Routing protocol
can be used to falsify routing information, cause DoS attacks, or cause traffic to be redirected.
Which of the following is a task to harden the router and safeguard it?
Two tasks that can be done to harden a router are
disabling unused ports and interfaces and securing administrative access to the router
. Installing maximum memory in a router will help protect the operating system from DoS attacks but is not a hardening task.
Why is the username name algorithm type?
Why is the username name algorithm-type scrypt secret password command preferred over the username name secret password command? Question options: It uses the
MD5 algorithm for encrypting passwords
. It uses the standard type 7 algorithm for encrypting passwords.
What type of authentication does an access point use by default?
By default, SSIDs on Cisco Meraki access points that are configured as WPA2 utilize
a combination of both TKIP and AES encryption
. WPA2 Enterprise utilizes authentication on a user level, using the 802.1x standard, along with the features of WPA2 such as AES.
Which type of software typically uses a network adapter card in promiscuous mode to capture all network packets that are sent across a LAN?
Packet sniffer
—Software application that uses a network adapter card in promiscuous mode (a mode in which the network adapter card sends all packets received on the physical network wire to an application for processing) to capture all network packets that are sent across a particular collision domain.
Why is authentication with AAA preferred over a local database method?
Because of implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this? It provides
a fallback authentication method if the administrator forgets the username or password
. … A user complains about not being able to gain access to a network device configured with AAA.
Which one of the following tasks are associated with router hardening?
Question Answer | Which two tasks are associated with router hardening? (Choose two.) securing administrative access disabling unused ports and interfaces | Routing protocol can be used to falsify routing information, cause DoS attacks, or cause traffic to be redirected. spoofing |
---|
What is enable secret 9?
Type 9. this mean
the password will be encrypted when router store it in Run/Start Files using
scrypt as the hashing algorithm. starting from IOS 15.3(3) Example : R1(config)#ena algorithm-type scrypt secret cisco.
What are two characteristics of ACLs choose two group of answer choices?
What are two characteristics of ACLs? (Choose two.)
Standard ACLs can filter on source and destination IP addresses. Standard ACLs can filter on source TCP and UDP ports.
Extended ACLs can filter on source and destination IP addresses.
What are the three components of information security ensured by cryptography choose three?
The CIA triad refers to an information security model made up of the three main components:
confidentiality, integrity and availability
.
What type of authentication can be used for network access?
These are specific technologies designed to ensure secure user access.
Kerberos and SSL/TLS
are two of the most common authentication protocols. Kerberos is named after a character in Greek mythology, the fearsome three-headed guard dog of Hades. It was developed at MIT to provide authentication for UNIX networks.
What are two authentication methods that an access point could use?
WEP provides two types of authentication:
open system authentication (in which all users are allowed to access the WLAN)
and shared key authentication controlling access to the WLAN and preventing unauthorised access to the network. Authentication through shared key is the safer of the two.
Why is open authentication an unsecure solution?
Why is open authentication an unsecure solution?
Because MAC addresses are easily spoofed
. Which two additional components are required to implement 802.1x authentication? 802.1x authentication uses usernames and passwords, certificates, or devices such as smart cards to authenticate wireless clients.
What would you use to sniff traffic on a switch quizlet?
What could you use to sniff traffic on a switch?
Port mirroring
; Port mirroring allows you to capture traffic on a switch port transparently, by sending a copy of traffic on the port to another port of your choosing.
Is packet sniffing legal?
“
Packet sniffing is legal so long as you filter out data after
the 48th (or 96th or 128th) byte.” “Capturing content may be illegal, but capturing non- content is fine.” … “Data sent over a wireless network is available to the public, so capturing it is legal.”
For what reason would a network administrator leverages promiscuous mode on a network interface?
In an Ethernet local area network (LAN), promiscuous mode ensures
that every data packet that is transmitted is received and read by a network adapter
. This means the adapter does not filter packets. Instead, it passes each packet on to the operating system (OS) or any monitoring application installed on the network.