CCNA Security Practice Exam 2 IINS 640-554 CCNA Security Practice Exam 2 IINS 640-554 What can you use to troubleshoot a site-to-site VPN tunnel? a) debug crypto isakmp b) show crypto isakmp sa c) both d) neither Which of the following commands result in a secure bootset? a) secure boot-set b) secure boot-config c) secure boot-files d) All Which security term refers to a person, property, or data of value to a company? a) Risk b) Asset c) Threat prevention d) Mitigation technique In terms of IDS/IPS technology what can be described as “using a predefined definition of known good network behavior, provided by the vendor”? a) Statistical b) Nonstatistical c) Honeypot d) Active RFC 1918 IP addresses should be blocked by ACL at an Internet-facing router heading inbound to the local LAN. What part of the statement is false? a) Nothing is true b) nothing is false c) There are no Rfc IP addresses d) It should be 1398 instead of 1918 Which of the following might you find in a network that is based on a defense-in-depth security implementation? a) Firewall b) IPS c) Access lists d) All Who logged in? what they did, how long did they do it? these describe a) Authorization b) Logging c) Accounting d) Debugging Which one is not shown on the VPN Connection Information screen when you are using a Sdm tool to configure VPN tunnel a) Interface Selection b) Peer Identity c) Authentication d) Preshared Key Running auto secure from the command line,disables all except a) Finger b) PAD c) Small servers d) Service password-encryption Cisco Security Agent can be refered to as a) NIDS b) HIDS c) HIPS d) NIPS Loading … Question 1 of 10