Module 23 Exam

1. The major difference between IPS and IDS is that IPS devices operate in line with the traffic (meaning they are placed in the middle of the traffic flow and all the packets pass through the inspection device), while IDS devices only
retrieve a copy of the traffic so they can analyze it.

2. These programs were originally developed to remove malicious computer code, and today they can protect you from browser hijacking, worms, Trojans, adware, and spyware.

3. On Cisco devices, spaces can be used in passwords but not as the first character.

4. Which command can you use to encrypt the enable password so only a hashed value shows?

5. Your IT manager calls you to ask if you can terminate a telnet session on a router which has become stuck. You see the output below. What do you type to clear the line?

6. Your IT manager asks you to check which users are telnetted into your router. Which command do you use?

7. Which command would you add to have incoming connections checked against the router username and password?

RouterA(config)#line vty 0 4

8. Telnet is enabled by default since you don't need to set a password (or an optional username) to enable it.

10. Types of banner message you can configure on your router include. (choose all that apply)

11. _____ is a Cisco proprietary protocol that operates on TCP port 49. It is used to provide access control to network devices.

12. _____ is an open standard protocol used to provide secure remote access to the network. It operates on UDP ports 1812 and 1813.

13. Your IT manager asks you to lock down incoming telnet sessions so only ssh is permitted. What command do you add?

14. Your IT manager asks you to configure the switch trunk to permit only VLANs 20-30 inclusive. Which command do you use?

15. Your IT manager asks you to change the native VLAN on your trunk to an unused number for security. What do you type?

16. For security, you must have different native VLAN numbers on either side of a trunk link.