Authentication for user data traffic is important, but so is authentication for IP voice traffic. The Cisco 830 802.1 feature provides an easier method for allowing IP voice traffic through the VPN, because it().
A . requires access lists to identify the voice traffic
B . can allow traffic from a device without 802.1X authentication, by MAC address
C . can allow traffic from Cisco IP phones by listening to their CDP advertisements
D . allows all packets marked with a ToS of 5 to bypass authentication
E . allows all IP voice packets to bypass authentication via stateful inspectio
-
In a network using Cisco autonomous access points running WDS, what port is used for authentication by the local authentication service on an access point?()
A . 1813
B . 1645
C . 1646
D . 1812
-
Which two statements about authentication settings for DCNM-LAN are true? ()
A . If none of the authentication servers that are configured for the current authentication mode responds to an authentication request, the DCNM-LAN server falls back to localauthentication.
B . DCNM-LAN only supports TACACS+.
C . Each DCNM-LAN server will have the same device credentials.
D . Administering DCNM-LAN authentication settings requires an authentication license.
E . DCNM-LAN server users are local to the DCNM-LAN server.
-
Which one of the following commands can be used to enable AAA authentication to determine if a user canaccess the privilege command level?()
A . aaa authentication enable method default
B . aaa authentication enable default
C . aaa authentication enable level
D . aaa authentication enable default local
-
Which statement about WSA user authentication is true?()
A . a single WSA can have multiple LDAP realms
B . WSA supports LDAP but not NTLM
C . WSA supports NTLM but not LDAP
D . a single WSA can have up to two authentication realms: one for LDAP and for NTLM
-
In AsyncOS 7.0 for web the choice of Authentication Surrogate is?()
A . A global setting
B . Defined separately for each Access Policy
C . Defined separately for each Identity
D . Defined separately for each malware engine
-
You want to dynamically assign users to an 802.1Q VLAN as a result of their authentication. Inorder to accomplish this. Which two IETF RADIUS attributes should you configure on the CiscoSecure ACS? ()
A . 064 Tunnel-Type
B . 066 Tunnel-Client-Endpoint
C . 067 Tunnel-Server-Endpoint
D . 081 Tunnel-Private-Group-ID
E . 082 Tunnel-Assignment-ID
F . 083 Tunnel-Preference
-
You want to dynamically assign users to an 802.1Q VLAN as a result of their authentication. In order toaccomplish this,which two IETF RADIUS attributes should you configure on the Cisco Secure ACS?()
A . 064 Tunnel-Type
B . 066 Tunnel-Client-Endpoint
C . 067 Tunnel-Server-Endpoint
D . 081 Tunnel-Private-Group-ID
E . 082 Tunnel-Assignment-ID
-
Which basic authentication type is optional for a J2EE 1.4 compliant web container?()
A . HTTP Basic Authentication
B . Form Based Authentication
C . HTTP Digest Authentication
D . HTTPS Client Authenticatio
-
EAP-FAST provides a secure tunnel during Phase One to protect the user’s authentication credentials. Which of these entities initializes the secure tunnel?()
A . generic token card
B . x.509 certificate
C . preshared key
D . Protected Access Credential
-
You want to dynamically assign users to an 802.1Q VLAN as a result of their authentication. Inorder to accomplish this, which two IETF RADIUS attributes should you configure on the Cisco Secure ACS?()
A . 083 Tunnel-Preference
B . 066 Tunnel-Client-Endpoint
C . 064 Tunnel-Type
D . 082 Tunnel-Assignment-ID
E . 081 Tunnel-Private-Group-ID
F . 067 Tunnel-Server-Endpoint
-
In a network using cisco autonomous access points running wds. What port is used for authentication by the local authentication service on an access point?()
A . 1813
B . 1645
C . 1646
D . 1812
-
Eap-fast provides a secure tunnel during phase one to protect the user’s authentication credentials. Which of these entities initializes the secure tunnel?()
A . x.509 certificate
B . generic token card
C . pre shared key
D . protected access credential
-
An Enterprise decides to implement Authentication Proxy for per-user authentication for home offices. Each home office also supports an IP Phone. What should you do?()
A . Configure Access Control Lists to ensure Voice over IP traffic is checked by Auth Proxy.
B . Configure pNAT to ensure Voice over IP packets are properly translated.
C . Configure IOS firewall to permit RTP port numbers through the firewall via VPN.
D . Configure Access Control Lists to allow Voice over IP traffic to bypass Auth Proxy checking.
-
在S3026 交换机上配置用户优先级和验证,具体配置如下: [Quidway-ui-vty0]user privilege level 1 [Quidway-ui-vty0]authentication-mode none 则用户通过telnet 进入配置会话时将会()
A . 进行基本认证,输入正确口令后,方可进入用户视图
B . 无需认证,可以用system-view命令直接进入到系统视图
C . 进行基本认证,输入正确口令后,进入用户视图,然后可以用system-view命令进入系统视图
D . 无需认证,用户可以直接登录用户视图,但不能用system-view命令进入系统视图
-
Rate your level of proficiency with creating and managing users, computers, and groups in an ActiveDirectory environment, including troubleshooting computer accounts, user accounts, and user authentication issues. ()
A . I am considered an expert on this. I have successfully done this multiple times without assistance or error. I train or supervise others on this activity. Others come to me when they have questions or need assistance with this.
