CCNA Midterm exam/Questions
and Answers
True/False: A virus does not require a host program but a worm does. - -
false
-What type of attack has the following goals:
Identify operating systems
Determine potential vulnerabilities
Identify active services - -Reconnaissance attack or port scan
-Intrusion Prevention Systems (IPS) are important in mitigating what type of
attack? - -DDos or Denial of service
-True/False: The use of SCP requires the use of SSH and AAA authentication
and authorization. - -yes
-True/False: QoS traffic policing can be used to limit ingress traffic, which in
turn helps mitigate DoS attacks - -true
-When configuring privilege levels, are command set on a higher privilege
level available for lower privilege users? - -no
-R1(config)#no service password-recovery
What will be the result of the above command? - -no rommon no password
recov
-Excluding the root view, what is the maximum limit of views that can be
created? - -0-15
-Router# show secure bootset
Refer to the command above and describe what will be displayed. - -secure
ios image
-Router#
IOS resilience router id JMX0704L5GH
IOS image resilience version 12.3 activated at 08:16:51 UTC Sun Jun 16 2002
Secure archive slot0:c3745-js2-mz type is image (elf) []
file size is 25469248 bytes, run size is 25634900 bytes
Runnable image, entry point 0x80008000, run from ram
IOS configuration resilience version 12.3 activated at 08:17:02 UTC Sun Jun
16 2002
Secure archive slot0:.runcfg-20020616-081702.ar type is config
configuration archive size 1059 bytes
, Refer to the router output above & determine the command that was issued.
- -secure bootset
-Refer to the syslog message above and determine the message's
notification level. - -6
-When enabling SNMPv3, what are the 3 security levels that can be
configured? Describe each security level. - -1 noauthnopriv = just need
username to enter into switch
2auth= can communicate but require 3 password/credentials
priv= you need credentials and an encrypted connection for communication
-What is the purpose of community string when using SNMPv2? - -basically
a password,ID,or Credentials to access data on router
-NTP uses port numbe - -123
-TACACS+ & RADIUS are 2 ________ used by AAA to authenticate users from
a database of username and passwords stored centrally on a server? - -
protocols server based authentication
-When a Cisco Secure ACS is configured to communicate with an external
user database, what are the 2 ways it can be configured to authenticate
users? - -USer assignment: Meaning the username of the account must
match the user put in external databases
unknown policy: authenticates users that are not in cisco secure ios
database, will not require defining users in the ios database tho
-Refer to the graphic above and determine what username and password an
administrator would have to use to reach RouterB . - -Username = admin
Password = cisco123
-When a Cisco Secure ACS is configured to communicate with an external
user database, what are the 2 ways it can be configured to authenticate
users? - -USer assignment : Meaning the username of the account must
match the user put in external databases
unknown policy: authenticates users that are not in cisco secure ios
database, will not require defining users in the ios database tho
-What must be configured before any Role-Based CLI views can be created?
- -USer assignment : Meaning the username of the account must match the
user put in external databases
unknown policy: authenticates users that are not in cisco secure ios
database, will not require defining users in the ios database tho
and Answers
True/False: A virus does not require a host program but a worm does. - -
false
-What type of attack has the following goals:
Identify operating systems
Determine potential vulnerabilities
Identify active services - -Reconnaissance attack or port scan
-Intrusion Prevention Systems (IPS) are important in mitigating what type of
attack? - -DDos or Denial of service
-True/False: The use of SCP requires the use of SSH and AAA authentication
and authorization. - -yes
-True/False: QoS traffic policing can be used to limit ingress traffic, which in
turn helps mitigate DoS attacks - -true
-When configuring privilege levels, are command set on a higher privilege
level available for lower privilege users? - -no
-R1(config)#no service password-recovery
What will be the result of the above command? - -no rommon no password
recov
-Excluding the root view, what is the maximum limit of views that can be
created? - -0-15
-Router# show secure bootset
Refer to the command above and describe what will be displayed. - -secure
ios image
-Router#
IOS resilience router id JMX0704L5GH
IOS image resilience version 12.3 activated at 08:16:51 UTC Sun Jun 16 2002
Secure archive slot0:c3745-js2-mz type is image (elf) []
file size is 25469248 bytes, run size is 25634900 bytes
Runnable image, entry point 0x80008000, run from ram
IOS configuration resilience version 12.3 activated at 08:17:02 UTC Sun Jun
16 2002
Secure archive slot0:.runcfg-20020616-081702.ar type is config
configuration archive size 1059 bytes
, Refer to the router output above & determine the command that was issued.
- -secure bootset
-Refer to the syslog message above and determine the message's
notification level. - -6
-When enabling SNMPv3, what are the 3 security levels that can be
configured? Describe each security level. - -1 noauthnopriv = just need
username to enter into switch
2auth= can communicate but require 3 password/credentials
priv= you need credentials and an encrypted connection for communication
-What is the purpose of community string when using SNMPv2? - -basically
a password,ID,or Credentials to access data on router
-NTP uses port numbe - -123
-TACACS+ & RADIUS are 2 ________ used by AAA to authenticate users from
a database of username and passwords stored centrally on a server? - -
protocols server based authentication
-When a Cisco Secure ACS is configured to communicate with an external
user database, what are the 2 ways it can be configured to authenticate
users? - -USer assignment: Meaning the username of the account must
match the user put in external databases
unknown policy: authenticates users that are not in cisco secure ios
database, will not require defining users in the ios database tho
-Refer to the graphic above and determine what username and password an
administrator would have to use to reach RouterB . - -Username = admin
Password = cisco123
-When a Cisco Secure ACS is configured to communicate with an external
user database, what are the 2 ways it can be configured to authenticate
users? - -USer assignment : Meaning the username of the account must
match the user put in external databases
unknown policy: authenticates users that are not in cisco secure ios
database, will not require defining users in the ios database tho
-What must be configured before any Role-Based CLI views can be created?
- -USer assignment : Meaning the username of the account must match the
user put in external databases
unknown policy: authenticates users that are not in cisco secure ios
database, will not require defining users in the ios database tho
