security devices that perform stateful inspection of packet data and look for patterns that indicate malicious code? (Select two.)

IPS IDS

You have configured an NIDS to monitor network traffic. Which of the following describes harmless traffic that has been identified as a potential attack by the NIDS device?

False positive.

Which of the following describes a false positive when using an IPS device?

Legitimate traffic being flagged as malicious.

Which of the following devices is capable of detecting and responding to security threats?

IPS

You are concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action to stop or prevent the attack, if possible.

Which tool should you use?

IPS

Network-based intrusion detection is most suited to detect and prevent which types of attacks?

Bandwidth-based denial of service

A honeypot is used for which purpose?

To delay intruders in order to gather auditing data.

Your organization uses a web server to host an e-commerce site.

What should you do?

Implement an application-aware IPS in front of the web server.

Which of the following describes the worst possible action by an IDS?

The system identified harmful traffic as harmless and allowed it to pass without generating any alerts.