CCNA Security Practice Exam 2 IINS 640-554 CCNA Security Practice Exam 2 IINS 640-554 What can you use to troubleshoot a site-to-site VPN tunnel? a) debug crypto isakmp b) show crypto isakmp sa c) both d) neither Running auto secure from the command line,disables all except a) Finger b) PAD c) Small servers d) Service password-encryption In terms of IDS/IPS technology what can be described as “using a predefined definition of known good network behavior, provided by the vendor”? a) Statistical b) Nonstatistical c) Honeypot d) Active Which security term refers to a person, property, or data of value to a company? a) Risk b) Asset c) Threat prevention d) Mitigation technique Which one is not shown on the VPN Connection Information screen when you are using a Sdm tool to configure VPN tunnel a) Interface Selection b) Peer Identity c) Authentication d) Preshared Key Who logged in? what they did, how long did they do it? these describe a) Authorization b) Logging c) Accounting d) Debugging Which of the following might you find in a network that is based on a defense-in-depth security implementation? a) Firewall b) IPS c) Access lists d) All Cisco Security Agent can be refered to as a) NIDS b) HIDS c) HIPS d) NIPS Which of the following commands result in a secure bootset? a) secure boot-set b) secure boot-config c) secure boot-files d) All RFC 1918 IP addresses should be blocked by ACL at an Internet-facing router heading inbound to the local LAN. What part of the statement is false? a) Nothing is true b) nothing is false c) There are no Rfc IP addresses d) It should be 1398 instead of 1918 Loading … Question 1 of 10
