+ Reply to Thread
Page 2 of 2 First 12
Results 26 to 39 of 39
  1. Johan Hiemstra Forum Admin Webmaster's Avatar
    Join Date
    Jun 2002
    Location
    52n31, 6e06
    Posts
    10,383
    Blog Entries
    3

    Certifications
    MCSE NT4 MCSA 2000/2003 Security+ (expired: CWNA, CNA, CCNA)
    #26
    Yep, the correct answers are b and c.


    Question 7 Answer and Explanation:

    Answer: b, c

    Explanation: A common method for malicious individuals to discover passwords is by brute force dictionary attack. This means the attacker will try a huge list of passwords one by one until he successfully logs on. In reality he will use a small application to do the work for him. By requiring a minimum length of 6 characters for all passwords, the possible number of different passwords it so large, it becomes unfeasible for the attacker to ‘guess’ the password. It is of course essential to choose passwords that are not on a list of real words or names.

    You can configure the minimum password length by using the following command:
    security password min-length x

    To enforce the effects of the minimum required password length, you should also set the maximum failed logon attempts. With only 3 attempts and a password of minimal 6 characters, the attacker will have more chances of winning a lottery than guessing a strong password.

    To set the maximum number of logon attempt, using the following command:
    security authentication failure rate 3

    Exam Objective: Secure administrative access to Cisco routers by setting strong encrypted passwords, exec timeout, login failure rate and using IOS login enhancements


    Next question coming up...
    Reply With Quote Quote  

  2. SS -->
  3. Johan Hiemstra Forum Admin Webmaster's Avatar
    Join Date
    Jun 2002
    Location
    52n31, 6e06
    Posts
    10,383
    Blog Entries
    3

    Certifications
    MCSE NT4 MCSA 2000/2003 Security+ (expired: CWNA, CNA, CCNA)
    #27
    8. You are the security administrator for a legal company with a Cisco network connecting the main office with several branch offices over the Internet and leased lines. You are in the fortunate position of buying the latest Cisco equipment to implement a network-wide security solution according to Cisco’s Self Defending Network strategy. You already implemented multiple firewalls, VPNs, host and network IPS, the new Cisco Incident Control System and hardened the configuration on all Cisco and non-Cisco systems. You even implemented backup links for network connections, installed UPS systems and provided for proper ventilation and climate control in server rooms and wire closets.

    After feeling relatively ‘secure’ for a couple of weeks, you receive a message from the network admin informing you an entire segment with several servers at one of the branch offices is down. You, the network admin, and even users at the branch office cannot connect.

    Which of the following is most likely the cause for the network problems?

    a. A DDoS attack from the Internet
    b. A virus or worm outbreak
    c. The IPS is saturating the network
    d. Incomprehensive perimeter control

    Answer and explanation, and next question within 24 hours....
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Jun 2005
    Posts
    173

    Certifications
    CCNA,CCSP,CCIE Sec Written
    #28
    I think the answer is A
    Reply With Quote Quote  

  5. Johan Hiemstra Forum Admin Webmaster's Avatar
    Join Date
    Jun 2002
    Location
    52n31, 6e06
    Posts
    10,383
    Blog Entries
    3

    Certifications
    MCSE NT4 MCSA 2000/2003 Security+ (expired: CWNA, CNA, CCNA)
    #29
    Quote Originally Posted by pr3d4t0r
    I think the answer is A
    The answer is actually D. It's bit tricky but it was meant that way because it would be too easy otherwise. The point is to realize how easy physical security and internal indicents are overlooked while they are so common.

    Question 8 answer: d

    Explanation: Most security incidents are a result of an ‘internal’ breakdown in security. Additionally, while the need for security systems such as firewalls, VPNs, AV etc are becoming more common in virtually all networks, physical security still has a long way to go. It is quite common to implement expensive security appliances but leave server rooms and wire closets unprotected or unlocked. In the above scenario, someone may have unplugged the power cable of a switch or simply turned it off. It doesn’t even matter whether this happened on purpose or not. Comprehensive perimeter control could prevent such incidents by keeping malicious individual out, and could be used to log access to critical areas.

    Answer c. is nonsense. Answer a and b describe very common incidents, but with the firewalls, VPNs, IPS and the Cisco’s Incident Control System (allows rapid coordinated network-wide response to viruses and worms to prevent outbreaks) they would not likely bring down an entire network and in this case are more unlikely than a physical internal incident.

