Which Cisco IOS VPN technology leverages Ipsec, mGRE, dynamic routing protocol, NHRP, and Cisco Express Forwarding?
A. FlexVPN
B. DMVPN
C. GETVPN
D. Cisco Easy VPN
Answer: B
Which traffic does the following configuration allow?
Ipv6 access-list cisco permit ipv6 host 2001:DB8:0:4::32 any eq ssh line vty 0 4 ipv6 access-class cisco in
A. all traffic to vty 0 4 from source 2001:DB8:0:4::32
B. only ssh traffic to vty 0 4 from source all
C. only ssh traffic to vty 0 4 from source 2001:DB8:0:4::32
D. all traffic to vty 0 4 from source all
Answer: C
Sunday 29 September 2019
Thursday 10 January 2019
Cisco 300-101 Question Answer
Which three characteristics are shared by subinterfaces and associated EVNs? (Choose three.)
A. IP address
B. routing table
C. forwarding table
D. access control lists
E. NetFlow configuration
Answer: ABC
A user is having issues accessing file shares on a network. The network engineer advises the user to open a web browser, input a prescribed IP address, and follow the instructions. After doing this, the user is able to access company shares. Which type of remote access did the engineer enable?
A. EZVPN
B. Ipsec VPN client access
C. VPDN client access
D. SSL VPN client access
Answer: D
A. IP address
B. routing table
C. forwarding table
D. access control lists
E. NetFlow configuration
Answer: ABC
A user is having issues accessing file shares on a network. The network engineer advises the user to open a web browser, input a prescribed IP address, and follow the instructions. After doing this, the user is able to access company shares. Which type of remote access did the engineer enable?
A. EZVPN
B. Ipsec VPN client access
C. VPDN client access
D. SSL VPN client access
Answer: D
Sunday 16 September 2018
Cisco 300-101 Question Answer
Which common issue causes intermittent DMVPN tunnel flaps?
A. a routing neighbor reachability issue
B. a suboptimal routing table
C. interface bandwidth congestion
D. that the GRE tunnel to hub router is not encrypted
Answer: A
Which encapsulation supports an interface that is configured for an EVN trunk?
A. 802.1Q
B. ISL
C. PPP
D. Frame Relay
E. MPLS
F. HDLC
Answer: A
A. a routing neighbor reachability issue
B. a suboptimal routing table
C. interface bandwidth congestion
D. that the GRE tunnel to hub router is not encrypted
Answer: A
Which encapsulation supports an interface that is configured for an EVN trunk?
A. 802.1Q
B. ISL
C. PPP
D. Frame Relay
E. MPLS
F. HDLC
Answer: A
Wednesday 21 February 2018
India To Spend More On AI-Based Tools To Secure Cyberspace: Cisco
The "Cisco 2018 Annual Cybersecurity Report" showed that more than half of the organizations surveyed in India depend on automation, ML and AI.
As the scope of cyber-violations continues to expand with the increase in the volume of encrypted web traffic and attacks on the supply chain, security professionals in India will spend more on tools that use Artificial Intelligence (AI) and Machine Learning. (ML) to combat malware attacks, said a Cisco report on Wednesday.
Applying these tools can help improve network security defenses and, over time, "learn" to automatically detect unusual patterns in encrypted web traffic, the cloud and Internet of Things (IoT) environments .
The "Cisco 2018 Annual Cybersecurity Report" showed that more than half of the organizations surveyed in India depend on automation, ML and AI.
"Attackers are exploiting defenseless gaps in security, many caused by the expansion of the Internet of Things (IoT) and the use of cloud services, and advocates often pay little attention to the security of these systems. Unpatched IoT devices and unmonitored attackers have opportunities to infiltrate networks, "IANS Vishak Raman, Director of Commercial Security at Cisco India & Saarc, told IANS.
"AI, ML and automation are increasingly desired and expected by CISOs (Chief Information Security Officers) and other security leaders, and they are investing in these technologies to mitigate attacks," Raman added.
According to the report, 30 percent of security professionals said they used products from 25-50 vendors in 2017.
Raman said that the use of products from multiple vendors can make security complex in case of supply chain attacks, making artificial intelligence-based tools that can quickly detect violations constitute a promising weapon to find vulnerabilities and frustrate future threats.
The report showed that while encryption is intended to improve security, the expanded volume of encrypted web traffic (50% as of October 2017), both legitimate and malicious, has created more challenges for defenders trying to identify and monitor possible threats. .
Cisco threat researchers observed a more than threefold increase in encrypted network communications used by inspected malware samples over a 12-month period worldwide.
"Adversaries are increasingly adept at escaping through cloud services and other technologies used for legitimate purposes, and threat actors use encryption tools and legitimate web services such as Google and GitHub to hide their malicious activity." said Raman. now reaching unprecedented levels of sophistication and impact.
