New Updated Cisco CCNA Security 640-554 Real Exam Download 171-180

Ensurepass

QUESTION 171

Which two statements about IPv6 access lists are true? (Choose two).

 

A.      IPv6 access lists support numbered access lists.

B.      IPv6 access lists support wildcard masks.

C.      IPv6 access lists support standard access lists.

D.      IPv6 access lists support named access lists.

E.       IPv6 access lists support extended access lists.

 

Correct Answer: DE

 

 

QUESTION 172

Which command enables subnet 192.168.8.4/30 to communicate with subnet 192.168.8.32/27

on IP protocol 50?

 

A.      permit esp 192.168.8.4 255.255.255.252 192.168.8.32 255.255.255.224

B.      permit esp 192.168.8.4 0.0.0.31 192.168.8.32 0.0.0.31

C.      permit esp 192.168.8.4 255.255.255.252 224.168.8.32 255.255.255.192

D.      permit esp 192.168.8.4 0.0.0.3 192.168.8.32 0.0.0.31

 

Correct Answer: D

 

 

QUESTION 173

Which two types of access lists can be used for sequencing? (Choose two.)

 

A.      reflexive

B.      standard

C.      dynamic

D.      extended

 

Correct Answer: BD

 

 

QUESTION 174

Which command will block IP traffic to the destination 172.16.0.1/32?

 

A.      access-list 101 deny ip host 172.16.0.1 any

B.      access-list 101 deny ip any host 172.16.0.1

C.      access-list 101 deny ip any any

D.      access-list 11 deny host 172.16.0.1

 

Correct Answer: B

 

 

QUESTION 175

Which two countermeasures can mitigate STP root bridge attacks? (Choose two.)

 

A.      root guard

B.      BPDU filtering

C.      Layer 2 PDU rate limiter

D.      BPDU guard

 

Correct Answer: AD

 

 

QUESTION 176

Which two countermeasures can mitigate MAC spoofing attacks? (Choose two.)

 

A.      IP source guard

B.      port security

C.      root guard

D.      BPDU guard

Correct Answer: AB

 

 

QUESTION 177

Which statement correctly describes the function of a private VLAN?

 

A.      A private VLAN partitions the Layer 2 broadcast domain of a VLAN into subdomains.

B.      A private VLAN partitions the Layer 3 broadcast domain of a VLAN into subdomains.

C.      A private VLAN enables the creation of multiple VLANs using one broadcast domain.

D.      A private VLAN combines the Layer 2 broadcast domains of many VLANs into one major

broadcast domain.

 

Correct Answer: A

 

 

QUESTION 178

What are two primary attack methods of VLAN hopping? (Choose two.)

 

A.      VoIP hopping

B.      switch spoofing

C.      CAM-table overflow

D.      double tagging

 

Correct Answer: BD

 

 

QUESTION 179

Which type of attack can be prevented by setting the native VLAN to an unused VLAN?

 

A.      VLAN-hopping attacks

B.      CAM-table overflow

C.      denial-of-service attacks

D.      MAC-address spoofing

 

Correct Answer: A

 

 

QUESTION 180

What is the purpose of a trunk port?

 

A.      A trunk port carries traffic for multiple VLANs.

B.      A trunk port connects multiple hubs together to increase bandwidth.

C.      A trunk port separates VLAN broadcast domains.

D.      A trunk port provides a physical link specifically for a VPN.

 

Correct Answer: A

 

Download Latest Complete collection of CCNA Security 640-554 Real Exam ,help you to pass exam 100%.

Ensurepass Cisco Certifications Exam Questions and Answers
Ensurepass CCNA Security Exams Questions and Answers

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.