QUESTION 151 Exhibit: The Cisco Highway Network Administrator can view user traffic reaching the router. However, the administrator also wants to see the return traffic from the server as well. What other commands is necessary to be configured to enable viewing both the outgoing and return traffic, without overwhelming the router?

A. config t int ethernet1 no ip route-cache end

B. config t int ethernet0 no ip route-cache end debug ip packet detail any 10.1.1.0 0.0.0.255

C. config t int ethernet0 no ip route-cache access-list 1 permit 10.1.1.0 255.255.255.0 end debug ip packet detail 1

D. config t int ethernet1 no ip route-cache no access-list 1 access-list 101 permit ip 10.1.1.0 0.0.0.255 any access-list 101 permit ip any 10.1.1.0 0.0.0.255 end debug ip packet detail 101

E. config t int ethernet1 no ip route-cache access-list 101 permit ip 10.1.1.0 0.0.0.255 any access-list 101 permit ip any 10.1.1.0 0.0.0.255 end debug ip packet detail 101 Answer: D

QUESTION 152 How can a Denial of Service (DoS) attack to a Firewall device be carried out?

A. By flooding the device through sending excessive mail messages to it..

B. Sending excessive UDP packets to it.

C. By sending more packets to the device that it can process.

D. Sending ICMP pings with very large data lengths to it.

E. All of the above. Answer: E

QUESTION 153 Which of the following IPSec components can be used to ensure the integrity of the data in an IP packet?

A. ESP

B. IPSH

C. AH

D. TTL E. None of the above. Answer: C

QUESTION 154 How would you characterize the source and type in a denial of service attack on a router?

A. By performing a show ip interface to see the type and source of the attack based upon the access-list matches.

B. By performing a show interface to see the transmitted load (txload) and receive load (rxload); if the interface utilization is not maxed out, there is no attack underway.

C. By setting up an access-list to permit all ICMP, TCP, & UDP traffic with the log or log-input commands, then use the show access-list and show log commands to determine the type and source of attack.

D. By applying an access-list to all incoming & outgoing interfaces, turn off route-cache on all interfaces, then, when telnetted into the router perform a debug ip packet detail. Answer: C

QUESTION 155 Exhibit: Given the above IPSec scenario which of the following best describes the behavior of the network traffic?

A. All traffic between networks 1.1.1.X and the 3.3.3.X will be blocked, except for traffic between hosts 1.1.1.1 and 3.3.3.3.

B. Traffic between networks 1.1.1.X and 3.3.3.X will flow unencrypted, except for traffic between hosts 1.1.1.1 and 3.3.3.3. These are the tunnel end points and all traffic between these devices will be encrypted.

C. Most traffic between networks 1.1.1.X and 3.3.3.X will flow unencrypted. However, the traffic between hosts 1.1.1.1 and 3.3.3.3 will be encrypted on the segment between 2.2.2.1 and 2.2.2.2.

D. Traffic between 1.1.1.1 and 2.2.2.1 will be encrypted, as well as the traffic between 2.2.2.2 and 3.3.3.3. Answer: B

QUESTION 156 The Cisco Highway Network Administrator makes use of manual keys in her IPSec implementation. However, when data is sent across the tunnel, an error is generated that indicates malformed packets. What is the most probable reason for this error?

A. Unmatching cipher keys on both sides.

B. Incomplete Phase One negotiation.

C. Corrupted packets due to invalid key exchanges.

D. Mismatched ISAKMP pre-shared keys on both sides. Answer: D

QUESTION 157 What does "counting to infinity" mean in a Distance Vector protocol environment?

A. "counting to infinity" means calculating the time taken for a protocol to converge.

B. "counting to infinity" means checking that the number of route entries do not exceed a set upper limit.

C. "counting to infinity" can occur when Split Horizon is not enabled.

D. "counting to infinity" means setting an upper limit for hop count, to break down routing loops if this limit is reached.

E. "counting to infinity" means causing the router to enter an infinite loop and requires the router to be restarted. Answer: D

QUESTION 158 On which principle is the "Birthday Attack" based on?

A. Statistics prove that holidays are focused on "birthdays", and systems are not monitored as carefully during these days.

B. People using birthdays as passwords.

C. Two subtly different messages may produce the same hash.

D. Many systems seed random numbers from a DAY/TIME value.

E. Statistics show that more than one person must know a birth date for it to have importance. Answer: B

QUESTION 159 The Cisco Highway network is using Cisco Secure Intrusion Detection System and the network traffic pattern appears ordinary. However, numerous false positives for a particular alarm are received. What can you do to avoid the quantity of "noise" in the future?

A. Click the unmanage for the alarm in question in the HP Open View/NR GUI interface.

B. Click the acknowledge for the alarm in question in the HPOV/NR GUI interface.

C. You can use ventd to decrease the alarm level severity.

D. You could configure a decreases alarm level severity through nrconfigure. Answer: C

QUESTION 160 What would the Cisco Highway network administrator use in order to send vendor-specific information about callback from a RADIUS server to a Cisco router?

A. Check item 26, vendor code 9, lcp:callback-dialstring=3175551407

B. Check item 9, reply attribute 26, lcp:callback-dialstring=3175551407

C. Reply attribute 9, vendor code 26, lcp:callback-dialstring=3175551407

D. Check item 9, vendor code 26, lcp:callback-dialstring=3175551407

E. Reply attribute 26, vendor code 9, lcp:callback-dialstring=3175551407 Answer: D