Archive for July, 2008

Trevor’s blog

Sunday, July 6th, 2008

Hi there. Thanks for looking me up. This blog is for anyone who wants to follow my trip to Australia. I will start writing it after 15th August. Do call back.

QUESTION 25 Which best practice can limit inbound TTL expiry attacks? A. Setting the TTL value to zero B. Setting the TTL value to more than longest path in the network C. Setting the TTL value equal to the longest path in the network. D. Setting the TTL value to less than the logest path in the network Correct Answer: C QUESTION 26 Which two statements about the MACsec security protocol are true?(two) A. When switch-to-switch link security is configured in manual mode, the SAP operation mode must be set to GCM B. MACsec is not supported in MDA mode. C. Stations broadcast an MKA heartbeat that contains the key server priority D. MKA hearbeats are sent at a default interval of 3 seconds E. The SAK is secured by 128 bit AES-GCM by default Correct Answer: CE QUESTION 27 Which three transports have been defined for SNMPv3?(three) A. DTLS B. SSH C. TLS D. SSL E. IPSec secured tunnel F. GET Correct Answer: ABC
220-801 dumps
QUESTION 28 In a Cisco ASA multiple-context mode of operation configuration, what three session types are resource-limited by default when their context is a member of the default class?(three) A. SSL VPN sessions B. Telnet sessions C. TCP session D. IPSec sessions E. ASDM sessions F. SSH sessions Correct Answer: BDF QUESTION 29 Which two statements SCEP are true?(two) A. CA servers must support GetCACaps response messages in order in implement extended functionality. B. The GetCRL exchange is signed and encrypted only in the response direction C. It is vulnerable to downgrade attacks on its cryptographic capabilities. D. The GetCACaps response message supports DES encryption and the SHA – 128 hashing algorithm E. The GetCRL exchange is signed and encrypted only in the response direction Correct Answer: AC QUESTION 30 Which two statemens about Cisco URL Filtering on Cisco IOS software are true?(two) A. It supports Websense and N2H2 filtering at the same time. B. It supports local URL lists and third – party URL filtering servers C. By default, it uses ports 80 and 22. D. It supports HTTP and HTTPS traffic. E. By default, it allows all URLs when the connection to the filtering server is down. F. It requires minimal CPU time Correct Answer: B