Home > Articles > Certification > Cisco Certification > CCENT

  • Print
  • + Share This
This chapter is from the book

Exam Prep Questions

  1. Which of the following is not a consideration for setting up technical controls in support of secure logging?

    bull.jpg

    A.

    How can the confidentiality of logs as well as communicating log messages be assured?

    bull.jpg

    B.

    How do you log events from several devices in one central place?

    bull.jpg

    C.

    What are the most critical events to log?

    bull.jpg

    D.

    What are the most important logs?

    bull.jpg

    E.

    None of the above.

  2. Fill in the blank with the correct term from the choices.

    One communication path between management hosts and the devices they manage is __________, meaning that the traffic flows within a network separate from the production network.

    bull.jpg

    A.

    In-band

    bull.jpg

    B.

    Inter-vlan

    bull.jpg

    C.

    Private

    bull.jpg

    D.

    Out-of-band

    bull.jpg

    E.

    Intranet

  3. True or false. A general management guideline is to ensure that clocks on network devices are not synchronized with an external time source because this is a known vulnerability.

  4. Indicate the number for each logging level:

    • Debugging:
    • Alerts:
    • Emergencies:
    • Notifications:
    • Critical:
    • Informational:
    • Warnings:
    • ____
    • ____
    • ____
    • ____
    • ____
    • ____
    • ____
  5. To what menus do you have to navigate to setup logging in the SDM?

    bull.jpg

    A.

    Configure->Router Management->Additional Tasks->Logging

    bull.jpg

    B.

    Configure->Additional Tasks->Router Properties->Logging

    bull.jpg

    C.

    Monitor->System Properties->Configure->Syslog

    bull.jpg

    D.

    Configure->Additional Tasks->Router Properties->Syslog

    bull.jpg

    E.

    Monitor->Logging Options->Syslog Setup

  6. Match the following SNMP terms with their definitions:

    1. MIB:
    2. Agent:
    3. NMS:
    • ___
    • ___
    • ___
    1. Responds to sets and gets
    2. Sends sets and gets
    3. Information database
  7. True or false. Secure Network Time Protocol (SNTP) is more secure than regular NTP as it requires authentication.
  8. Which of the following is part of Cisco’s list of seven categories of vulnerable router services and interfaces? (Choose all that apply.)

    bull.jpg

    A.

    Disable unnecessary services and interfaces.

    bull.jpg

    B.

    Disable commonly configured management services.

    bull.jpg

    C.

    Ensure path integrity.

    bull.jpg

    D.

    Disable probes and scans.

    bull.jpg

    E.

    All of the above.

  9. Fill in the blank with the correct term from the choices.

    The Cisco SDM Security Audit Wizard and One-Step Lockdown tools are based on the Cisco _________ feature.

    bull.jpg

    A.

    Auto-Initiate

    bull.jpg

    B.

    SafeAudit

    bull.jpg

    C.

    AuditMany-SecureOnce

    bull.jpg

    D.

    AutoSecure

    bull.jpg

    E.

    None of the above.

  10. True or false. SNMPv3 is implemented in the Cisco SDM Security Audit Wizard but not in the auto secure CLI command.
  • + Share This
  • 🔖 Save To Your Account