R1(config-ips-category)# category ios_ips basic R1(config-ips-category-action)# retired false Which set of Cisco IOS commands instructs the IPS to compile a signature category named ios_ips into memory and use it to scan traffic? There is no access control to specific interfaces on a router.Ĭommands set on a higher privilege level are not available for lower privileged users.Ĭreating a user account that needs access to most but not all commands can be a tedious process. It is required that all 16 privilege levels be defined, whether they are used or not. Creating a user account that needs access to most but not all commands can be a tedious process. Views are required to define the CLI commands that each user can access. Commands set on a higher privilege level are not available for lower privileged users. The root user must be assigned to each privilege level defined. There is no access control to specific interfaces on a router. Which three statements describe limitations in using privilege levels for assigning command authorization? (Choose three.) Configure a PSK with the crypto isakmp key global configuration command. Configure a hostname with the crypto isakmp identity hostname global configuration command. Configure the DH group identifier with the groupnumber ISAKMP policy configuration command. Configure the message encryption algorithm with the encryptiontype ISAKMP policy configuration command. Which additional peer authentication configuration is required? flooding the LAN with excessive traffic altering the MAC address of an attacking host to match that of a legitimate host When configuring a site-to-site IPsec VPN using the CLI, the authentication pre-share command is configured in the ISAKMP policy. forcing the election of a rogue root bridge bombarding a switch with fake source MAC addresses altering the MAC address of an attacking host to match that of a legitimate host authenticates a packet by using either the HMAC MD5 or HMAC SHA algorithms and encrypts the packet using either the DES, 3DES or AES algorithms authenticates a packet by using either the HMAC with MD5 method or the SHA method Which action best describes a MAC address spoofing attack? authenticates a packet by using either the HMAC with MD5 method or the SHA method authenticates a packet by a string match of the username or community string authenticates a packet using the SHA algorithm only A network technician is configuring SNMPv3 and has set a security level of auth. Possible triggers for the aaa accounting exec default command include start-stop and stop-only. Accounting is concerned with allowing and disallowing authenticated users access to certain areas and programs on the network. Possible triggers for the aaa accounting exec default command include start-stop and stop-only. Users are not required to be authenticated before AAA accounting logs their activities on the network. Accounting can only be enabled for network connections. nonrepudiation confidentiality What is a characteristic of AAA accounting? VLAN attack STP manipulation The use of 3DES within the IPsec framework is an example of which of the five IPsec building blocks? Cisco An圜onnect Cisco router Which type of Layer 2 attack makes a host appear as the root bridge for a LAN? Virtual template interface What can be used as a VPN gateway when setting up a site-to-site VPN? It calculates shared keys based on the exchange of a series of data packets Which two configuration requirements are needed for remote access VPNs using Cisco Easy VPN Server, but are not required for site-to-site VPNs? (Choose two.) It uses TCP port 50 to exchange IKE information between the security gateways. It calculates shared keys based on the exchange of a series of data packets. It uses sophisticated hashing algorithms to transmit keys directly across a network. It uses IPsec to establish the key exchange process. Which statement describes the operation of the IKE protocol?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |