Q1. Which two statements about global ACLs are true? (Choose two)

A. They support an implicit deny

B. They are applied globally instead of being replicated on each interface

C. They override individual interface access rules

D. They require an explicit deny

E. They can filer different packet types than extended ACLs

F. They require class-map configuration

View Answer

Q2. Which two options are disadvantages of MPLS layers 3 VPN services? (choose two)

A. They requires cooperation with the service provider to implement transport of non-IP traffic.

B. SLAs are not supported by the service provider.

C. It requires customers to implement QoS to manage congestion in the network.

D. Integration between Layers 2 and 3 peering services is not supported.

E. They may be limited by the technology offered by the service provider.

F. They can transport only IPv6 routing traffic.

View Answer

Q3. What are three protocol that support layer 7 class maps and policy maps for zone based firewalls? (choose three)

A. IMAP

B. RDP

C. MME

D. ICQ

E. POP3

F. IKE

View Answer

Q4. According to OWASP guidelines, what is the recommended method to prevent cross-site request forgery?

A. Allow only POST requests.

B. Mark all cookies as HTTP only.

C. Use per-session challenge tokens in links within your web application.

D. Always use the "secure" attribute for cookies.

E. Require strong passwords.

View Answer

Q5. Which two statements about the SHA-1 algorithm are true? (Choose two)

A. The SHA-1 algorithm is considered secure because it always produces a unique hash for the same message.

B. The SHA-1 algorithm takes input message of any length and produces 160-bit hash output.

C. The SHA-1 algorithm is considered secure because it is possible to find a message from its hash.

D. The purpose of the SHA-1 algorithm is to provide data confidentiality.

E. The purpose of the SHA-1 algorithm is to provide data authenticity.

View Answer

Q6. Which two u.s government entities are authorized to execute and enforce the penalties for violations of the

Sarbanes-oxley(SOX)act?(choose two)

A. Federal trade commission (FTC.

B. internal Revenue service (IRS)

C. Office of Civil Rights (OCR)

D. federal reserve board

E. Securities and exchange commission (SEC.

F. United states Citizenship and immigration services (USCIS)

View Answer

Q7. Which of the following two options can you configure to avoid iBGP full mesh?(Choose two)

A. BGP NHT

B. route reflector

C. local preference

D. confederations

E. Virtual peering

View Answer

Q8. DRAG DROP

Drag and drop each syslog facility code on the left onto its description on the right.

View Answer

Q9. Refer to the exhibit. 

Which effect of this configuration is true?

A. NUD retransmits 1000 Neighbor solicitation messages every 4 hours and 4 minutes.

B. NUD retransmits Neighbor Solicitation messages after 4, 16, 64 and 256 seconds.

C. NUD retransmits Neighbor Solicitation messages every 4 seconds.

D. NUD retransmits unsolicited Neighbor advertisements messages every 4 hours.

E. NUD retransmits f our Neighbor Solicitation messages every 1000 seconds.

F. NUD retransmits Neighbor Solicitation messages after 1, 4, 16, and 64 seconds.

View Answer

Q10. How can the tail drop algorithem support traffic when the queue is filled?

A. It drop older packet with a size of 64 byts or more until queue has more traffic

B. It drop older packet with a size of less than 64 byts until queue has more traffic

C. It drops all new packets until the queue has room for more traffic

D. It drops older TCP packets that are set to be redelivered due to error on the link until the queue has room for more traffic.

View Answer