Answer:
RADIUS
+ encrypts only the password when it sends an access request
+ combines authentication
and authorization
+ uses UDP
TACACS+
+ separates all three AAA operations
+ encrypts the entire body of
the access-request packet
+ uses TCP
Question 102
Which two wireless security standards use Counter Mode Cipher Block Chaining Message
Authentication Code Protocol for encryption and data integrity? (Choose two)
A. WPA2
B. WPA3
C. WEP
D. WPA
E. Wi-Fi 6
Answer:
A B
Explanation
WPA2 mandates
the use of a new protocol, counter mode with cipher-block chaining message
authentication protocol (CCMP).
CCMP uses the AES block cipher, replacing the RC4 cipher
used in wired equivalent privacy (WEP) and temporal key integrity protocol (TKIP).
CCMP is a security protocol. It follows carefully designed steps that
include the use of the AES
specified algorithm to encrypt sensitive data.
CCMP-128 (AES-128 in CCM mode) is used as the minimum encryption algorithm in WPA3-
Personal mode.
Question 103
What is a practice that protects a network from VLAN hopping attacks?
A. Implement port security on internet-facing VLANs.
B. Configure an ACL to prevent traffic from changing VLANs.
C. Assign all access ports to VLANs other than the native VLAN.
D. Enable dynamic ARP inspection.
Answer:
C
Explanation
VLAN Hopping
: By altering the VLAN ID on packets encapsulated for trunking,
an attacking
device can send or receive packets on various VLANs, bypassing Layer 3 security measures.
VLAN hopping can be accomplished by switch spoofing or double tagging.
One of a popular
type of VLAN Hopping is
Dostları ilə paylaş: 
