Security Fundamentals

A router interface applies this ACL inbound: 10 deny tcp any any eq 80 20 permit ip any any A user reports that web browsing to a server by IP address fails, but ping works. Which statement best explains the behavior?

A switch has DHCP snooping enabled, but users still experience IP-to-MAC spoofing attacks. Which additional feature should be considered to help address that specific problem?

What does switchport port-security primarily protect against on an access port?

In AAA, what does the second A stand for?

Which ACL type can filter using source and destination IP addresses as well as TCP or UDP port numbers?

Which wireless security method is considered strongest among these choices for modern enterprise WLAN deployments?

Which feature helps prevent a rogue DHCP server from handing out addresses on a campus switch network?

A network engineer successfully logs in to a router, but cannot enter configuration mode because the command is rejected by policy. Which AAA function is controlling this behavior?

Which switch security feature uses DHCP snooping bindings to validate ARP packets and help stop ARP spoofing?

An ACL permits only tcp 10.10.10.0/24 host 192.0.2.10 eq 443 and has no other permit entries. What happens to an ICMP echo request from 10.10.10.5 to 192.0.2.10?

What problem does DHCP snooping help prevent?

Which port-security violation mode drops frames from unauthorized MAC addresses but keeps the interface up and does not send an SNMP trap or syslog message?

Why is SSH preferred over Telnet for remote device administration?

In AAA, which function determines what an authenticated user is allowed to do after login?

Why is Telnet generally discouraged for network device administration?

As a general rule, where should an extended ACL be placed?

A switchport is configured for 802.1X authentication. What is the usual role of the RADIUS server in that design?

A switch has DHCP snooping enabled and Dynamic ARP Inspection enabled on VLAN 30. A printer with a static IP on VLAN 30 cannot communicate because its ARP packets are being dropped. What is the best fix?

Which security concept gives a user only the permissions required to perform assigned tasks and nothing more?

What does the confidentiality objective of the CIA triad focus on?

Dynamic ARP Inspection is most effective at preventing which attack?

What is the main purpose of an allowlist-based firewall policy compared with a denylist-based one?

Why is multifactor authentication generally stronger than password-only access?

Which two features commonly strengthen access-switch security for user-facing ports? (Choose two.)

A switch port is configured with port security using these commands: switchport port-security switchport port-security maximum 2 switchport port-security violation restrict switchport port-security mac-address sticky A user unplugs a company laptop and connects a different unauthorized device. The interface stays up/up, but the new device has no connectivity. Which statement best explains what happened?

An engineer wants users to get fast link-up on access ports but also wants the switch to disable a port if another switch is connected and sends BPDUs. Which combination of features best meets that requirement?

Users in 10.10.10.0/24 must be prevented from reaching the web server at 172.16.1.10 over HTTP, but all other traffic should be allowed. Which ACL entry should appear first in the ACL?

A host at 192.168.50.10/24 needs to send traffic to 192.168.60.20. Which MAC address will it normally place in the Ethernet destination field for the first frame?

What does the second 'A' in AAA stand for?

Users on the inside network can browse the web, but return traffic is failing for some sessions. Based on the configuration, which change is required to make PAT work correctly?

An administrator wants to permit SSH management access but block Telnet access to a device. Which statement best reflects that design goal?

Match each security concept to its most accurate purpose.

Which security concept is most closely associated with ensuring data has not been altered in an unauthorized way?

Which two statements accurately describe ACL behavior on Cisco devices?

A company wants to reduce the chance that unused switch ports can be exploited. Which action best aligns with that goal?

Which statement best describes the purpose of accounting in AAA?

A switch should disable an edge port immediately if a BPDU is received on it. Which feature is intended for that specific behavior?

Which two actions are reasonable examples of basic device-hardening practice?

Match each security term to its most accurate meaning.

Which statement best explains why SSH is preferred over Telnet for remote administration?

Which term in the CIA triad refers to ensuring systems and data remain accessible when needed?

Match each AAA component or related term to its most accurate meaning.

Which two statements accurately describe basic WLAN security at the CCNA level?

Which statement best describes confidentiality in the CIA triad?

A device allows remote access, but the administrator wants stronger protection than plain usernames and passwords alone. Which statement best reflects that goal at a conceptual level?

Match each security concept to its most accurate role.

Which statement best describes the purpose of authorization in AAA?

An engineer wants remote administrative access to remain available but also wants session contents protected in transit. Which management choice best supports that goal?

Which statement best describes why disabling unused switch ports is considered a hardening measure?

Match each remote-management concept to its most accurate description.

Match each security term to the question it most directly answers.

What is the main security benefit of using the principle of least privilege?

Which statement best describes why a management network should prefer SSH over Telnet?

Match each security control idea to its most accurate purpose.

Which statement best describes integrity in the CIA triad?

Which statement best describes why least privilege is useful even for trusted users?

A switchport is configured with sticky MAC learning and a maximum secure MAC value of 2. What is the main benefit of sticky learning in this situation?

Match each access-control concept to its most accurate meaning.

Which statement best explains the purpose of confidentiality in the CIA triad?

Which statement best explains the security value of SSH for device management?

Match each security principle or control to its most accurate meaning.

