Module 23 Exam Back to Main Page 1. The major difference between IPS and IDS is that IPS devices operate in line with the traffic (meaning they are placed in the middle of the traffic flow and all the packets pass through the inspection device), while IDS devices only retrieve a copy of the traffic so they can analyze it. TrueFalseQuestion 1 of 16 2. These programs were originally developed to remove malicious computer code, and today they can protect you from browser hijacking, worms, Trojans, adware, and spyware. AntivirusFirewallAntispywareIntrusion Detection SystemQuestion 2 of 16 3. On Cisco devices, spaces can be used in passwords but not as the first character. TrueFalseQuestion 3 of 16 4. Which command can you use to encrypt the enable password so only a hashed value shows? service password-encryptionservice password-sshservice password md5service password md7Question 4 of 16 5. Your IT manager calls you to ask if you can terminate a telnet session on a router which has become stuck. You see the output below. What do you type to clear the line? R1#clear line 2R1#clear line 0R1(config)#clear line 2R1(config)#clear line 0R1#clear telnetR1#clear telnet 2Question 5 of 16 6. Your IT manager asks you to check which users are telnetted into your router. Which command do you use? show usersshow telnetshow lineshow vtyQuestion 6 of 16 7. Which command would you add to have incoming connections checked against the router username and password? RouterA(config)#line vty 0 4 RouterA(config-line)#login local userRouterA(config-line)#login passwordRouterA(config-line)#login RouterA(config-line)#login localQuestion 7 of 16 8. Telnet is enabled by default since you don't need to set a password (or an optional username) to enable it. TrueFalseQuestion 8 of 16 9. Match the correct values.no cdp run turns cdp off for the interface onlyUnselectturns cdp off for the entire deviceUnselectno cdp enable turns cdp off for the interface onlyUnselectturns cdp off for the entire deviceUnselectQuestion 9 of 16 10. Types of banner message you can configure on your router include. (choose all that apply) motdloginexecwarningsecurityQuestion 10 of 16 11. _____ is a Cisco proprietary protocol that operates on TCP port 49. It is used to provide access control to network devices. TACACS+RADIUSAAAIPSecQuestion 11 of 16 12. _____ is an open standard protocol used to provide secure remote access to the network. It operates on UDP ports 1812 and 1813. RADIUSTACACS+VPNIPSecQuestion 12 of 16 13. Your IT manager asks you to lock down incoming telnet sessions so only ssh is permitted. What command do you add? Switch(config-line)#transport input sshSwitch(config)#transport input sshSwitch(config-line)#permit ip ssh any anySwitch(config-line)#permit sshQuestion 13 of 16 14. Your IT manager asks you to configure the switch trunk to permit only VLANs 20-30 inclusive. Which command do you use? Switch(config-if)#switchport trunk permit vlan 20-30Switch(config-if)#switchport trunk vlan allowed 20-30Switch(config-if)#switchport allowed vlan 20-30Switch(config-if)#switchport trunk allowed vlan 20-30Question 14 of 16 15. Your IT manager asks you to change the native VLAN on your trunk to an unused number for security. What do you type? Switch(config-if)#switchport trunk vlan 888 nativeSwitch(config-if)#switchport native vlan 888Switch(config-if)#switchport trunk native vlan 888Switch(config-if)#native vlan 888Question 15 of 16 16. For security, you must have different native VLAN numbers on either side of a trunk link. TrueFalseQuestion 16 of 16 Loading...