Certification Exam Prep Questions For Cisco Certified Network Associate

Name: Cisco Certified Network Associate
SKU: Cisco Certified Network Associate
Price: 99 USD
Availability: InStock

QuickStart is now offering assessment questions for Cisco Certified Network Associate. Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take forCisco Certified Network Associate

If the next hop specified is the IP address of a neighboring router, what is the (default) administrative distance of a static route?

A. 0: Incorrect.

B. 1: Correct!

C. 10: Correct!

D. Infinite: Incorrect.

An IPv4address is comprised of how many bits?

A. 32: Correct!

B. 16: Incorrect.

C. 64: Incorrect.

D. 128: Incorrect.

Which of the following are classless protocols?(Select 3 answers)

A. IGRP: Incorrect.

B. EIGRP: Correct!

C. OSPF: Correct!

D. RIPv2: Correct!

How many subnets and hosts per subnet are possible with 172.16.1.0 as the network address with 255.255.255.224 as the subnet mask?

A. 30 hosts per subnet and 8 subnets: Correct!

B. 30 hosts per subnet and 32 subnets: Incorrect.

C. 64 hosts per subnet and 8 subnets: Incorrect.

D. 8 hosts per subnet and 30 subnets: Incorrect.

IPv4 and IPv6 use how many bits for addressing?

A. 16, 64: Incorrect.

B. 16, 128: Incorrect.

C. 32, 64: Incorrect.

D. 32, 128: Correct!

Cisco Next Generation Intrusion Prevention System (NGIPS) devices include global correlation capabilities that utilize real-world data from Cisco Talos. To leverage global correlation in blocking traffic, what should be configured on the NGIPS?

A. Reputation filtering: Correct!

B. Policy-based IPS: Incorrect.

C. Signature-based IPS: Incorrect.

D. Anomaly-based IPS: Incorrect.

Which of the following tool or method can be used to validate the identity of other organizations based on their domain name when receiving and sending email?

A. PEM: Incorrect.

B. S/MIME: Incorrect.

C. DKIM: Correct!

D. MOSS: Incorrect.

Cisco offers a cloud-based service for IPS correlation. What is this service better known as?

A. SIO: Correct!

B. WSA: Incorrect.

C. ESA: Incorrect.

D. ISO: Incorrect.

Network Address Translation (NAT) offers translation of addresses from internal addresses (private) to external address (public) space. Which form of NAT offers multiple inside devices communication with the Internet, yet optimizes the number of global addresses required?

A. NAT-T: Incorrect.

B. PAT: Correct!

C. NAT-Multiple: Incorrect.

D. PAT-T: Incorrect.

Cisco WSA can be deployed in which two modes?(Select 2 answers)

A. Standalone: Incorrect.

B. Combined proxy: Incorrect.

C. Transparent proxy: Correct!

D. Explicit proxy: Correct!

In an organization dealing with financial transactions, as a result of a latest risk assessment exercise, the recommendation is to upgrade the perimeter security at the data center. The cost of upgrading security is inline with the security budget, and the organization’s stakeholders have decided go ahead with the recommendation. Which risk control best describes the decision taken by the stakeholders?

A. Transfer the risk: Incorrect.

B. Avoid the risk: Incorrect.

C. Mitigate the risk: Correct!

D. Accept the risk: Incorrect.

CIA triad defines the cornerstone for information security. Which of the following constitutes the CIA triad?

A. Coincidence, integrity, availability: Incorrect.

B. Confidentiality, integrity, avoidance: Incorrect.

C. Confidentiality, instinct, availability: Incorrect.

D. Confidentiality, integrity, availability: Correct!

As a result of the latest risk assessment exercise, an organization that deals with financial transactions receives the recommendation to upgrade access security at the data center. The cost of upgrading security, however, outweighs the cost to benefit factor, and the organization’s stakeholders have decided not to go ahead with the recommendation. Which of the following options describes the decision taken by the stakeholders?

A. Transfer the risk: Incorrect.

B. Avoid the risk: Incorrect.

C. Mitigate the risk: Incorrect.

D. Accept the risk: Correct!

What is the process of removing superfluous programs and/or services installed on an operating system (OS) known as?

A. Patching: Incorrect.

B. Exploit scanning: Incorrect.

C. Vulnerability management: Incorrect.

D. Hardening: Correct!

What best describes the situation where there is a probability of adverse effects from an apparent threat?

A. Risk: Correct!

B. Threat vector: Incorrect.

C. Exposure: Incorrect.

D. Exploit: Incorrect.

Who is ultimately responsible for the security of data?

A. The data custodian: Incorrect.

B. Executives and Senior Management: Correct!

C. Chief Information Security Officer (CISO): Incorrect.

D. InfoSec auditor: Incorrect.

Which of the following Mandatory Access Control (MAC) labels is appropriate for ordinarily available data?

A. Confidential: Incorrect.

B. Public: Correct!

C. Sensitive: Incorrect.

D. Secret: Incorrect.

What does CER, FAR, and FRR in the following figure signify?

A. CER is Crossover Emission Rate, FAR is False Arithmetic Rate, FRR is False Rule Rate: Incorrect.

B. CER is Crossover Error Ratio, FAR is False Acceptance Ratio, FRR is False Response Ratio: Incorrect.

C. CER is Crossover Error Rate, FAR is False Acceptance Rate, FRR is False Rejection Rate: Correct!

D. CER is Close Error Rate, FAR is Far Acceptance Rate, FRR is Far Rejection Rate: Incorrect.

What type of security controls are used to thwart possible threats and attacks, even before they can be realized by the perpetrator?

A. Corrective: Incorrect.

B. Deterrent: Correct!

C. Response: Incorrect.

D. Recovery: Incorrect.

What type of access control allows the owner of a file to grant other users access to it using an access control list?

A. Role based: Incorrect.

B. Nondiscretionary: Incorrect.

C. Attribute based: Incorrect.

D. Discretionary: Correct!

Which of the following are commercially available Security Incident and Event Management (SIEM) systems?

A. BlackStratus, EiQ Networks, Avast, Trojan, Hawk Network Defense: Incorrect.

B. Trustwave, IBM QRadar, Splunk, Hawk Network Defense, Stux: Incorrect.

C. NetApp, Cisco Prime, Log Rhythm, NetIQ, Google Chromium: Incorrect.

D. HP ArcSight, Log Rhythm, NetIQ, IBM QRadar, Splunk: Correct!

What type of PKI trust model is portrayed by following figure?

A. Hierarchical: Incorrect.

B. Mesh: Correct!

C. Hybrid: Incorrect.

D. Circular: Incorrect.

An organization wants to set up the wireless network using Cisco gear. The IT director wants to leverage the existing database for authenticating internal users. Which authentication mechanisms can be used to set up secure authentication and allow leveraging Single Sign-On (SSO) for a wireless network?(Select 2 answers)

A. LDAP: Correct!

B. RADIUS: Correct!

C. WPA2-PSK: Incorrect.

D. WEP: Incorrect.

Security Assertion Markup Language (SAML) is most commonly used in cloud and web-based environments. In the context of SSO capability, which of the following statements is true?

A. SAML with SSO is used to authorize a specific subject: Incorrect.

B. SAML with SSO is used for identity federation and distributed authentication: Correct!

C. SAML with SSO exchanges UDP protocol messages: Incorrect.

D. SAML with SSO defines how secure exchange takes place in SSL and TLS: Incorrect.

Which of the following is based on a client/server protocol aimed to allow network access servers to authenticate remote and local users by sending access request messages to a central server?