Q1. tftp uses:
a. UDP 69
b. UDP 79
c. TCP 69
d. TCP 79
Ans. a
Q2. Whats the difference between a hash and encryption.
a. Hash is reversible
b. encryption has fixed length
c. Hash has fixed length
d. encryption is very strong and hence cannot be broken
Ans. c
Q3. Suppose you want to use the methods not supported by NAS. Which of them will
allow you to do so?
a. SLIP
b. EAP
c. PPP
d. OSPF
Ans. b
Q4. You want to know about new TCP-UDP sessions initiating from your intranet to
Internet. which type of access list will you use to catch these sessions?
a. Dynamic access lists
b. static access lists
c. Reflexive access lists
d. Reflective access lists
Ans. c
Q5. For disabling CDP on interface 0/0, you will choose the command __ in global
config mode
a. no cdp
b. no cdp enable
c. no cdp run
d. no cdp move
Ans. c
Q6. CBAC does not do:
a. Alerts
b. Audit trails
c. IDS
d. Traffic monitoring and filtering
e. None of these
Ans. e
Q7. Which is not the valid responses of the RADIUS server after providing
credentials?
a. DENY
b. ACCEPT
c. REJECT
D. CHANGE PASSWORD
Ans. a
Q8. CBAC makes filtering decisions in IOS firewall feature Set environment by
looking at the layer:
a. Network
b. Application
c. Transport
d. All of the above
Ans. d
Q9. Which of these are not set by default by ASA on a PIX firewall?
a. Allowed outbound connections
b. Denied inbound connections
c. All packets allowed
d. All ICMP denied
Ans. c
Q10. Which protocol provides seperate facilities for 3 A's. i.e A,A,A?
a. TCP
b. Kerberos
c. SSH
d. TACACS+
Ans. d
Q11. The number of the most common attack signatures supported by Cisco IDS?
a. 100
b. None
c. 90
d. 59
Ans. d
Q12. Which is the path vector routing protocol?
a. RIP
b. BGP
c. OSPF
d. All of these
Ans. b
Q13. The commonly used port for kerberos is:
a. 88
b. 72
c. 523
d. 873
Ans. 88
Q14. What is true about SYN flood attacks?
a. ACKs are sent to receiever nonstop, which makes the receiver to send SYNs,
and hence wait or ACKs
b. Request packets are sent to receiver with random port addresses and port
numbers, utilizing the network resources.
c. A SYN is sent with URG set, again and again.
d. All of the above
Ans. b
Q15. Which of the following is used to encrypt data between a router and TACACS+?
a. RSA
b. DES
c. Kerberose
d. MD5
Ans. d
Q16. How can you restrict SNMP access to a router(command)?
a. snmp-server community
b. snmp-server username
c. snmp-server restrict
d. snmp-server host
Ans. a
Q17. Which encryption algorithm is used for MS point-to-point protocol?
a. DES
b. MD5
c. RSA RC4
d. blowfish
Ans. c
Q18. Which of these does not go in RADIUS Access-Accept process?
a. IP address
b. Access challenge
c. Service type
d. User's encrypted password
Ans. d
Q19. Which of these can not connect 2 VLANs?
a. ISL
b. RSRB
c. Trucking
d. 802.1q
Ans. b
Q20. Which of these is required for backup authentication method?
a. AAA
b. RADIUS
c. Kerbebros
d. MD5
Ans. a
