|
Question 1. Which VPN protocol is described by: supports multiple encapsulated protocols, authentication and encryption, and uses a client / server architecture? A. PPTP B. L2TP C. SSH2 D. IPSec Answer: A Explanation: PPTP is based on the point-to-point protocol. PPTP enables users to access wireless networks securely and easily, and is natively supported by most Microsoft desktop and server operating systems. Question 2. Which type of segmentation device is described by: intelligent, but slow, uses security that is equivalent to a strong set of access control lists? A. Firewall B. Router C. Layer 3 switch D. VPN Concentrator Answer: B Question 3. Which type of segmentation device is described by: used to filter between networks, can be designed as all-purpose or for specific filtering functions? A. Router B. Firewall C. VPN Concentrator D. Enterprise Encryption Gateway Answer: B Question 4. Which EAP authentication type is characterized by: one-way authentication, password-based protocol, and does not use WEP keys? A. EAP-TTLS B. LEAP C. EAP-TLS D. EAP-MD5 Answer: D Question 5. Which EAP authentication type is characterized by the creation of an encrypted tunnel between the supplicant and the authentication server? A. EAP-TTLS B. LEAP C. PEAP D. EAP-TLS Answer: A Question 6. An access point using an EAP protocol. A client device sends it an EAP-start message. What is the FIRST action the access point takes? A. AP enables port to authorized state. B. AP detects client. C. AP sends identity request to client. D. AP enables port to unauthorized state. Answer: B Question 7. Which EAP authentication type is characterized by: based on Secure Socket Layer protocol and used both server-side and client-side certificates? A. EAP-MD5 B. LEAP C. EAP-TTLS D. EAP-TLS Answer: D Question 8. Which of the following Layer 2 security solutions provides for unique and changing encryption keys with the addition of a flexible authentication protocol, and adds broadcast key rotation in some implementations? A. 802.1x/EAP B. Dynamic WEP C. Static WEP D. TKIP Answer: A Question 9. Which of the following Layer 2 security solutions provides for unique and changing encryption keys so an intruder will never be able to collect enough data to crack the keys? A. Dynamic WEP B. TKIP C. Static WEP D. 802.1x/EAP Answer: A Question 10. Which EAP authentication type is characterized by: any kind of supplicant credentials can be used; mutual authentication but only server-side digital certificates? A. EAP-TLS B. LEAP C. PEAP D. EAP-TTLS Answer: D Question 11. Concerning RADIUS, what term refers to the design capability that allows multiple servers to run as a single computer, where each shares in the workload of the application? A. Scalability B. Clustering C. Failover D. Distributed Answer: B Question 12. Which of the following statements is false concerning using switches to connect to the wired segment of a network? A. Allows support for security and network management tools like VLANs. B. Create full duplex connectivity at the bridge C. Broadcast each frame entering any port to every other port D. Create full duplex connectivity at the access point Answer: C Question 13. The time required for a brute force attack to find an encryption key is exponentially raised when what is proportionally raised? A. key length B. variable rotation C. number of rounds D. key expansion Answer: C Question 14. Though it has been highly publicized to have been broken, WEP offers a fair level of security, especially when compared with not using any protection at all. What is the shortest estimate of how long a hacker would need to crack WEP? A. Within an hour B. Several days. C. Almost immediately. D. Three to four hours Answer: D Question 15. Which encryption scheme is the most well-known block cipher, and is extremely efficient on processors such as Intel's Pentium series? A. RC4 B. DES/3DES C. RC5 D. AES Answer: C
|
Question 1. Which of the following are the right description to the backbone area? A. The backbone area ID is 0.0.0.0. B. All other areas must connect to the backbone area. C. Between the backbone areas it can be disconnected. D. Each ABR (Area Border Router) should be connected to at least one backbone area. Answer: ABD Question 2. Which of the following are the right description to the adjacency between routers in the OSPF protocol? A. Two routers, if they are in bidirectional adjacency, that is, they receive the Hello message from each other, they automatically become adjacent. B. If two routers are adjacent, the underlying network between them is probably Point-to-Point. C. If two routers are adjacent, the underlying network between them is probably Point-to- MultiPoint. D. If two routers are adjacent, the underlying network between them is probably Broadcast. One of them must be a DR or BDR. E. Only when the two routers are adjacent will they exchange the LSA message. Answer: BCDE Question 3. Two routers running the OSPF protocol are synchronizing the Link State Database. When you check the peer state machine on one of them, it indicates it has reached the FULL state. Therefore, such a conclusion can be drawn that if you check the peer state machine from the other router, it should also indicate that it has reached the FULL state. A. True B. False Answer: B Question 4. To view the information of the DR and BDR in the OSPF area, you can use A. Display ospf B. Display ospf error C. Display ospf interface D. Display ospf peer Answer: A Question 5. Which is wrong about the BGP protocol? A. BGP is a robust routing protocol. B. BGP is to check the route loop. C. BGP can not summary routes of the same type. D. BGP inherits from EGP Answer: C Question 6. Which of the following is the way to avoid loop in the BGP protocol? A. Record the source of the route in the attribute: origin B. Record the AS route in the attribute: AS-Path C. Record the next hop in the Next-Hop attribute D. Affect the choice of egress for another AS in the MED attribute Answer: B Question 7. In the BGP protocol, the function of the community attribute NO-EXPORT is to A. Indicate that the route with this attribute should not be notified to any peer out of the alliance B. Indicate that the route with this attribute, once received, should not be notified to any BGP peer. C. Indicate that the route with this attribute, once received, should not be notified to any EBGP peer. D. None of the above Answer: A Question 8. BGP community is a group of destinations with public attributes. For a network or an AS there can be only one community. A. True B. False Answer: B Question 9. RTA notifies RTB about a learned route 1.1.1.0/24 from the EBGP peer. RTA and RTB are in the same AS. The attributes of the route are listed as the following: local preference:100 MED: 100 AS_PATH: 200 Origine: EGP Next_hop: 88.8.8.1/16 The attributes of the received route by RTB will be A. Local preference: null, MED: 100, AS_PATH: 200 100 ,Origine :EGP, next_hop: 10.110.20.1/16 B. Local preference:100, MED: 100, AS_PATH: 200 ,Origine: EGP, next_hop: 88.8.8.1/16 C. Local preference:100, MED: null, AS_PATH: EGP, Origine :EGP, next_hop: 10.110.10.1/16 D. Local preference: null, MED: 0, AS_PATH: 100 200, Origine: EGP, next_hop: 88.8.8.1/16 Answer: B Question 10. Bi-directional Import refers to that routes are imported mutually between routing protocols. To prevent route loop, you can A. prohibit route redistributing from 2 different routing processes which runs over the same router into each other. B. Use filter-policy import C. Use filter-policy export D. Use fire-wall Answer: ABC
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.