Question 1mediummultiple choice
Read the full Network and Communications Security explanation →SSCP Network and Communications Security • Complete Question Bank
Complete SSCP Network and Communications Security question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit. interface GigabitEthernet0/1 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security violation restrict switchport port-security mac-address sticky
Refer to the exhibit. syslog: %SEC-6-IPACCESSLOGP: list ACL_IN denied tcp 10.0.1.15(54321) -> 192.0.2.50(80), 1 packet
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Owner sets permissions
System-enforced labels
Roles determine access
Attributes and policies
Drag a concept onto its matching description — or click a concept then click the description.
Network scanning and port discovery
Vulnerability scanning
Exploitation framework
Packet analysis
Router# show ip nat translations Pro Inside global Inside local Outside local Outside global tcp 203.0.113.10:80 192.168.1.10:80 198.51.100.20:80 198.51.100.20:80 tcp 203.0.113.10:443 192.168.1.10:443 198.51.100.20:443 198.51.100.20:443 tcp 203.0.113.11:80 192.168.1.11:80 198.51.100.30:80 198.51.100.30:80
Firewall ruleset: Rule 1: permit tcp any host 10.0.0.1 eq 80 Rule 2: permit tcp any host 10.0.0.2 eq 443 Rule 3: deny ip any any log
crypto isakmp policy 10 encr aes 256 authentication pre-share group 5 lifetime 3600 crypto ipsec transform-set AES256-SHA esp-aes 256 esp-sha-hmac crypto map CMAP 10 ipsec-isakmp set peer 198.51.100.1 set transform-set AES256-SHA match address 101
access-list 100 deny icmp any any echo-request access-list 100 permit ip any any ! interface GigabitEthernet0/0 ip access-group 100 in
{
"SecurityGroupIngress": [
{"IpProtocol": "tcp", "FromPort": 443, "ToPort": 443, "IpRanges": [{"CidrIp": "0.0.0.0/0"}]},
{"IpProtocol": "tcp", "FromPort": 3306, "ToPort": 3306, "IpRanges": [{"CidrIp": "10.0.0.0/8"}]}
]
}Jan 15 10:35:22 192.168.1.1 10.0.0.2 TCP_SYN 192.168.1.100:31456 -> 10.0.0.2:3389 Jan 15 10:35:22 192.168.1.1 10.0.0.2 TCP_SYN_ACK 10.0.0.2:3389 -> 192.168.1.100:31456 Jan 15 10:35:23 192.168.1.1 10.0.0.2 TCP_ACK 192.168.1.100:31456 -> 10.0.0.2:3389 Jan 15 10:35:24 192.168.1.1 10.0.0.2 TCP_FIN 192.168.1.100:31456 -> 10.0.0.2:3389
access-list 100 permit tcp any host 10.0.0.1 eq 22 access-list 100 deny ip any any log interface GigabitEthernet0/0 ip access-group 100 in
Proto Local Address Foreign Address State TCP 192.168.1.100:49152 203.0.113.10:80 ESTABLISHED TCP 192.168.1.100:49153 192.168.1.1:53 TIME_WAIT TCP 192.168.1.100:49154 74.125.224.72:443 ESTABLISHED
{
"FirewallPolicies": [
{
"Name": "AllowWeb",
"Source": "0.0.0.0/0",
"Destination": "10.0.0.0/24",
"Port": 443,
"Action": "allow"
},
{
"Name": "BlockSSH",
"Source": "0.0.0.0/0",
"Destination": "10.0.0.0/24",
"Port": 22,
"Action": "deny"
}
]
}Refer to the exhibit.
Router# show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.1.1.2 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.1.1.0/24 is directly connected, GigabitEthernet0/0
O 10.2.2.0/24 [110/20] via 10.1.1.2, 00:05:12, GigabitEthernet0/0
S 10.3.3.0/24 [1/0] via 10.1.1.2
C 192.168.1.0/24 is directly connected, GigabitEthernet0/1Refer to the exhibit. crypto isakmp policy 10 authentication pre-share encryption aes 256 hash sha group 14 lifetime 3600 crypto isakmp key cisco123 address 0.0.0.0 0.0.0.0