Selecting BraindumpStudy can 100% help you pass the exam. According to Cisco 100-105 practice test subjects' changing, we will continue to update our training materials and will provide the latest exam content. BraindumpStudy can provide a free 24-hour online customer service for you. If you do not pass Cisco certification 100-105 practice test, we will full refund to you.
100-105 Free Demo Download: http://www.braindumpstudy.com/100-105_braindumps.html
Exam Name: CCIE Service Provider Written Exam (V4.1)
One year free update, No help, Full refund!
400-201 Exam Dumps Total Q&A: 410 Questions and Answers
Last Update: 10-05,2016
400-201 Questions and answers Detail: 400-201 Exam Dumps
Exam Name: Cisco Interconnecting Cisco Networking Devices Part 1 (ICND1 v3.0)
One year free update, No help, Full refund!
100-105 Practice Test Total Q&A: 240 Questions and Answers
Last Update: 10-05,2016
100-105 Exam Tests Detail: 100-105 Practice Test
NO.1 From which of the following attacks can Message Authentication Code
(MAC) shield your
network?
A. DoS
B. SYN floods
C. spoofing
D.
DDoS
Answer: C
100-105 Exam Dumps 100-105 exam dumps 100-105 Real
Questions
Explanation:
Message
Authentication Code (MAC) can shield your network from spoofing attacks.
Spoofing, also
known as masquerading, is a popular trick in which an attacker
intercepts a network packet, replaces
the source address of the packets
header with the address of the authorized host, and reinserts
fake
information which is sent to the receiver. This type of attack involves
modifying packet contents.
MAC can prevent this type of attack and ensure
data integrity by ensuring that no data has changed.
MAC also protects
against frequency analysis, sequence manipulation, and ciphertext-only
attacks.
MAC is a secure message digest that requires a secret key shared by
the sender and receiver, making
it impossible for sniffers to change both the
data and the MAC as the receiver can detect the
changes. A denial-of-service
(DoS) attack floods the target system with unwanted requests, causing
the
loss of service to users. One form of this attack generates a flood of packets
requesting a TCP
connection with the target, tying up all resources and
making the target unable to service other
requests. MAC does not prevent DoS
attacks. Stateful packet filtering is the most common defense
against a DoS
attack. A Distributed Denial of Service attack (DDoS) occurs when multiple
systems are
used to flood the network and tax the resources of the target
system. Various intrusion detection
systems, utilizing stateful packet
filtering, can protect against DDoS attacks. In a SYN flood attack,
the
attacker floods the target with spoofed IP packets and causes it to
either freeze or crash. A SYN flood
attack is a type of denial of service
attack that exploits the buffers of a device that accept incoming
connections
and therefore cannot be prevented by MAC. Common defenses against a SYN
flood
attack include filtering, reducing the SYN-RECEIVED timer, and
implementing SYN cache or SYN
cookies.
CCIE Service Provider
| Exam Number |
400-201 CCIE SP Available May 22, 2015 |
|---|---|
| Associated Certifications | CCIE Service Provider |
| Duration | 120 minutes (90 - 110 questions) |
| Available Languages | English |
| Register | Pearson VUE |
| Exam Policies | Read current policies and requirements |
| Exam Tutorial | Review type of exam questions |
The Cisco CCIE Service Provider Written Exam (400-201) version 4.0 is a two-hour test with 90-110 questions that validate professionals who have the expertise to design, implement, diagnose, and troubleshoot complex Service Provider highly available network infrastructure and services based on dual stack solutions (IPv4 and IPv6); understand how the network and service components interoperate; and understand the functional requirements and translate into specific device configurations.