Exam Prep Questions

Previous page
Table of content
Next page

Question 1

Which of the following passwords can be applied on a Cisco router?

  • A. enable secret 1lcisco123

  • B. enable secret password cisco

  • C. enable secret c

  • D. enable secret <space><space>ciscocisco

A1:

Answers: B, C, D. Passwords on a Cisco router cannot start with a number, and they ignore the leading spaces after the keyword secret . You can have a password from 1 to 25 characters in length.

Question 2

Which of the following commands resulted in the output that is bolded: 

 
 line con 0  exec-timeout 0 0  password 7 104D000A061843595F50  logging synchronous

  • A. service password encryption

  • B. service encryption password

  • C. service password-encryption

  • D. encryption-password

A2:

Answer: C. The service password-encryption command uses the Cisco-proprietary Vigenere cipher to encrypt all the other passwords on the router except the enable secret password (which uses MD5). A, B, and D are incorrect because they have the wrong syntax.

Question 3

Which command can you use to ensure that all administrative interfaces stay active for a period of 5 minutes and 45 seconds only after the last session activity?

  • A. Central(config-line)#timeout 5 45

  • B. Central(config-line)#exec-timeout 5 45

  • C. Central(config)#exec-timeout 5 45

  • D. Central#exec-timeout 5 e45

A3:

Answer: B. The exec-timeout in line configuration mode ensures that the administrative interface stays up for the specified duration after the last session activity. A is incorrect because the correct command is exec-timeout and not simply timeout . C and D are incorrect because you have to be in line configuration mode to execute the exec-timeout command.

Question 4

Which of the following commands on a Cisco router can you use to prevent a hacker from finding out which users are logged into the network device?

  • A. show cdp entry

  • B. ip finger

  • C. no ip finger

  • D. no service finger

A4:

Answers: C, D. You can use the no ip finger and no service finger commands to prevent a hacker from finding out which users are logged into the network device. The no service finger command is a legacy command and works just the same as no ip finger .

Question 5

You have just configured the following access list and would like only these hosts to have Telnet access to the Central router. Which of the following commands will you use to make sure this implementation works? 

 
 Central(config)#access-list 1 permit host 10.10.0.1 Central(config)#access-list 1 permit host 10.10.0.2

  • A. ip access- group 1 in

  • B. access-group 1 in

  • C. ip access-class 1 in

  • D. access-class 1 in

A5:

Answer: D. You use the access-class command in line configuration mode in an inbound direction to ensure that only hosts 10.10.0.1 and 10.10.0.2 are allowed to Telnet to the router. By default, all access lists have an implicit deny in the end, and because of that rule, only two hosts will be allowed Telnet access to the Central router.



Previous page
Table of content
Next page
CCSP SECUR Exam Cram 2
CCSP SECUR Exam Cram 2 (642-501)
ISBN: B000MU86IQ
EAN: N/A
Year: 2003
Pages: 291
Authors: Raman Sud
BUY ON AMAZON
Agile Project Management: Creating Innovative Products (2nd Edition)
Building Web Applications with UML (2nd Edition)
A Practitioners Guide to Software Test Design
Mapping Hacks: Tips & Tools for Electronic Cartography
Special Edition Using Crystal Reports 10
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy