Certification Exam Prep Questions For Cisco Certified Network Associate

QuickStart is now offering assessment questions for Cisco Certified Network Associate. Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take forCisco Certified Network Associate


Arrow
 

1

If the next hop specified is the IP address of a neighboring router, what is the (default) administrative distance of a static route?

A. 0
Incorrect.
B. 1
Correct!
C. 10
Correct!
D. Infinite
Incorrect.
2

An IPv4address is comprised of how many bits?

A. 32
Correct!
B. 16
Incorrect.
C. 64
Incorrect.
D. 128
Incorrect.
3

Which of the following are classless protocols?(Select 3 answers)

A. IGRP
Incorrect.
B. EIGRP
Correct!
C. OSPF
Correct!
D. RIPv2
Correct!
4

How many subnets and hosts per subnet are possible with 172.16.1.0 as the network address with 255.255.255.224 as the subnet mask?

5

IPv4 and IPv6 use how many bits for addressing?

A. 16, 64
Incorrect.
B. 16, 128
Incorrect.
C. 32, 64
Incorrect.
D. 32, 128
Correct!
6

Cisco Next Generation Intrusion Prevention System (NGIPS) devices include global correlation capabilities that utilize real-world data from Cisco Talos. To leverage global correlation in blocking traffic, what should be configured on the NGIPS?

A. Reputation filtering
Correct!
B. Policy-based IPS
Incorrect.
C. Signature-based IPS
Incorrect.
D. Anomaly-based IPS
Incorrect.
7

Which of the following tool or method can be used to validate the identity of other organizations based on their domain name when receiving and sending email?

A. PEM
Incorrect.
B. S/MIME
Incorrect.
C. DKIM
Correct!
D. MOSS
Incorrect.
8

Cisco offers a cloud-based service for IPS correlation. What is this service better known as?

A. SIO
Correct!
B. WSA
Incorrect.
C. ESA
Incorrect.
D. ISO
Incorrect.
9

Network Address Translation (NAT) offers translation of addresses from internal addresses (private) to external address (public) space. Which form of NAT offers multiple inside devices communication with the Internet, yet optimizes the number of global addresses required?

A. NAT-T
Incorrect.
B. PAT
Correct!
C. NAT-Multiple
Incorrect.
D. PAT-T
Incorrect.
10

Cisco WSA can be deployed in which two modes?(Select 2 answers)

A. Standalone
Incorrect.
B. Combined proxy
Incorrect.
C. Transparent proxy
Correct!
D. Explicit proxy
Correct!
11

In an organization dealing with financial transactions, as a result of a latest risk assessment exercise, the recommendation is to upgrade the perimeter security at the data center. The cost of upgrading security is inline with the security budget, and the organization’s stakeholders have decided go ahead with the recommendation. Which risk control best describes the decision taken by the stakeholders?

A. Transfer the risk
Incorrect.
B. Avoid the risk
Incorrect.
C. Mitigate the risk
Correct!
D. Accept the risk
Incorrect.
12

CIA triad defines the cornerstone for information security. Which of the following constitutes the CIA triad?

13

As a result of the latest risk assessment exercise, an organization that deals with financial transactions receives the recommendation to upgrade access security at the data center. The cost of upgrading security, however, outweighs the cost to benefit factor, and the organization’s stakeholders have decided not to go ahead with the recommendation. Which of the following options describes the decision taken by the stakeholders?

A. Transfer the risk
Incorrect.
B. Avoid the risk
Incorrect.
C. Mitigate the risk
Incorrect.
D. Accept the risk
Correct!
14

What is the process of removing superfluous programs and/or services installed on an operating system (OS) known as?

A. Patching
Incorrect.
B. Exploit scanning
Incorrect.
C. Vulnerability management
Incorrect.
D. Hardening
Correct!
15

What best describes the situation where there is a probability of adverse effects from an apparent threat?

A. Risk
Correct!
B. Threat vector
Incorrect.
C. Exposure
Incorrect.
D. Exploit
Incorrect.
16

Who is ultimately responsible for the security of data?

17

Which of the following Mandatory Access Control (MAC) labels is appropriate for ordinarily available data?

A. Confidential
Incorrect.
B. Public
Correct!
C. Sensitive
Incorrect.
D. Secret
Incorrect.
18

What does CER, FAR, and FRR in the following figure signify?

19

What type of security controls are used to thwart possible threats and attacks, even before they can be realized by the perpetrator?

A. Corrective
Incorrect.
B. Deterrent
Correct!
C. Response
Incorrect.
D. Recovery
Incorrect.
20

What type of access control allows the owner of a file to grant other users access to it using an access control list?

A. Role based
Incorrect.
B. Nondiscretionary
Incorrect.
C. Attribute based
Incorrect.
D. Discretionary
Correct!
21

Which of the following are commercially available Security Incident and Event Management (SIEM) systems?

22

What type of PKI trust model is portrayed by following figure?

A. Hierarchical
Incorrect.
B. Mesh
Correct!
C. Hybrid
Incorrect.
D. Circular
Incorrect.
23

An organization wants to set up the wireless network using Cisco gear. The IT director wants to leverage the existing database for authenticating internal users. Which authentication mechanisms can be used to set up secure authentication and allow leveraging Single Sign-On (SSO) for a wireless network?(Select 2 answers)

A. LDAP
Correct!
B. RADIUS
Correct!
C. WPA2-PSK
Incorrect.
D. WEP
Incorrect.
24

Security Assertion Markup Language (SAML) is most commonly used in cloud and web-based environments. In the context of SSO capability, which of the following statements is true?

25

Which of the following is based on a client/server protocol aimed to allow network access servers to authenticate remote and local users by sending access request messages to a central server?

A. RADIUS
Correct!
B. EAP
Incorrect.
C. Kerberos
Incorrect.
D. OAuth
Incorrect.
26

Which of the following statements correctly describes the functions of CRL and OCSP in the context of revocation of certificate(s)?

27

In an organization, a CA has been deployed with multiple subordinate CAs. What would be the best PKI trust model to be adopted by this organization?

A. Mesh
Incorrect.
B. Hierarchical
Correct!
C. Bridged
Incorrect.
D. Linked
Incorrect.
28

What PKI model does the following figure signify?

A. Meshed
Incorrect.
B. Bridged
Incorrect.
C. Hierarchical
Correct!
D. This is not a valid PKI trust model.
Incorrect.
29

In a PKI setup, which of the following operations are accurate?

30

Which of the following are most commonly used protocols or mechanisms to protect data in motion?

Cisco Certified Network Associate

QuickStart is now offering you assessment questions to better aid in certification. 100% of the questions are real questions from a recent version of the test you will take.
$99.00
QuickStart is now offering you assessment questions to better aid in certification. 100% of the questions are real questions from a recent version of the test you will take.

More Information:

  • Learning Style: On Demand
  • Learning Style: Practice Exam
  • Difficulty: Beginner
  • Course Duration: 1 Hour
  • Course Info: Download PDF
  • Certificate: See Sample

Need Training for 5 or More People?

Customized to your team's need:

  • Annual Subscriptions
  • Private Training
  • Flexible Pricing
  • Enterprise LMS
  • Dedicated Customer Success Manager

Course Information

QuickStart is now offering assessment questions for Cisco Certified Network Associate. Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take forCisco Certified Network Associate

Outline

Hit button to validate captcha