Match each security-related term to its most accurate meaning.

Which statement best describes why least privilege is useful for administrative accounts?

Which statement best describes why SSH is safer than Telnet for remote administration?

A company wants unauthorized devices plugged into unused wall ports to have as little chance of gaining access as possible. Which action most directly supports that goal?

Match each basic security term to its most accurate meaning.

Match each access-control term to its most accurate meaning.

Why is administratively shutting down unused switch ports considered a useful hardening practice?

Which statement best describes the security value of least privilege?

Match each management or monitoring concept to its most accurate role.

Why is shutting down unused switch ports considered a useful hardening measure?

Which statement best describes availability in the CIA triad?

Match each term to the question it most directly answers.

Which statement best explains why SSH is safer than Telnet for remote management?

Why is administratively shutting down unused switch ports considered a useful hardening measure?

Users in 10.10.10.0/24 must be prevented from reaching the web server at 172.16.1.10 over HTTP, but all other traffic should be allowed. Which ACL entry best matches the requirement?

Match each ACL-related term to its most accurate description.

What is the main reason extended ACLs are often placed closer to the source of the traffic being filtered?

Match each security concept to its most accurate meaning.

An ACL is intended to block Telnet from 10.1.1.0/24 to router VTY access while still allowing SSH from the same subnet. Which statement best explains why an extended ACL is appropriate here?

Which statement best explains why an ACL that lacks a needed permit statement can block legitimate traffic even if no explicit deny for that traffic exists?

What is the main effect of the implicit deny at the end of an ACL?

A standard ACL and an extended ACL are both available for a design. Which requirement most strongly indicates that an extended ACL is needed?

A security policy requires that only one management subnet be able to initiate SSH to a router. Which approach most directly supports that requirement?

Why is disabling unused services on network devices considered a sound security practice?

An administrator wants to block all Telnet access to a router’s VTY lines and allow only SSH. Which change most directly supports that goal?

Match each management-plane security item to its most accurate purpose.

An administrator wants to allow HTTPS traffic from a source subnet to a server but deny all Telnet traffic from that same subnet to the same server. Which ACL capability is required to express that policy accurately?

A router allows SSH management from anywhere on the internal network. A new policy requires that only the management subnet 10.50.50.0/24 be allowed to initiate SSH to the device. Which approach best enforces that requirement?

Which statement best explains why using SSH alone is not always enough for strong management-plane security?

Which statement best explains why least privilege remains important even when administrators already use SSH and named accounts?

Which two statements accurately describe good management-plane security practice on network devices?

An administrator wants to prevent a specific subnet from using Telnet to reach network devices, while still allowing SSH from that same subnet. What is the strongest reason a standard ACL is not enough by itself?

A security team wants device administrators to log in with individual named accounts instead of sharing one generic admin account. Which security objective does that most directly improve?

Match each security control or idea to its most accurate purpose.

An administrator wants to prevent users from browsing to one specific web server while still allowing them to reach other web destinations. Which ACL design principle is most important here?

Which statement best explains why named user accounts plus logging provide better security operations than a shared admin account without activity records?

Which statement best describes why layered controls are preferred for administrative access instead of relying on only one mechanism?

Which statement best describes why authorization is different from authentication in AAA?

Which statement best describes why accounting in AAA is useful even when authentication and authorization are already configured?

Which statement best describes why administrative access should ideally come from a dedicated management subnet rather than from general user subnets?

Which two statements accurately describe why SSH is preferred over Telnet for device administration?

A switch is configured with DHCP snooping and Dynamic ARP Inspection. Hosts suddenly lose connectivity after changing IP settings manually. Which explanation is strongest?

An engineer is allowed to log in to a router but cannot enter configuration mode. Which AAA function most directly explains that outcome?

Which statement best explains why secure transport, identity verification, permission control, and logging are all useful together in device administration?

Which two statements accurately describe why logs and accounting records both matter in secure operations?

A device administrator can log in securely over SSH, but the organization still insists on restricting source IP ranges and keeping detailed logs. Which statement best explains that decision?

Based on the exhibit, what is the most likely reason PAT is not working correctly?

Which two statements accurately describe the purpose of least privilege in administration and operations?

Based on the exhibit, which ACL entry should be placed first to block HTTP from 10.10.10.0/24 to the web server while allowing all other traffic?

Which statement best describes why named accounts plus logging are stronger together than either control alone?

Based on the exhibit, why is the ACL not meeting the requirement to block only HTTPS traffic to the server?

Which two statements accurately describe the value of source restriction on administrative access?

Which statement best describes why source restriction does not replace the need for strong authentication?

Which two statements accurately describe why least privilege and source restriction work well together for administrative access?

A user can authenticate successfully to a network device but is denied access to certain commands. Which statement best explains the situation?

Based on the exhibit, why is the ACL blocking more traffic than intended?

Based on the exhibit, why does the ACL still allow HTTPS traffic from the branch subnet to the server?

Which two statements accurately describe the value of named administrative accounts?

Which two statements accurately describe why source restriction and logging are often used together for administrative access?

Based on the exhibit, why is this ACL failing to block only SSH traffic from the branch subnet to the router?