Answer: Presence of bystanders, uncertainty about the victim, the nature of the injury or illness, fear of disease transmission, fear of not knowing what to do or of doing something wrong, and being unsure of when to call 911
Answer: Direct traffic, meet the ambulance, help you give first aid, provide information about what happened, comfort the victim, and provide information about the victim's medical history
Answer: Get professional help on the scene as soon as possible (call 911)
Answer: To recognize that an emergency exists
Answer: Periods of excess energy
Answer: Light therapy
Answer: Serotonin
Answer: Drug of psychotherapy
Answer: Re-experiencing the trauma in dreams
Answer: constant and repetitive checking that the alarm is set
Answer: Generalized anxiety disorder
Answer: Social phobia
Answer: Pessimist
Answer: Projection
Answer: A complete absence of mixed messages about oneself from others
Answer: Remain isolated
Answer: Parents
Answer: trust and mistrust
Answer: Mindfulness
Answer: Focused on the way things should be instead of the way they are
Answer: Psychological health can be defined as either the absence of sickness or the presence of wellness
Step 11. Type config t.
Step 12. Type enable secret password to change the enable secret password.
Step 13. Issue the no shutdown command on every interface that you want to use.
Step 14. Type config-register configuration_register_setting.
R1(config)#config-register 0x2102
Step 15. Press Ctrl-Z or type end.
Step 16. Type copy run start to commit the changes.
Step 9: Type copy start run to copy the startup config into memory.
Step 10: Type show run.
In this configuration, the shutdown command appears under all interfaces.
You can now see the passwords (enable password, enable secret, vty, console passwords) either in encrypted or unencrypted format.
You can reuse unencrypted passwords.
You must change encrypted passwords to a new password.
Step 5: Type confreg 0x2142 at the
rommon 1> prompt.
This causes the router to bypass the startup configuration where the forgotten enable password is stored.
Step 6: Type reset at the rommon 2> prompt.
The router reboots, but ignores the saved configuration.
Step 7: Type no after each setup question, or press Ctrl-C to skip the initial setup procedure.
Step 8: Type enable at the Router> prompt.
This puts you into enable mode, and you should be able to see the Router# prompt
Step 1: Connect to the console port.
Step 2: If you have access to user EXEC mode.
Type show version at the prompt, and record the configuration register setting.
The configuration register is usually set to 0x2102.
If you can no longer access user EXEC, you can assume it is set to 0x2102.
Step 3: Use the power switch to turn off the router, and then turn the router back on.
Step 4: Press Break on the terminal keyboard within 60 seconds of power up to put the router into ROMmon.
(1) service timestamps (2) show processes (3) no debug all (4) terminal monitor
This feature provide information about when debug elements occurred and the duration of time between events
service timestamps
displays the CPU use for each process.
This data can influence decisions about using a debug command if it indicates that the production system is too heavily used for adding a debug command.
show processes
disables all debug commands
no debug all
displays debug output and system error messages for the current terminal and session.
When you Telnet to a device and issue a debug command, you will not see output unless this commands is entered.
terminal monitor
Answer: (1) debug gets CPU priority (2) debug can help resolve persistent issues, outweighing its effect on network performance (3) debug can generate too much output (4) Different debugs generate different output formats (5) plan to use the debug command
Answer: no debug all
(1) Show Command (1a) Static information (1b) Low Overhead (1c) Gather Facts (2) Debug (2a) Dynamic events (2b) High overhead (2c) Observe Processes
Step 1. Connect the PC of the system administrator to the console port on the affected router.
Step 2. Boot the router and issue the xmodem command at the ROMmon command prompt.
Step 3: For sending a file using HyperTerminal, select Transfer > Send File.
Step 4: Browse to the location of the IOS image you want to transfer and choose the Xmodem protocol.
Click Send. A dialog box appears displaying the status of the download. It takes several seconds before the host and the router begin transferring the information.
The download time could be dramatically improved if you change the connection speed of HyperTerminal and the router from 9600 b/s to 115000 b/s.
When the transfer is complete, the router automatically reloads with the new Cisco IOS.
allows a system administrator who has a copy of the Cisco IOS image on a PC can restore it to the router by making a console connection between the PC and the router and running Xmodem from HyperTerminal.
The file transfer is accomplished
Answer: tftpdnld
(1) Connect the PC to the console port on the affected router.
(2) Connect the TFTP server to the first Ethernet port on the router.