While still in its infancy, LD and AI technologies will eventually mature and learn what "normal" activity is in the network environments they are monitoring, the report says.
"The evolution of last year's malware shows that adversaries are increasingly wise in exploiting defenseless breaches in security," said John N. Stewart, Senior Vice President and Director of Security and Trust at Cisco.
"As never before, advocates must make strategic security improvements, investments in technology and incorporate best practices to reduce exposure to emerging risks," Stewart added.
The Cisco report highlighted the findings and perceptions derived from threat intelligence and cybersecurity trends observed in the past 12 to 18 months from threat investigations and six technology partners: Anomali, Lumeta, Qualys, Radware, SAINT and TrapX.
Also included in the report are the results of the Security Capabilities Reference Study 2018 that surveyed 3,600 CISO and security operations managers (SecOps) from 26 countries, including India, on the state of cybersecurity in their organizations.
As the scope of cyber-violations continues to expand with the increase in the volume of encrypted web traffic and attacks on the supply chain, security professionals in India will spend more on tools that use Artificial Intelligence (AI) and Machine Learning. (ML) to combat malware attacks, said a Cisco report on Wednesday.
Applying these tools can help improve network security defenses and, over time, "learn" to automatically detect unusual patterns in encrypted web traffic, the cloud and Internet of Things (IoT) environments .
The "Cisco 2018 Annual Cybersecurity Report" showed that more than half of the organizations surveyed in India depend on automation, ML and AI.
"Attackers are exploiting defenseless gaps in security, many caused by the expansion of the Internet of Things (IoT) and the use of cloud services, and advocates often pay little attention to the security of these systems. Unpatched IoT devices and unmonitored attackers have opportunities to infiltrate networks, "IANS Vishak Raman, Director of Commercial Security at Cisco India & Saarc, told IANS.
"AI, ML and automation are increasingly desired and expected by CISOs (Chief Information Security Officers) and other security leaders, and they are investing in these technologies to mitigate attacks," Raman added.
According to the report, 30 percent of security professionals said they used products from 25-50 vendors in 2017.
Raman said that the use of products from multiple vendors can make security complex in case of supply chain attacks, making artificial intelligence-based tools that can quickly detect violations constitute a promising weapon to find vulnerabilities and frustrate future threats.
The report showed that while encryption is intended to improve security, the expanded volume of encrypted web traffic (50% as of October 2017), both legitimate and malicious, has created more challenges for defenders trying to identify and monitor possible threats. .
Cisco threat researchers observed a more than threefold increase in encrypted network communications used by inspected malware samples over a 12-month period worldwide.
"Adversaries are increasingly adept at escaping through cloud services and other technologies used for legitimate purposes, and threat actors use encryption tools and legitimate web services such as Google and GitHub to hide their malicious activity." said Raman. now reaching unprecedented levels of sophistication and impact.
While still in its infancy, LD and AI technologies will eventually mature and learn what "normal" activity is in the network environments they are monitoring, the report says.
"The evolution of last year's malware shows that adversaries are increasingly wise in exploiting defenseless breaches in security," said John N. Stewart, Senior Vice President and Director of Security and Trust at Cisco.
"As never before, advocates must make strategic security improvements, investments in technology and incorporate best practices to reduce exposure to emerging risks," Stewart added.
The Cisco report highlighted the findings and perceptions derived from threat intelligence and cybersecurity trends observed in the past 12 to 18 months from threat investigations and six technology partners: Anomali, Lumeta, Qualys, Radware, SAINT and TrapX.
Also included in the report are the results of the Security Capabilities Reference Study 2018 that surveyed 3,600 CISO and security operations managers (SecOps) from 26 countries, including India, on the state of cybersecurity in their organizations.
Wednesday 20 December 2017
Cisco 300-101 Question Answer
A network engineer executes the show crypto ipsec sa command. Which three pieces of
information are displayed in the output? (Choose three.)
A. inbound crypto map
B. remaining key lifetime
C. path MTU
D. tagged packets
E. untagged packets
F. invalid identity packets
Answer: ABC
Refer to the following output:
10.1.1.2/8 via 10.2.1.2, Tunnel1 created 00:00:12, expire 01:59:47
TypE. Dynamic, Flags: authoritative unique nat registered used
NBMA address: 10.12.1.2
What does the authoritative flag mean in regards to the NHRP information?
A. It was obtained directly from the next-hop server.
B. Data packets are process switches for this mapping entry.
C. NHRP mapping is for networks that are local to this router.
D. The mapping entry was created in response to an NHRP registration request.
E. The NHRP mapping entry cannot be overwritten.
Answer: A
information are displayed in the output? (Choose three.)
