Which cisco security product line uses deep inspection to identify and prevent malicious attacks, resource misuse, and unauthorized access?()A.MARSB.NACC.VPND.IPS

第1题：

第2题：

Why would a network administrator configure port security on a switch?（）

• A、To prevent unauthorized Telnet access to a switch port.
• B、To limit the number of Layer 2 broadcasts on a particular switch port.
• C、To prevent unauthorized hosts from accessing the LAN.
• D、To protect the IP and MAC address of the switch and associated ports.
• E、To block unauthorized access to the switch management interfaces over common TCP ports.

第3题：

Which IOS security feature is configured by the ip inspect inspection-name {in | out} command？（）

• A、IPsec site-to-site VPN
• B、Cisco AutoSecure
• C、Cisco IOS Firewall
• D、IPS

第4题：

The Company is concerned about Layer 2 security threats.  Which statement is true about these  threats？ （）

• A、 MAC spoofing attacks allow an attacking device to receive frames intended for a different  network host.
• B、 Port scanners are the most effective defense against dynamic ARP inspection.
• C、 MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure against reconnaissance attacks that use dynamic ARP inspection (DAI) to determine vulnerable  attack points.
• D、 Dynamic ARP inspection in conjunction with ARP spoofing can be used to counter DHCP  snooping attacks.
• E、 DHCP snooping sends unauthorized replies to DHCP queries.
• F、 ARP spoofing can be used to redirect traffic to counter dynamic ARP inspection.
• G、 None of the other alternatives apply.

第5题：

Because of the systems-level approach， Cisco security can defend against widespread attacks from hackers and viruses. What describes the Cisco network security strategy？（）

• A、 Cisco Trust Agent
• B、 Cisco Self-Defending Network
• C、 Cisco Secure Access Control
• D、 Cisco Network Admission Control

第6题：

The Company security administrator is concerned with VLAN hopping based attacks. Which two  statements about these attacks are true？ （）

• A、 Attacks are prevented by utilizing the port-security feature.
• B、 An end station attempts to gain access to all VLANs by transmitting Ethernet frames in the  802.1q encapsulation.
• C、 Configuring an interface with the switchport mode dynamic command will prevent VLAN  hopping.
• D、 An end station attempts to redirect VLAN traffic by transmitting Ethernet frames in the 802.1q  encapsulation.
• E、 Configuring an interface with the "switchport mode access" command will prevent VLAN  hopping.

第7题：

Which cisco security product line uses deep inspection to identify and prevent malicious attacks,resource misuse, and unauthorized access?（）

• A、MARS
• B、NAC
• C、VPN
• D、IPS

第8题：

Which of the following would be used to monitor unauthorized access to data files?（）

• A、Performance Log and Alerts
• B、Event Viewer
• C、Security Configuration and Analysis
• D、IP Security Monitor

第9题：

第10题：

第11题：

第12题：

第13题：

What are two characteristics of the SDM Security Audit wizard？（）

• A、displays a screen with Fix-it check boxes to let you choose which potential security-related configuration changes to implement
• B、has two modes of operationinteractive and non-interactive
• C、automatically enables Cisco IOS firewall and Cisco IOS IPS to secure the router
• D、uses interactive dialogs and prompts to implement role-based CLI
• E、requires users to first identify which router interfaces connect to the inside network and which connectto the outside network

第14题：

Why would a network administrator configure port security on a switch?（）

• A、to prevent unauthorized Telnet access to a switch port
• B、to limit the number of Layer 2 broadcasts on a particular switch port
• C、to prevent unauthorized hosts from accessing the LAN
• D、to protect the IP and MAC address of the switch and associated ports
• E、to block unauthorized access to the switch management interfaces over common TCP ports

第15题：

Which Cisco product is a software component that blocks unwanted connections and provides other gateway security functions for small business?（）

• A、Cisco Firewall Services Module (FWSM)
• B、Cisco Secure Access Control Server (ACS)
• C、Cisco Private Internet Exchange (PIX) Firewall
• D、Cisco Internetwork Operating System (IOS) Firewall

第16题：

Which Cisco security software product mitigates Day Zero attacks on desktops and servers - stopping known and unknown attacks without requiring reconfigurations or updates on the endpoints？（）

• A、 Cisco Secure Desktop （CSD）
• B、 NAC Appliance Agent （NAA）
• C、 Cisco SecurityAgent （CSA）
• D、 SSLVPN Client （SVC）
• E、 Cisco TrustAgent （CTA）

第17题：

The cisco ironport portfolio performs which service?（）

• A、reduces the downtime that is asassocoated with spam,viruses,and blended threats that are delivered via email
• B、defends thepenmeter from malicious users and unauthorized traffic
• C、providesA secure communication path through the internet
• D、determines if a user or device is authorized to access a switch port

第18题：

Which online Cisco resource provides PPDIOO and Lifecycle Services methodology？（）

• A、 Cisco Product Advisor
• B、 Steps to Success Portal
• C、 Secure Business Advisor
• D、 Cisco Solution Designer

第19题：

Which of the following security devices would MOST likely be used on a network to screen and prevent malicious traffic?（）

• A、IDS
• B、VPN
• C、NIPS
• D、HIDS

第20题：

第21题：

第22题：

第23题：