(3) Enable the TFTP server and configure it with a static IP address 192.168.1.1/24.
Step 1: Connect the devices
Step 2: Boot the router and set the ROMmon variables
Step 3: Enter the tftpdnld command at the prompt
The IOS is still running in RAM. As long as you don't reboot, you can copy what is running from ram back to flash
(1) Use the copy tftp: flash: command to download the new image from the network TFTP server.
(2) Erasing flash makes room for the new image. Erase flash, if there is not sufficient flash memory for more than one Cisco IOS image.
(3) Each exclamation point (!) means that one UDP segment has successfully transferred
Answer: Each exclamation point signifies that one UDP segment has successfully transferred
Step 1. Ping the TFTP server to make sure you have access to it.
Step 2. Verify that the TFTP server has sufficient disk space for the Cisco IOS image.
Step 3. Copy current system image from the router to TFTP server, using the copy flash: tftp: command in privileged EXEC mode.
(1) Shut down all interfaces not needed to perform the update (2) Back up the current operating system and the current configuration file to a TFTP server (3) Load the update for either the operating system or the configuration file (4) Test to confirm that the update works properly. If the tests are successful, you can then re-enable the interfaces you disabled. If the tests are not successful, back out the update, determine what went wrong, and start again.
(1) First part identities the platform on which the image runs (2) Send part specifies the feature set (3) indicates where the image runs and if the file is compressed. (4) version number (5) file extension.
Answer: show flash
(1) Determine the memory required for the update.
(2) Set up and test the file transfer capability between the admin host and the router.
(3) Schedule the required downtime
(1) Plan: Set goals, identify resources, profile network hardware and software, and create a schedule for migrating to new releases.
(2) Design: Choose new Cisco IOS releases and create a strategy for migrating to the new releases.
(3) Implement: Schedule and execute the migration.
(4) Operate: Monitor the migration progress and make backup copies of images that are running on your network.
Answer: Displays the number of static routes and which routing protocols are configured
(1) Displays the number of active VPN connections,
(2) The number of configured site-to-site VPN connections,
(3) The number of active VPN clients.
(1) If a firewall is in place, it displays
(2) The number of trusted (inside) interfaces, untrusted (outside) interfaces and DMZ interfaces.
(3) It also displays the name of the interface to which a firewall has been applied, and if the NAT rule has been applied to this interface.
(1)The number of connections that are up and down,
(2) The total number of LAN and WAN interfaces present in the router
(3) The number of LAN and WAN interfaces currently configured on the router.
(4) DHCP information
interface s0/0/0
ip ospf message-digest-key 1 md5 cisco
ip ospf authentication message-digest
exit
router ospf 10
area 0 authentication message-digest
key chain EIGRP_KEY
key 1
key-string cisco
exit
interface s0/0/0
ip authetncation mode eigrip 1 md5
ip authentication key-chain eigrp 1 EIGRP_KEY
Answer: passive-interface default
key chain RIP_KEY
key 1
key-string cisco
int s0/0/0
ip rip authentication mode md5
ip rip authentication key-chain RIP_KEY
Answer: (1) RIPv2 (2) OSPF (3) EIGRP (4) IS-IS (5) BGP
line vty 0 4
exec-timeout #mins
(1) Host Name (2) Hardware (2a) Hardware: shows the router model number, the available and total amounts of RAM and Flash memory available. (3) Software (3a) describes the Cisco IOS software and Cisco SDM versions running on the router. (4) Feature Availability bar (4a) found across the bottom of this tab, shows the features available in the Cisco IOS image that the router is using
(1) Tool Bar (1a) Below the menu bar, it has the SDM wizards and modes you can select (2) Router Information (2a) The current mode is displayed on the left side under the tool bar (3) Configuration overview (3a) Summarizes the configuration settings
(1) use HTTPS and put the IP address of the router into the browser.
(2) When the username and password dialog box appears, enter the username and password for the privileged (privilege level 15) account.
(3) After the launch page appears a signed Cisco SDM Java applet appears which must remain open while Cisco SDM is running.
ip http authentication local
username Student privillege 15 secret cisco
line vty 0 4
privilege level 15
login local
transport input telnet ssh
Answer: ip http secure-server
Answer: ip http server
Answer: (1) Access the router CISCO CLI interface using Telnet or the console connection (2) Enable the HTTP and HTTPS servers on the router (3) Create a user account defined with privilege level 15 (4) Configure SSH and Telnet for local login and privilege level 15
Answer: (1) ACL (2) VPN crypto map editor (3) CISCO IOS CLI preview
(1_ Guide users step-by-step through router and security configuration workflow by systematically configuring LAN and WAN interfaces, firewall, IPS and VPNs.
