CCNA, CCNP, and CCENT Practice Exam Questions: Password Encryption, The IOS Firewall Set, And More!

Sep 4
06:54

2008

Chris Bryant

Chris Bryant

  • Share this article on Facebook
  • Share this article on Twitter
  • Share this article on Linkedin

Test your knowledge of Cisco password encryption, the IOS Firewall set, and other important Cisco exam topics with these complimentary questions!

mediaimage

Here are some free Cisco practice exam questions for you to sharpen your skills with!   Today’s topics include the IOS Firewall Set and password encryption – so with no further ado,CCNA, CCNP, and CCENT Practice Exam Questions:  Password Encryption, The IOS Firewall Set, And More! Articles let’s get started!

CCNA Certification And CCENT Certification:

Identify the true statements regarding Cisco routers.

A. The password encryption service is enabled by default.

B. The password encryption service is disabled by default.

C. The enable secret command uses a relatively strong encryption scheme.

D. The enable secret command uses a relatively weak encryption scheme that is easily compromised.

E. The VTY line password is set by default, and it is "cisco".

F. The VTY line password is not set by default.

CCNA Security Certification / CCNP ISCW Exam:

You're configuring the IOS Firewall Set on a router that's also running EIGRP. You're using SDM to configure the firewall. Which of the following statements is true?

A. You'll be prompted by SDM whether you want to permit EIGRP updates to come through the firewall.

B. You can go to the CLI and configure the firewall to allow EIGRP updates, but you can't use SDM to do so.

C. You cannot allow multicast routing updates to pass through a firewall; you'll need to use a protocol that uses broadcasts.

D. You cannot allow broadcast or multicast routing updates to pass through a firewall.

CCNA Wireless:

Which of the following does NOT describe WEP?

A. uses clear-text keys

B. uses a three-way handshake

C. uses dynamically generated keys

D. uses strong encryption scheme

CCNA Voice:

You're configuring a POTS dial peer. Which of the following command will you use on that peer?

A. destination-pattern

B. port

C. session-target

D. dial map

CCNP Certification / BSCI Exam:

You've just redistributed an EIGRP route into an OSPF process. What default OSPF routing code will be assigned to that route?

A. O E1

B. O E2

C. O N1

D. O N2

E. None of the above.

CCNP Certification / BCMSN Exam:

Identify the statements that accurately describe a SPAN source port.

A. Can be monitored in multiple, simultaneous SPAN sessions

B. Can be part of an Etherchannel

C. Cannot be configured as a destination port

D. Can be either a Fast Ethernet or Ethernet port

CCNP / ONT Exam:

Which of the following interface types is compressed by cRTP?

A. IP

B. RTP

C. UDP

D. TCP

Here are the answers!

CCNA and CCENT Answers: B, D, F. To use the password encryption service, you'll need to use the service password-encryption command, since that service is disabled by default.

The particular encryption used by that command is relatively weak; it'll stop people from casually peeking at the password, but several programs exist that can crack this particular encryption in a matter of seconds.

There is no default VTY line password.

CCNA Security / ISCW Exam Answer: A. You will be prompted to allow the routing updates.

CCNA Wireless Answers: B, C, D. WEP uses static keys, one-way authentication, and a weak encryption scheme. ("Other than that, Mrs. Lincoln, how did you enjoy the play?")

CCNA Voice Answer: A, B. POTS dial peers do not use the session-target command, and neither POTS not VOIP peers use the dial map command.

CCNP BSCI Answer: B.  The default OSPF route code is E2.

CCNP BCMSN Answers: A, B, C. D. All four statements are accurate.

CCNP ONT Answer: A, B, C. That's RTP Header Compression, which compresses the IP, RTP, and UDP headers.

Look for more Cisco certification practice exams and fully-illustrated tutorials on my website!