    Exam Objective: Describe and mitigate the common threats to the physical installation

    Next one in a bit...
    Reply With Quote Quote  

  6. Johan Hiemstra Forum Admin Webmaster's Avatar
    Join Date
    Jun 2002
    Location
    52n31, 6e06
    Posts
    10,383
    Blog Entries
    3

    Certifications
    MCSE NT4 MCSA 2000/2003 Security+ (expired: CWNA, CNA, CCNA)
    #30
    [Edited question nr for above question and answer]

    Ok, here's the next one (as always, read carefully):

    9. You want to enable SSH for secured management access on all of the routers in your company. Which of the following steps are required when you use the CLI to configure SSH on the Cisco routers? (Choose 2)

    a. Use the crypto key generate rsa command to generate a key for SSH
    b. Configure SSH timeout and authentication retries
    c. Ensure each router is a configured with a host name and a domain
    d. Use the transport input ssh command on the vty lines.


    Answer and new question tomorrow. Good luck!
    Reply With Quote Quote  

  7. Johan Hiemstra Forum Admin Webmaster's Avatar
    Join Date
    Jun 2002
    Location
    52n31, 6e06
    Posts
    10,383
    Blog Entries
    3

    Certifications
    MCSE NT4 MCSA 2000/2003 Security+ (expired: CWNA, CNA, CCNA)
    #31
    Correct answers question 9: a, c.

    Explanation: Each router must be configured with a host name and domain for SSH to work. The host name must also be different than the default host name for the device (for example, not: Router).

    Just as using the crypto key generate rsa command to enable the SSH server on the routers, you can use the remove the key to disable SSH. This can be done by using the crypto key zeroize rsa command.

    The routers must also have an IOS edition and version installed that supports running an SSH server on the router, and a username and password must be available (configured in global config mode or trough AAA). Other optional steps include setting the version (if version 2 is available).

    Answer b and d, configuring SSH timeout and authentication retries is actually optional, and although it would be wise to allow SSH connections ‘only’ by using the transport input ssh command, it’s not actually a requirement for enabling SSH.

    References: Configuring Secure Shell on Routers and Switches Running Cisco IOS

    Secure Shell Version 1 Support

    Exam Objective: Use CLI to configure SSH on Cisco routers to enable secured management access

    New question later today...
    Reply With Quote Quote  

  8. Johan Hiemstra Forum Admin Webmaster's Avatar
    Join Date
    Jun 2002
    Location
    52n31, 6e06
    Posts
    10,383
    Blog Entries
    3

    Certifications
    MCSE NT4 MCSA 2000/2003 Security+ (expired: CWNA, CNA, CCNA)
    #32
    10. What are the three core capabilities of Cisco’s Self Defending Network architecture?

    a. Adaptability
    b. Collaboration
    c. Security
    d. Integration
    e. Visibility


    Answers and explanation tomorrow.
    Reply With Quote Quote  

  9. Johan Hiemstra Forum Admin Webmaster's Avatar
    Join Date
    Jun 2002
    Location
    52n31, 6e06
    Posts
    10,383
    Blog Entries
    3

    Certifications
    MCSE NT4 MCSA 2000/2003 Security+ (expired: CWNA, CNA, CCNA)
    #33
    Looks like I missed a day...

    Answers to question 10: a, b, d

    Explanation: Integration, Collaboration, and Adaptability are the three core capabilities of Cisco’s Self Defending Network architecture, which is an intelligent system-wide security solution that can self-defend networks.

    - Integration refers to integrating security throughout the entire existing infrastructure. The goal is to prevent using additional systems and ensure every element in the network is secured.
    - Collaboration refers to the cooperation of systems and security processes throughout the network.
    - Adaptability refers to the network and its systems automatically adapting to new threats. A good example of this is an IPS that, through the collaboration and integration mentioned above, can intelligently respond to odd behavior on multiple levels in the network and recognize attacks for which it doesn’t have a definition/signature.

    Reference: Cisco Self-Defending Network Introduction

    Exam Objective: Describe the Cisco Self Defending Network architecture


    New question soon...
    Reply With Quote Quote  

  10. Johan Hiemstra Forum Admin Webmaster's Avatar
    Join Date
    Jun 2002
    Location
    52n31, 6e06
    Posts
    10,383
    Blog Entries
    3

    Certifications
    MCSE NT4 MCSA 2000/2003 Security+ (expired: CWNA, CNA, CCNA)
    #34
    11. You are the security consultant for a small company with a Cisco internetwork. The company recently hired a Cisco expert to install a firewall, but you were informed the 5 routers in the internetwork haven’t been touched in at least a year. Some of these routers are attached to public carrier networks, and the IT manager told you they frequently become unavailable.

