Q1. Which two statements about the SHA-1 algorithm are true? (Choose two)
A. The SHA-1 algorithm is considered secure because it always produces a unique hash for the same message.
B. The SHA-1 algorithm takes input message of any length and produces 160-bit hash output.
C. The SHA-1 algorithm is considered secure because it is possible to find a message from its hash.
D. The purpose of the SHA-1 algorithm is to provide data confidentiality.
E. The purpose of the SHA-1 algorithm is to provide data authenticity.
Answer: B,E
Q2. What is the name of the unique tool/feature in cisco security manager that is used to merge an access list based on the source/destination IP address service or combination of these to provide a manageable view of access policies?
A. merge rule tool
B. policy simplification tool
C. rule grouping tool
D. object group tool
E. combine rule tool
Answer: E
Q3. You want to enable users in your company’s branch offices to deploy their own access points using WAN link from the central office, but you are unable to a deploy a controller in the branch offices. What lightweight access point wireless mode should you choose?
A. TLS mode
B. H-REAP mode
C. Monitor mode
D. REAP mode
E. Local mode
Answer: B
Q4. Refer to the exhibit after you implement ingress filter 101 to deny all icmp traffic on your perimeter router user complained of poor web performance and the router and the router display increase CPU load. The debug ipicmp command returned the given output Which configuration you make to the router configuration to correct the problem?
A)
B)
C)
D)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: D
Q5. Which three statements about the IANA are true? (Choose three.)
A. IANA is a department that is operated by the IETF
B. IANA oversees global IP address allocation.
C. IANA managed the root zone in the DNS.
D. IANA is administered by the ICANN.
E. IANA defines URI schemes for use on the Internet.
Answer: B,C,D
Q6. Which Two statement about the PCoIP protocol are true? (Choose two)
A. It support both loss and lossless compression
B. It is a client-rendered, multicast-codec protocol.
C. It is available in both software and hardware.
D. It is a TCP-based protocol.
E. It uses a variety of codec to support different operating system.
Answer: A,C
Q7. Which two statements about Cisco ASA authentication using LDAP are true? (Choose two)
A. It uses attribute maps to map the AD memberOf attribute to the cisco ASA Group-Poilcy attribute
B. It uses AD attribute maps to assign users to group policies configured under the WebVPN context
C. The Cisco ASA can use more than one AD memberOf attribute to match a user to multiple group policies
D. It can assign a group policy to a user based on access credentials
E. It can combine AD attributes and LDP attributes to configure group policies on the Cisco ASA
F. It is a closed standard that manages directory-information services over distributed networks
Answer: A,B
Q8. Refer to the exhibit, what Is the effect of the given command sequence?
A. The router telnet to the on port 2002
B. The AP console port is shut down.
C. A session is opened between the router console and the AP.
D. The router telnet to the router on port 2002.
Answer: C
Q9. when a client tries to connect to a WLAN using the MAC filter (RADIUS server), if the client fails the authentication, what is the web policy used tofallback authentication to web authentication ?
A. Authentication
B. Passthrough
C. Conditional Web Redirect
D. Splash Page Web Redirect
E. On MAC Filter Failure
Answer: E
Q10. Refer to the exhibit. What is the effect of the given configuration?
A. It sets the duplicate address detection interval to 60 second and sets the IPv6 neighbor reachable time to 3600 milliseconds.
B. It sets the number of neighbor solicitation massages to 60 and sets the retransmission interval to
3600 milliseconds.
C. It sets the number of duplicate address detection attempts to 60 and sets the duplicate address detection interval to 3600 millisecond.
D. It sets the number of neighbor solicitation massage to 60 and set the duplicate address detection interval to 3600 second.
E. It sets the duplicate address detection interval to 60 second and set the IPv6 neighbor solicitation interval to 3600 millisecond.
Answer: E