QUESTION: 9
A customer wants to be able to detect and mitigate Wi-‐Fi and non-‐Wi-‐Fi sources of interference in their wireless enterprise network. Which Cisco access point should you recommend to the customer?
A. Cisco Aironet 3500 Series Access Point
B. Cisco Aironet 1260 Series Access Point,controller-‐based
C. Cisco Wireless Control System
D. Cisco Aironet 1040 Series Access Point,standalone
E. Cisco VideoStream
Answer : A
Monday, 8 August 2016
Wednesday, 20 July 2016
300-101 Sample Question : 8
QUESTION: 8
Refer to the following command :
router(config)# ip http secure-port 4433
Which statement is true?
A. The router will listen on port 4433 for HTTPS traffic.
B. The router will listen on port 4433 for HTTP traffic.
C. The router will never accept any HTTP and HTTPS traffic.
D. The router will listen to HTTP and HTTP traffic on port 4433.
Answer : A
Refer to the following command :
router(config)# ip http secure-port 4433
Which statement is true?
A. The router will listen on port 4433 for HTTPS traffic.
B. The router will listen on port 4433 for HTTP traffic.
C. The router will never accept any HTTP and HTTPS traffic.
D. The router will listen to HTTP and HTTP traffic on port 4433.
Answer : A
Tuesday, 28 June 2016
300-101 Sample Question : 7
QUESTION: 7
Which method allows IPv4 and IPv6 to work together without requiring both to be used for a single connection during the migration process?
A. dual-stack method
B. 6to4 tunneling
C. GRE tunneling
D. NAT-PT
Answer : A
Which method allows IPv4 and IPv6 to work together without requiring both to be used for a single connection during the migration process?
A. dual-stack method
B. 6to4 tunneling
C. GRE tunneling
D. NAT-PT
Answer : A
Wednesday, 18 May 2016
Cisco patches security appliance bugs
Bug Day, Borg and Cisco this week issued patches interest to users of its Adaptive Security Appliances (ASA).
Recently announced two errors CVE-2016-1379, a vulnerability VPN memory block exhaustion; and CVE-2016-1385, a problem with the ASA XML parser.
The memory exhaustion vulnerability affects software versions 9.0 ASA later, and can be exploited remotely.
The program has a flaw in the way it handles ICMP errors in IPsec packets and packages designed to be sent via LAN to LAN VPN remote access tunnels can "use the available memory".
This results in a denial of service or because the system becomes unstable or stops the transfer of traffic.
The software is vulnerable if the user using IKEv1 or IKEv2 remote access to LAN-to-LAN VPN or VPN using Layer 2 Tunneling Protocol and IPSec; and if the system is to validate ICMP errors.
The vulnerability of the XML parser is less serious because it can only be exploited by an authenticated user.
A local administrator can lock the system by encouraging ASA to analyze a malicious XML file; while someone with an SSL VPN clientless access can send an XML file manually when connecting.
In both cases, because the XML parser has not cured sufficiently, the malicious file can force a reload of the system.
Recently announced two errors CVE-2016-1379, a vulnerability VPN memory block exhaustion; and CVE-2016-1385, a problem with the ASA XML parser.The memory exhaustion vulnerability affects software versions 9.0 ASA later, and can be exploited remotely.
The program has a flaw in the way it handles ICMP errors in IPsec packets and packages designed to be sent via LAN to LAN VPN remote access tunnels can "use the available memory".
This results in a denial of service or because the system becomes unstable or stops the transfer of traffic.
The software is vulnerable if the user using IKEv1 or IKEv2 remote access to LAN-to-LAN VPN or VPN using Layer 2 Tunneling Protocol and IPSec; and if the system is to validate ICMP errors.
The vulnerability of the XML parser is less serious because it can only be exploited by an authenticated user.
A local administrator can lock the system by encouraging ASA to analyze a malicious XML file; while someone with an SSL VPN clientless access can send an XML file manually when connecting.
In both cases, because the XML parser has not cured sufficiently, the malicious file can force a reload of the system.
Monday, 18 April 2016
300-101 Sample Question : 6
QUESTION 6:
For security purposes, an IPv6 traffic filter was configured under various interfaces on the local router. However, shortly after implementing the traffic filter, OSPFv3
neighbor adjacencies were lost. What caused this issue?
A. The traffic filter is blocking all ICMPv6 traffic.
B. The global anycast address must be added to the traffic filter to allow OSPFv3 to work properly.
C. The link-local addresses that were used by OSPFv3 were explicitly denied, which caused the neighbor relationships to fail.
D. IPv6 traffic filtering can be implemented only on SVIs.
Correct Answer: C
For security purposes, an IPv6 traffic filter was configured under various interfaces on the local router. However, shortly after implementing the traffic filter, OSPFv3
neighbor adjacencies were lost. What caused this issue?
A. The traffic filter is blocking all ICMPv6 traffic.
B. The global anycast address must be added to the traffic filter to allow OSPFv3 to work properly.
C. The link-local addresses that were used by OSPFv3 were explicitly denied, which caused the neighbor relationships to fail.
D. IPv6 traffic filtering can be implemented only on SVIs.
Correct Answer: C
Subscribe to:
Posts (Atom)