Q1. In Cisco Wireless LAN Controller (WLC. which web policy enables failed Layer 2 authentication to fall back to WebAuth authentication with a user name and password?

A. On MAC Filter Failure

B. Pass through

C. Splash Page Web Redirect

D. Conditional Web Redirect

E. Authentication

View Answer

Q2. All of these Cisco security products provide event correlation capabilities excepts which one?

A. Cisco Security MARS

B. Cisco Guard/Detector

C. Cisco ASA adaptive security appliance

D. Cisco IPS

E. Cisco Security Agent.

View Answer

Q3. Which two of the following ICMP types and code should be allowed in a firewall to enable traceroute? (Choose two)

A. Destination Unreachable-protocol Unreachable

B. Destination Unreachable-port Unreachable

C. Time Exceeded-Time to Live exceeded in Transit

D. Redirect-Redirect Datagram for the Host

E. Time Exceeded-Fragment Reassembly Time Exceeded

F. Redirect-Redirect Datagram for the Type of service and Host

View Answer

Q4. Refer to the exhibit, what Is the effect of the given command sequence?

A. The router telnet to the on port 2002

B. The AP console port is shut down.

C. A session is opened between the router console and the AP.

D. The router telnet to the router on port 2002.

View Answer

Q5. According ISO27001 ISMS, which of the following are mandatory documents? (Choose 4)

A. ISMS Policy

B. Corrective Action Procedure

C. IS Procedures

D. Risk Assessment Reports

E. Complete Inventory of all information assets

View Answer

Q6. When configuration Cisco IOS firewall CBAC operation on Cisco routers, the “inspection rule” can be applied at which two location?(Choose two)

A. at the trusted and untrusted interfaces in the inbound direction.

B. at the trusted interface in the inbound direction.

C. at the trusted and untrusted interfaces in the outbound direction.

D. at the untrusted interface in the inbound direction.

E. at the trusted interface in the outbound direction.

F. at the trusted interface in the outbound direction.

View Answer

Q7. Which two statement about DTLS are true ? (choose two)

A. Unlike TLS,DTLS support VPN connection with ASA.

B. It is more secure that TLS.

C. When DPD is enabled DTLS connection can automatically fall back to TLS.

D. It overcomes the latency and bandwidth problem that can with SSL.

E. IT come reduce packet delays and improve application performance.

F. It support SSL VPNs without requiring an SSL tunnel.

View Answer

Q8. Refer to the exhibit 

What is the configuration design to prevent?

A. Man in the Middle Attacks

B. Dynamic payload inspection

C. Backdoor control channels for infected hosts

D. DNS Inspection

View Answer

Q9. What ASA feature can do use to restrict a user to a specific VPN group?

A. A webtypeACL

B. MPF

C. A VPN filter

D. Group-lock

View Answer

Q10. What are two features of cisco IOS that can help mitigate Blaster worm attack on RPC ports? (Choose two)

A. FPM

B. DCAR

C. NBAR

D. IP source Guard

E. URPF

F. Dynamic ARP inspection

View Answer