A. inbound crypto map
B. remaining key lifetime
C. path MTU
D. tagged packets
E. untagged packets
F. invalid identity packets
Answer: ABC
Refer to the following output:
10.1.1.2/8 via 10.2.1.2, Tunnel1 created 00:00:12, expire 01:59:47
TypE. Dynamic, Flags: authoritative unique nat registered used
NBMA address: 10.12.1.2
What does the authoritative flag mean in regards to the NHRP information?
A. It was obtained directly from the next-hop server.
B. Data packets are process switches for this mapping entry.
C. NHRP mapping is for networks that are local to this router.
D. The mapping entry was created in response to an NHRP registration request.
E. The NHRP mapping entry cannot be overwritten.
Answer: A
Monday 6 November 2017
Cisco 300-101 Question Answer
A company has just opened two remote branch offices that need to be connected to the corporate network. Which interface configuration output can be applied to the corporate router to allow communication to the remote sites?
A. interface Tunnel0
bandwidth 1536
ip address 209.165.200.230 255.255.255.224
tunnel source Serial0/0
tunnel mode gre multipoint
B. interface fa0/0
bandwidth 1536
ip address 209.165.200.230 255.255.255.224
tunnel mode gre multipoint
C. interface Tunnel0
bandwidth 1536
ip address 209.165.200.231 255.255.255.224
tunnel source 209.165.201.1
tunnel-mode dynamic
D. interface fa 0/0
bandwidth 1536
ip address 209.165.200.231 255.255.255.224
tunnel source 192.168.161.2
tunnel destination 209.165.201.1
tunnel-mode dynamic
Answer: A
A. interface Tunnel0
bandwidth 1536
ip address 209.165.200.230 255.255.255.224
tunnel source Serial0/0
tunnel mode gre multipoint
B. interface fa0/0
bandwidth 1536
ip address 209.165.200.230 255.255.255.224
tunnel mode gre multipoint
C. interface Tunnel0
bandwidth 1536
ip address 209.165.200.231 255.255.255.224
tunnel source 209.165.201.1
tunnel-mode dynamic
D. interface fa 0/0
bandwidth 1536
ip address 209.165.200.231 255.255.255.224
tunnel source 192.168.161.2
tunnel destination 209.165.201.1
tunnel-mode dynamic
Answer: A
Monday 11 September 2017
Cisco 300-101 Question Answer
After you review the output of the command show ipv6 interface brief, you see that several IPv6 addresses have the 16-bit hexadecimal value of "fFFE" inserted into the address. Based on this information, what do you conclude about these IPv6 addresses?
A. IEEE EUI-64 was implemented when assigning IPv6 addresses on the device.
B. The addresses were misconfigured and will not function as intended.
C. IPv6 addresses containing "FFFE" indicate that the address is reserved for multicast.
D. The IPv6 universal/local flag (bit 7) was flipped.
E. IPv6 unicast forwarding was enabled, but IPv6 Cisco Express Forwarding was disabled.
Answer: A
A packet capture log indicates that several router solicitation messages were sent from a local host on the Ipv6 segment. What is the expected acknowledgment and its usage?
A. Router acknowledgment messages will be forwarded upstream, where the DHCP server will
allocate addresses to the local host.
B. Routers on the Ipv6 segment will respond with an advertisement that provides an external path
from the local subnet, as well as certain data, such as prefix discovery.
C. Duplicate Address Detection will determine if any other local host is using the same Ipv6
address for communication with the Ipv6 routers on the segment.
D. All local host traffic will be redirected to the router with the lowest ICMPv6 signature, which is
statically defined by the network administrator.
Answer: B
A. IEEE EUI-64 was implemented when assigning IPv6 addresses on the device.
B. The addresses were misconfigured and will not function as intended.
C. IPv6 addresses containing "FFFE" indicate that the address is reserved for multicast.
D. The IPv6 universal/local flag (bit 7) was flipped.
E. IPv6 unicast forwarding was enabled, but IPv6 Cisco Express Forwarding was disabled.
Answer: A
A packet capture log indicates that several router solicitation messages were sent from a local host on the Ipv6 segment. What is the expected acknowledgment and its usage?
A. Router acknowledgment messages will be forwarded upstream, where the DHCP server will
allocate addresses to the local host.
B. Routers on the Ipv6 segment will respond with an advertisement that provides an external path
from the local subnet, as well as certain data, such as prefix discovery.
C. Duplicate Address Detection will determine if any other local host is using the same Ipv6
address for communication with the Ipv6 routers on the segment.
D. All local host traffic will be redirected to the router with the lowest ICMPv6 signature, which is
statically defined by the network administrator.
Answer: B
Subscribe to:
Posts (Atom)