Do I Know This Already Quiz

The purpose of this assessment quiz is to help you determine how to spend your limited study time.

If you can answer most or all of these questions, you might want to skim the "Foundation Topics" section and return to it later, as necessary. Review the "Foundation Summary" section and answer the questions at the end of the chapter to ensure that you have a strong grasp of the material covered.

If you already intend to read the entire chapter, you do not necessarily need to answer these questions now. If you find these assessment questions difficult, read through the entire "Foundation Topics" section and review it until you feel comfortable with your ability to answer all of these questions and the "Q & A" questions at the end of the chapter.

Answers to these questions can be found in Appendix A, "Answers to Quiz Questions."

1. In a secured network architecture, which of the following components are to be considered security devices? (Choose all that apply.)

a.

Switches

b.

Routers

c.

Firewalls

d.

Intrusion detection systems

e.

VPN 3000 Concentrator

f.

All of these

2. Cisco Secure ACS supports what two security protocols? (Choose the best two answers.)

a. RADIUS

c. TACACS+

d. TFTP

e. ICMP

3. The Cisco IDSM-2 has which of the following interfaces?

a. Console port.

b. Console and auxiliary ports.

c. Only an auxiliary port.

d. IDSM-2 has no interfaces available.

4. In a secured network architecture, which of the following components is typically not considered a security appliance?

a. Router b. Switch c. Firewall d. Intrusion detection appliance e. VPN Concentrator f. Windows XP PC

g. All of these

5. A VPN 3000 Concentrator is typically located in what part of a security network?

a. The inside interface of a PIX Firewall b. The outside interface of a PIX Firewall c. The inside interface of the DMZ

d. The outside interface of the DMZ

e. None of these

6. All but which of the following is a Cisco VPN model currently supported by Cisco?

a. 3001

b. 3002

c. 3005

d. 3015

e. 3020

f. 3030

g. 3060

h. 3080

7. All but which of the following is part of the Cisco SAFE Blueprint for IDS tuning?

a. Identify potential locations for sensors.

b. Apply an initial configuration.

c. Monitor the sensor while tuning.

d. Analyze alarms, tune out false positives, and implement signature tuning (if needed).

e. Selectively implement response actions.

f. Update sensors with new signatures.

g. Remove the PIX Firewall.

8. What application layer protocol does a security manager use when using the Cisco Security Device Manager (SDM) application?

a.

ICMP

b.

SSC

c.

SSCP

d.

SSL

e.

CCH

f.

AES

g.

ESP

h.

3DES

9. What is the default username and password combination for a Catalyst 6500 ISDM-2 module (not the IDS 4.0)?

a. Cisco/cisco b. cisc/cisc c. ciscoids/attacks d. cisco/cisco e. attack/attack f. None of these

10. What is the default username and password combination for a VPN 3000 Concentrator?

a. Admin/admin b. admin/admin c. cisco/cisco d. 3000/3000

e. attack/attack f. None of these

Cisco Secure for Windows (NT) and Cisco Secure ACS 301

Was this article helpful?

0 0

Post a comment