(2) intelligently detect incorrect configurations and propose fixes, such as allowing DHCP traffic through a firewall if the WAN interface is DHCP-addressed.
Answer: (1) computers (2) Routers
Answer: aves router memory, and allows you to use SDM to manage other routers on the network.
Answer: CISCO SDM
Answer: (1) Provides easy-to-use smart wizards (2) Automates router security management (3) Includes a comprehensive online help
Answer: CISCO Security Device Manager (SDM)
line aux 0
no password
login
exit
line vty 0 4
no transport input
transport input telnet ssh
exit
Answer: all types of remote connections are accepted
Answer: (1) Establish a dedicated management network (1a) This could be accomplished using a management VLAN or by using an additional physical network (2) Encrypt all traffic between the administrator computer and the router (2a) only permit the administration host IP address to initiate an SSH connection to the routers in the network.
Answer: (1) Telnet (2) Secure Shell (SSH) (3) HTTP (4) HTTP secure (HTTPS) (5) SNMP
Answer: Local Access through the console port
Answer: Remote administrative access using Telnet can be very insecure because Telnet forwards all network traffic in clear text.
Answer: (1) Secure the administrative lines (VTY, AUX) (2) Configure the network device to encrypt traffic in an SSH tunnel
Answer: security passwords min-length 10
Answer: (1) VPN (2) Trust & Identity (Tight levels of trust) (3) Authentication
Answer: enable secret 2-mAny-rOUtEs
Answer: service password-encryption
Answer: security passwords min-length
Answer: enable password (username username password password)
Answer: passphrase
Answer: Passphrases
Answer:
(1) Do not write passwords down & leave them in places such as your desk or on your monitor
(2) Avoid dictionary words, names, phone numbers and dates
(3)Combine letters, numbers and symbols. Include at least one lowercase letter, uppercase letter, digit and special character
(4) Deliberately misspell a password
(5) Make passwords lengthy (minimum of eight characters).
(6) Change passwords as often as possible
Answer: Strong password
Answer: (1) manager router security (2) Secure remote administrative access to routers (3) Logging router activity (4) Secure vulnerable router services and interfaces (5) Secure Routing protocols (6) Control and filter network traffic
Answer: (1) Physical security (2) Update the router IOS whenever advisable (3) Backup the router configuration and IOS (4) Harden the router to eliminate the potential abuse of unused ports and services
Answer: Securing routers at the network perimeter
Answer: (1) Trust exploitation attacks (2) IP spoofing (3) Session Hijacking (4) MITM attacks
Answer: routers (since they are gateways to other networks)
Answer: (1) Containment (2) Inoculation (3) Quarantine (4) Treatment
Answer: (1) SSH Client (1a) As a client, a router can SSH to another router (2) SSH Server (2a) As a server, a router can accept SSH client connections
Answer: port 22
Answer: SSH
Answer: (1) Set Router Parameters (1a) Configure the router hostname (2) Set the domain name (2a) Enter the ip domain-name cisco.com command (3) Generate Asymmetric Keys (3a) Create a key that the router uses to encrypt its SSH management traffic with the crypto key generate rsa command (4) Configure Local Authentication and VTY (5) Configure SSH timeouts and retries
Answer: (1) Set Router Parameters (2) Generate Asymmetric Keys (3) Configure SSH timeouts and username (4) Configure local authentication and vty
Answer: (0) Emergencies (1) alerts (2) Critical (3) errors (4) warnings (5) notification (6) informational (7) debugging
Answer: service timestamps
Answer: Logs
Answer: (1) Unused interfaces (1a) shutdown (2) Ad hoc routing (2a) no ip proxy-arp (3) No SMURF attacks (3a) no ip directed-broadcast
Answer: (1) CDP (1a) no cdp run (2) Source routing (2a) no ip source-route (3) Small services such as echo, discard, and chargen (3a) no service tcp-small-servers (4) finger (4a) no service finger (5) BOOTP (5a) no ip bootp server (6) HTTP (6a) no ip http server (7) Remote Configuration (7a) no service config (8) SNMP (8a) no snmp-server
