EnsurepassQUESTION 441 Which three statements about Dynamic ARP Inspection on Cisco Switches are true? (Choose three.)   A. Dynamic ARP inspection checks ARP packets on both trusted and untrusted ports. B. Dynamic ARP inspection is only supported on access ports. C. Dynamic ARP inspection checks ARP packets against the trusted database. D. The trusted database can be manually configured using the CLI. E. Dynamic ARP inspection does not perform ingress security checking. F. Read more [...]
EnsurepassQUESTION 431 Which option is an example of network reconnaissance attack?   A. botnets B. ping of death C. SYN flooding D. inverse mapping   Correct Answer: D     QUESTION 432 Which statement about Cisco IPS signatures is true?   A. All of the built-in signatures are enabled by default. B. Tuned signatures are built-in signatures whose parameters cannot be adjusted. C. Once the signature is removed from the sensing engine it cannot be restored. Read more [...]
EnsurepassQUESTION 421 Which statement about layer-2 VLAN is true?   A. VLAN cannot be routed. B. VLANs 1006 through 4094 are not propagated by VTP version 3. C. VLAN1 is a Cisco default VLAN that can be deleted. D. The extended-range VLANs cannot be configured in global configuration mode.   Correct Answer: A     QUESTION 422 Which two statements abou t the OSPF authentication configuration are true? (Choose two.)   A. OSPF authentication is required in Read more [...]
EnsurepassQUESTION 401 Which two statements about PCI DSS are true? (Choose two.)   A. PCI DSS is a US government standard that defines ISP security compliance. B. PCI DSS is a proprietary security standard that defines a framework for credit, debit, and ATM cardholder information. C. PCI DSS is a criminal act of cardholder information fraud. D. One of the PCI DSS objectives is to restrict physical access to credit, debit, and ATM cardholder information. E. PCI DSS is an IETF Read more [...]
EnsurepassQUESTION 411 DRAG DROP   Correct Answer:     QUESTION 412 DRAG DROP   Correct Answer:           QUESTION 413 DRAG DROP   Correct Answer:     QUESTION 414 DRAG DROP   Correct Answer:                   QUESTION 415 Which two options describe the main purpose of EIGRP authentication? (Choose two.)   A. To identify authorized peers. B. To allow faster convergence Read more [...]
EnsurepassQUESTION 391 Which two statements about SOX are true? (Choose two.)   A. SOX is an IEFT compliance procedure for computer systems security. B. SOX is a US law. C. SOX is an IEEE compliance procedure for IT management to produce audit reports. D. SOX is a private organization that provides best practices for financial institution computer systems. E. Section 404 of SOX is related to IT compliance.   Correct Answer: BE     QUESTION 392 Refer to the exhibit. Read more [...]
EnsurepassQUESTION 381 Refer to the exhibit. If SW4 is sending superior BPDUs, where should the root guard feature be configured to preserve SW3 as a root bridge?     A. SW4 Gi0/0 interface. B. Sw3 Gi0/0 interface. C. Sw2 Gi0/1 interface. D. SW2 Gi0/1 and SW3 Gi0/1   Correct Answer: C     QUESTION 382 Refer to the exhibit. What is the reason for the failure of the DMVPN session between R1 and R2?     A. tunnel mode mismatch B. IPsec phase-1 Read more [...]
EnsurepassQUESTION 371 Which two statements about ASA transparent mode are true? (Choose two.)   A. Transparent mose acts as a Layer-3 firewall. B. The inside and outside interface must be in a different subnet. C. IP traffic will not pass unless it is permitted by an access-list. D. ARP traffic is dropped unless it is permitted. E. A configured route applies only to the traffic that is originated by the ASA. F. In multiple context mode, all contexts need to be in transparent Read more [...]
EnsurepassQUESTION 361 When is the supplicant considered to be clientless?   A. when the authentication server does not have credentials to authenticate. B. when the authenticator is missing the dot1x guest VLAN under the port with which the supplicant is connected. C. when the supplicant fails EAP-MD5 challenge with the authentication server. D. when the supplicant fails to respond to EAPOL messages from the authenticator. E. when the authenticator is missing the reauthentication Read more [...]
EnsurepassQUESTION 351 Which pair of ICMP messages is used in an inverse mapping attack?   A. Echo-Echo Request B. Route Solicitation- Time Exceeded C. Echo-Time Exceeded D. Echo Reply-Host Unreachable E. Echo-Host Unreachable   Correct Answer: D     QUESTION 352 Which statement about a botnet attack is true?   A. The botnet attack is an attack on a firewall to disable it's filtering ability. B. The botnet attack is a network sweeping attack to find Read more [...]
EnsurepassQUESTION 341 Which statement about the AH is true?   A. AH authenticates only the data. B. AH authenticates only the IP header. C. AH authenticates only the TCP-UDP header. D. AH authenticates the entire packet and any mutable fields. E. AH authenticates the entire packet except for any mutable fields.   Correct Answer: E     QUESTION 342 Which three fields are part of the AH header? (Choose three.)   A. Source Address B. Destination Address Read more [...]