Exam (elaborations)
CCIE - Security Exam with complete solution 2024_2025
- Course
- Institution
CCIE - Security Exam with complete solution 2024_2025
[Show more]
Content preview
CCIE - Security Exam with completesolution 2024/2025
What command must be enabled for aaa to work? - ANSWER-aaa new-model
What is the command to configure aaa for authentication of logins? - ANSWER-
aaa authentication login
when configuring the aaa authentication login what does the default keyword
mean? - ANSWER-This is applied to all interfaces
What does specifying a list-name in aaa authentication allow you to do? -
ANSWER-apply the aaa authentication rule to a specific interface
if you were applying radius, tacacs and then a local database login how would
you apply this on the router? - ANSWER-aaa authentication login default group
radius group tacacs local
how do you specify the tacacs or radius server to use? - ANSWER-with the
command tacacs server
What are the two ICMP commands that enable ping across an ACL? - ANSWER-
echo and echo reply
what kind of probe does traceroute use? - ANSWER-a UDP probe sent three times
to each hop, using port > 33434
How does MTU discovery work? - ANSWER-a packet is sent with the DF bit set,
and the packet size is dropped until the router gets a response from the
destination.
, What is the purpose of the established keyword in a ACL? - ANSWER-Checks the
state of the ACK bit to ensure this is an established connection
Does a routers own traffic get applied to a outbound ACL? - ANSWER-No - only
transit traffic
Is port 20 used in passive mode in FTP? - ANSWER-No
In FP active mode, what is the port number that the server connects to the client
on to transfer data? - ANSWER-Port 20
With traceroute, what is the destination IP of the probe packet? - ANSWER-the
final destination
What message is sent back to the source for each hop in the traceroute? -
ANSWER-Time-exceeded messages to say that the TTL has expired
What message is delivered back to the source from the final destination in the
traceroute? - ANSWER-port unreachable
In PMTU Discovery what is the ICMP message recieved for a hop that doesnt have
a high enough MTU ,i.e. fragmentation required but DF bit set" - ANSWER-Packet
Too Big
For time-ranges how can you specifiy dates and times for an ACL, using
absolute, or periodic ranges? - ANSWER-Absolute
What does uRPF do? - ANSWER-it mitigates spoofed or malformed packets by
discarding packets with an unverifiable source IP address
How does uRPF work? - ANSWER-It checks the packet to ensure that the source
address is in the routing table and matches the interface its being recieved on
Is uRPF an input or an output function? - ANSWER-Input - its configured on the
input interface at the upstream end of a connection
If no ACL is specified in uRPF what does the router do with the packet by default?
- ANSWER-Drops it with no log
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller tuition. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
79271 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now
