Ensurepass  QUESTION 101 At which layer does MACsec provide encryption?   A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4   Correct Answer: B     QUESTION 102 Which log level provides the most detail on the Cisco Web Security Appliance?   A. Debug B. Critical C. Trace D. Informational   Correct Answer: C     QUESTION 103 A Cisco ASA is configured for TLS proxy. When should the security appliance force remote IP phones connecting Read more [...]
Ensurepass  QUESTION 81 To which port does a firewall send secure logging messages?   A. TCP/1500 B. UDP/1500 C. TCP/500 D. UDP/500   Correct Answer: A     QUESTION 82 Which product can manage licenses, updates, and a single signature policy for 15 separate IPS appliances?   A. Cisco Security Manager B. Cisco IPS Manager Express C. Cisco IPS Device Manager D. Cisco Adaptive Security Device Manager   Correct Answer: A     QUESTION Read more [...]
Ensurepass  QUESTION 91 A switch is being configured at a new location that uses statically assigned IP addresses. Which will ensure that ARP inspection works as expected?   A. Configure the 'no-dhcp' keyword at the end of the ip arp inspection command B. Enable static arp inspection using the command 'ip arp inspection static vlan vlan- number C. Configure an arp access-list and apply it to the ip arp inspection command D. Enable port security   Correct Answer: C   Read more [...]
Ensurepass  QUESTION 61 What is the default behavior of NAT control on Cisco ASA Software Version 8.3?   A. NAT control has been deprecated on Cisco ASA Software Version 8.3. B. It will prevent traffic from traversing from one enclave to the next without proper access configuration. C. It will allow traffic to traverse from one enclave to the next without proper access configuration. D. It will deny all traffic.   Correct Answer: A     QUESTION 62 Which kind Read more [...]
Ensurepass  QUESTION 71 Which feature can suppress packet flooding in a network?   A. PortFast B. BPDU guard C. Dynamic ARP Inspection D. storm control   Correct Answer: D QUESTION 72 In a Cisco ASAv failover deployment, which interface is preconfigured as the failover interface?   A. GigabitEthernet0/2 B. GigabitEthernet0/4 C. GigabitEthernet0/6 D. GigabitEthernet0/8   Correct Answer: D     QUESTION 73 What are the three types of private Read more [...]
Ensurepass  QUESTION 51 A Cisco ASA is configured in multiple context mode and has two user-defined contexts--Context_A and Context_B. From which context are device logging messages sent?   A. Admin B. Context_A C. Context_B D. System   Correct Answer: A     QUESTION 52 What are two primary purposes of Layer 2 detection in Cisco IPS networks? (Choose two.)   A. identifying Layer 2 ARP attacks B. detecting spoofed MAC addresses and tracking 802.1X Read more [...]
Ensurepass  QUESTION 41 When configuring a new context on a Cisco ASA device, which command creates a domain for the context?   A. domain config name B. domain-name C. changeto/domain name change D. domain context 2   Correct Answer: B     QUESTION 42 Which two options are two purposes of the packet-tracer command? (Choose two.)   A. to filter and monitor ingress traffic to a switch B. to configure an interface-specific packet trace C. to inject Read more [...]
Ensurepass  QUESTION 31 What is a required attribute to configure NTP authentication on a Cisco ASA?   A. Key ID B. IPsec C. AAA D. IKEv2   Correct Answer: A     QUESTION 32 What are three attributes that can be applied to a user account with RBAC? (Choose three.)   A. domain B. password C. ACE tag D. user roles E. VDC group tag F. expiry date   Correct Answer: BDF     QUESTION 33 What is the lowest combination of ASA Read more [...]
Ensurepass  QUESTION 21 Which option describes the purpose of the input parameter when you use the packet-tracer command on a Cisco device?   A. to provide detailed packet-trace information B. to specify the source interface for the packet trace C. to display the trace capture in XML format D. to specify the protocol type for the packet trace   Correct Answer: B     QUESTION 22 You are the network security engineer for the Secure-X network. The company has recently Read more [...]
Ensurepass  QUESTION 11 What is the maximum jumbo frame size for IPS standalone appliances with 1G and 10G fixed or add-on interfaces?   A. 1024 bytes B. 1518 bytes C. 2156 bytes D. 9216 bytes   Correct Answer: D           QUESTION 12 Which function does DNSSEC provide in a DNS infrastructure?   A. It authenticates stored information. B. It authorizes stored information. C. It encrypts stored information. D. It logs stored security Read more [...]
Ensurepass QUESTION 1 Which two configurations are necessary to enable password-less SSH login to an IOS router? (Choose two.)   A. Enter a copy of the administrator's public key within the SSH key-chain B. Enter a copy of the administrator's private key within the SSH key-chain C. Generate a 512-bit RSA key to enable SSH on the router D. Generate an RSA key of at least 768 bits to enable SSH on the router E. Generate a 512-bit ECDSA key to enable SSH on the router F. Generate Read more [...]