Which three ESP fields can be encrypted during transmission? (Choose three.)
Which three ESP fields can be encrypted during transmission? (Choose three.)A . Security Parameter IndexB . Sequence NumberC . MAC AddressD . PaddingE . Pad LengthF . Next HeaderView AnswerAnswer: D,E,F Explanation: The packet begins with two 4-byte fields (Security Parameters Index (SPI) and Sequence Number). Following these fields is...
A specific URL has been identified as containing malware.
A specific URL has been identified as containing malware. What action can you take to block users from accidentally visiting the URL and becoming infected with malware.A . Enable URL filtering on the perimeter router and add the URLs you want to block to the router's local URL list.B ....
What type of attack was the Stuxnet virus?
What type of attack was the Stuxnet virus?A . cyber warfareB . hacktivismC . botnetD . social engineeringView AnswerAnswer: A Explanation: Stuxnet is a computer worm that targets industrial control systems that are used to monitor and control large scale industrial facilities like power plants, dams, waste processing systems and...
In which two situations should you use out-of-band management? (Choose two.)
In which two situations should you use out-of-band management? (Choose two.)A . when a network device fails to forward packetsB . when you require ROMMON accessC . when management applications need concurrent access to the deviceD . when you require administrator access from multiple locationsE . when the control plane...
If a packet matches more than one class map in an individual feature type's policy map, how does the ASA handle the packet?
If a packet matches more than one class map in an individual feature type's policy map, how does the ASA handle the packet?A . The ASA will apply the actions from only the first matching class map it finds for the feature type.B . The ASA will apply the actions...
Which two next-generation encryption algorithms does Cisco recommend? (Choose two.)
Which two next-generation encryption algorithms does Cisco recommend? (Choose two.)A . AESB . 3DESC . DESD . MD5E . DH-1024F . SHA-384View AnswerAnswer: A,F Explanation: The Suite B next-generation encryption (NGE) includes algorithms for authenticated encryption, digital signatures, key establishment, and cryptographic hashing, as listed here: + Elliptic Curve Cryptography...
Which tool can an attacker use to attempt a DDoS attack?
Which tool can an attacker use to attempt a DDoS attack?A . botnetB . Trojan horseC . virusD . adwareView AnswerAnswer: A Explanation: Denial-of-service (DoS) attack and distributed denial-of-service (DDoS) attack. An example is using a botnet to attack a target system. Source: Cisco Official Certification Guide, Table 1-6 Additional...
If a packet matches more than one class map in an individual feature type's policy map, how does the ASA handle the packet?
If a packet matches more than one class map in an individual feature type's policy map, how does the ASA handle the packet?A . The ASA will apply the actions from only the first matching class map it finds for the feature type.B . The ASA will apply the actions...
Which statement about a PVLAN isolated port configured on a switch is true?
Which statement about a PVLAN isolated port configured on a switch is true?A . The isolated port can communicate only with the promiscuous port.B . The isolated port can communicate with other isolated ports and the promiscuous port.C . The isolated port can communicate only with community ports.D . The...
Which three statements about host-based IPS are true? (Choose three.)
Which three statements about host-based IPS are true? (Choose three.)A . It can view encrypted files.B . It can have more restrictive policies than network-based IPD . It can generate alerts based on behavior at the desktop level.E . It can be deployed at the perimeter.F . It uses signature-based...