Q1. What protocol is responsible for issuing certificates?
A. SCEP
B. DTLS
C. ESP
D. AH
E. GET
Answer: A
Q2. Which two options are open-source SDN controllers? (Choose two)
A. OpenContrail
B. OpenDaylight
C. Big Cloud Fabric
D. Virtual Application Networks SDN Controller
E. Application Policy Infrastructure Controller
Answer: A,B
Q3. How does a wireless association flood attack create a DoS?
A. It sends a high-power RF pulse that can damage the internals of the AP
B. It spoofs disassociation frames from the access point.
C. It uses a brute force attack to crack the encryption.
D. It exhausts the access client association table.
Answer: D
Q4. Which two statements about SOX are true? (Choose two.)
A. SOX is an IEFT compliance procedure for computer systems security.
B. SOX is a US law.
C. SOX is an IEEE compliance procedure for IT management to produce audit reports.
D. SOX is a private organization that provides best practices for financial institution computer systems.
E. Section 404 of SOX is related to IT compliance.
Answer: B,E
Q5. You have configured an authenticator switch in access mode on a network configured with NEAT what radius attribute must the ISE server return to change the switch’s port mode to trunk?
A. device-traffic-class=switch
B. device-traffic-class=trunk
C. framed-protocol=1
D. EAP-message-switch
E. Authenticate=Administrative
F. Acct-Authentic=radius
Answer: A
Q6. Which statement regarding the routing functions of the Cisco ASA is true running software version 9.2?
A. In a failover pair of ASAs, the standby firewall establishes a peer relationship with OSPF neighbors
B. The ASA supports policy-based routing with route maps
C. Routes to the Null0 interface cannot be configured to black-hole traffic
D. The translations table cannot override the routing table for new connections
Answer: C
Q7. According to RFC 4890, which three message must be dropped at the transit firewall/router?(Choose three.)
A. Router Renumbering(Type 138)
B. Node Information Query(Type 139)
C. Router Solicitation(Type 133)
D. Node information Response(Type
E. Router Advertisement(Type 134)
F. Neighbor Solicitaion(Type 135)
Answer: A,B,D
Q8. CCMP (CCM mode Protocol) is based on which algorithm?
A. 3DES
B. Blowfish
C. RC5
D. AES
E. IDEA
Answer: D
Q9. What are two protocols that HTTP can use to secure sessions? (Choose two)
A. HTTPS
B. AES
C. TLS
D. AH
E. SSL
Answer: A,E
Q10. Which option describes the purpose of the RADIUS VAP-ID attribute?
A. It specifies the ACL ID to be matched against the client
B. It specifies the WLAN ID of the wireless LAN to which the client belongs
C. It sets the minimum bandwidth for the connection
D. It sets the maximum bandwidth for the connection
E. It specifies the priority of the client
F. It identifies the VLAN interface to which the client will be associated
Answer: B