B . I have successfully done this without assistance and with few errors, but I do not train or supervise others on this activity.
C . I am proficient at this. I have successfully done this on my own, but I occasionally require assistance for some types of problems encountered when doing this and/or occasionally make minor errors.
D . I have successfully done this with the assistance of others or specific instructions.
E . I am a novice. I have not done this yet or I am learning.
-
You want to dynamically assign users to an 802.1Q VLAN as a result of their authentication. Inorder to accomplish this. Which two IETF RADIUS attributes should you configure on the Cisco SecureACS?()
A . 083 Tunnel-Preference
B . 066 Tunnel-Client-Endpoint
C . 064 Tunnel-Type
D . 082 Tunnel-Assignment-ID
E . 081 Tunnel-Private-Group-ID
F . 067 Tunnel-Server-Endpoint
-
What is not a difference between VPN tunnel authentication and per-user authentication?()
A . VPN tunnel authentication is part of the IKE specification.
B . VPN tunnel authentication does not control which end user can use the IPSec SA (VPN tunnel).
C . User authentication is used to control access for a specific user ID, and can be used with or without a VPN tunnel for network access authorization.
D . 802.1X with EAP-TLS (X.509 certificates) can be used to authenticate an IPSec tunnel.
-
You need to design an authentication strategy for users of portable computers. Your solution must meet business requirements. What should you do?()
A . Issue smart cards and smart card readers to all portable computer users. Configure the domain to require smart cards for login and to log off users who remote their smart cards
B . Configure the portable computers to connect to only wireless networks that use Wired Equivalent Privacy (WEP). Install digital certificates on all portable computers
C . Install computer certificates on all portable computers. Configure all portable computers to respond to requests for IPSec encryption
D . Install biometric authentication devices on all portable computers. Configure the Default Domain Policy GPO to require complex passwords for all user
-
Which three statements describe user authentication in Cisco DCNM-LAN? ()
A . Cisco DCNM-LAN server users are local to the Cisco DCNM-LAN server. Creating, changing, and removing Cisco DCNM-LAN server users has no effect on user accounts on managed devices.
B . A Cisco DCNM-LAN server user that has Administrator privileges can push out changes to managed devices even if the Cisco NX-OS role that is used on the discovered device has the network operator role.
C . Cisco DCNM-LAN user roles restrict the ability of users to make changes to Cisco DCNM-LAN server settings. Cisco NX-OS user roles enforce read/write privileges on the discovered devices.
D . Cisco DCNM-LAN allows you to configure unique credentials for each discovered device or use default credentials when you do not configure unique credentials for a device.
E . Cisco DCNM-LAN can use AAA servers to authenticate users. Only TACACS servers are supported.
-
Which protocol and port have been assigned by IANA for RADIUS authentication?()
A . UDP/1812
B . UDP/1813
C . TCP/1812
D . TCP/1813
-
Which the basic authentication type is optional for a J2EE 1.4 compliant web container?()
A . HTTP Basic Authentication
B . Form Based Authentication
C . HTTP Digest Authentication
D . HTTPS Client Authenticatio
-
You need to design a remote access authentication strategy that will allow users in the IT department to remotely connect to the network. Your solution must meet security requirements. What should you do?()
A . Install Internet Authentication Services (IAS) on a server in the den.corp.woodgrovebank.com domain. Configure the VPN servers as RADIUS clients
B . Install Internet Authentication Services (IAS) on a stand-alone server in the Denver extranet. Create local user accounts for the IT personnel on the IAS server. Configure the VPN servers as RADIUS clients
C . Create a remote access policy on each of the VPN servers. Configure the policy to use the den.corp.woodgrovebank.com to authenticate remote access users. Configure the policy to require L2TP to establish a connection
D . Create a remote access policy on each of the VPN servers. Create local user accounts for the IT personnel on the VPN servers. Configure the policy to use the VPN servers’ local accounts database to authenticate users. Configure the policy to require L2TP to establish a connectio
-
While troubleshooting a serial line problem, you enable ppp authentication debugging as shown below:Based on the command output above, what type of ‘handshake‘ was used for PPP authentication?()
<img src='https://img2.soutiyun.com/ask/uploadfile/2019-03-27/8cfeff82ca82832de8d38de7ecc19da4.jpg' />
<img src='https://img2.soutiyun.com/ask/uploadfile/2019-03-27/197d6a90c8ee401b7f6b0bd585a993d7.jpg' />
A. one-way
B. two-way
C. three-way
D. four-way
E. no handshakes required during authentication
F. None of the above
-
Which two authentication protocols can be configured for RIP on an ERX Edge Router? ()
<img src='https://img2.soutiyun.com/ask/uploadfile/2019-02-04/9cb7f203763345bf6fd3540a277f14f4.jpg' />
A.A
B.B
C.C
D.D
