CCNA Security Practice Test Results

Question 1
55% answer correctly
Which statement is true when using zone-based firewalls on a Cisco router?
The firewalls can be configured simultaneously on the same interface as classic CBAC using the ip inspect CLI command.
Policies are applied to traffic moving between zones, not between interfaces.
Interface ACLs are applied before zone-based policy firewalls when they are applied outbound.
When configured with the "PASS" action, stateful inspection is applied to all traffic passing between the configured zones.
Question 2
25% answer correctly
Which statement describes a result of securing the Cisco IOS image using the Cisco IOS image resilience feature?
The running Cisco IOS image is encrypted and then automatically backed up to the NVRAM.
The running Cisco IOS image is encrypted and then automatically backed up to a TFTP server.
The Cisco IOS image file is not visible in the output from the show flash command.
The show version command does not show the Cisco IOS image file location.
When the router boots up, the Cisco IOS image is loaded from a secured FTP location.
Question 3
31% answer correctly
Which option is a desirable feature of using symmetric encryption algorithms?
They offer simple key management properties.
They are based on complex mathematical operations and can easily be accelerated by hardware.
They are often used for wire-speed encryption in data networks.
They are best used for one-time encryption needs.