    Even though you are in the middle of designing a security program for the entire network and all systems, it seems not even the basic security measures are taken on these routers. You don’t mind working a couple of hours late so you offer to secure these routers the same evening. What SDM feature do you plan on using on the 5 routers?

    a. Cisco Self Defending Network Wizard
    b. Security Audit’s One-Step Lockdown
    c. Cisco Outbreak Control
    d. Cisco SecureNow
    e. Network LAN Wizard
    Reply With Quote Quote  

  11. Johan Hiemstra Forum Admin Webmaster's Avatar
    Join Date
    Jun 2002
    Location
    52n31, 6e06
    Posts
    10,383
    Blog Entries
    3

    Certifications
    MCSE NT4 MCSA 2000/2003 Security+ (expired: CWNA, CNA, CCNA)
    #35
    Answer: b

    Explanation: Security Auditor in SDM includes the One-Step Lockdown feature, which use AutoSecure to secure the router. The reference link below contains an overview of Security Audit and the One-Step Lockdown feature. As you can see it performs a lot of different actions, including changing many basic settings that require little planning. At first the list may seem a bit overwhelming, but almost everything applies to other exam objectives of the SND exam as well. In other words, it is one to bookmark.

    Cisco does not offer a Self Defending Network Wizard, nor a SecureNow product. Although Cisco Outbreak Control is a Cisco product and could very well fit in this enterprise, it is part of the Cisco Self-Defending Network strategy to prevent virus and worm outbreaks and not something you should set up without planning and it is not router-specific. Answer e, the Network LAN Wizard is an available feature in SDM but is merely a tool that allows convenient configuration of LAN interfaces.

    Reference: Security Audit

    Exam Objective: Use the One-Step Lockdown feature in SDM to secure a Cisco router
    Reply With Quote Quote  

  12. Junior Member
    Join Date
    Mar 2007
    Posts
    3
    #36

    Default more and more questionssss pls

    Hii....
    wheres everyone in the forum...? I am awaiting some more questions..

    Can anyone tell me about simulations ??
    planning to take the exam sooooooooon...





    Quote Originally Posted by Webmaster
    Answer: b

    Explanation: Security Auditor in SDM includes the One-Step Lockdown feature, which use AutoSecure to secure the router. The reference link below contains an overview of Security Audit and the One-Step Lockdown feature. As you can see it performs a lot of different actions, including changing many basic settings that require little planning. At first the list may seem a bit overwhelming, but almost everything applies to other exam objectives of the SND exam as well. In other words, it is one to bookmark.

    Cisco does not offer a Self Defending Network Wizard, nor a SecureNow product. Although Cisco Outbreak Control is a Cisco product and could very well fit in this enterprise, it is part of the Cisco Self-Defending Network strategy to prevent virus and worm outbreaks and not something you should set up without planning and it is not router-specific. Answer e, the Network LAN Wizard is an available feature in SDM but is merely a tool that allows convenient configuration of LAN interfaces.

    Reference: Security Audit

    Exam Objective: Use the One-Step Lockdown feature in SDM to secure a Cisco router
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Jun 2007
    Posts
    145

    Certifications
    CISA,CISM,CISSP-ISSAP, CRISC,ITIL Expert (v3), MCITP:some,MCSE:S, MCSA:M,CCNA,JNCIA, TOGAF 8&9, MSP,Security+
    #37
    I must agree - it does seem very quiet, yet some of the content and threads are absolute gems. Well worth browsing, but such a shame there aren't more contributors......
    Reply With Quote Quote  

  14. Johan Hiemstra Forum Admin Webmaster's Avatar
    Join Date
    Jun 2002
    Location
    52n31, 6e06
    Posts
    10,383
    Blog Entries
    3

    Certifications
    MCSE NT4 MCSA 2000/2003 Security+ (expired: CWNA, CNA, CCNA)
    #38
    It's always a bit slower during the summer months, which is is mostly noticable in less popular cert forums like the CCSP forum. Don't let that stop you from helping out each other though. Contributing yourself has a better effect than pointing out the low amount of active contributors in this forum.

    I didn't get a lot of response on these questions, and I'm kinda forced to focus on writing for the popular exams (currently CCNA and Vista exams). I'm working on some new security related TechNotes for the new CCNA exams, which should get me in the mood to write some more SND stuff too.
    Reply With Quote Quote  

  15. Junior Member
    Join Date
    Mar 2008
    Posts
    1
    #39

    Default SND 642-552

    Hi - I am planning to give the exam this friday - I have been studying on the SND guide v2 and I did all the actual test version 08.07.07 and the Cert test latest one...Do you think i will find any of those question during the exam?

    Thanks
    Reply With Quote Quote  

+ Reply to Thread
Page 2 of 2 First 12

Social Networking & Bookmarks