Helping Hand Questions for GSNA

In order to fulfill the requirements, you should use the following set of commands: RouterA(config)#service password-encryption RouterA(config)#username cisco password PaS$w0Rd RouterA(config)#enable secret n56e&$te RouterA(config)#line vty 0 4 RouterA(config-line)#login local Answer: D is incorrect. This configuration does not apply password encryption correctly. The command service enable-password- encryption is incorrect. The correct command is service password-encryption. Answer: A is incorrect. This configuration applies the login command to the VTY lines. This would require the password to be set at the VTY Line 0 4 level. This effectively will not configure user-level access for the VTY lines. Answer: B is incorrect. The enable password command is obsolete and considered insecure. The proper command is enable secret followed by the password value.

In 1947, the American Institute of Certified Public Accountants (AICPA) adopted Generally Accepted Auditing Standards (GAAS) to establish standards for audits. The standards cover the following three categories: General Standards: They relate to professional and technical competence, independence, and professional due care. Field Work Standards: They relate to the planning of an audit, evaluation of internal control, and obtaining sufficient evidential matter upon which an opinion is based. Reporting Standards: They relate to the compliance of all auditing standards and adequacy of disclosure of opinion in the audit reports. If an opinion cannot be reached, the auditor is required to explicitly state their assertions. Answer: B is incorrect. There was no such category of standard established by GAAS.

EAP-TLS can use only a public key certificate as the authentication technique. It is supported by all manufacturers of wireless LAN hardware and software. The requirement for a client-side certificate, however unpopular it may be, is what gives EAP-TLS its authentication strength and illustrates the classic convenience vs. security trade-off. Answer: D is incorrect. EAP-TLS provides the highest level of security. Answer: A is incorrect. EAP-TLS uses a public key certificate for server authentication.

AirSnort is a Linux-based WLAN WEP cracking tool that recovers encryption keys. AirSnort operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys. Answer: C is incorrect. Kismet is an IEEE 802.11 wireless network sniffer and intrusion detection system.