The Q & A questions are designed to help you assess your readiness for the topics covered on the CCIE Security written exam and those topics presented in this chapter. This format should help you assess your retention of the material. A strong understanding of the answers to these questions will help you on the CCIE Security written exam. You can also look over the questions at the beginning of the chapter again for review. As an additional study aid, use the CD-ROM provided with this book to take simulated exams, which draw from a database of over 300 multiple-choice questions—all different from those presented in the book. Select the best answer. Answers to these questions can be found in Appendix A, "Answers to Quiz Questions."
1 According to RFC 1700, what is the well-known TCP/UDP port used by DNS?
2 What does the IOS command no ip domain-lookup accomplish?
3 What is the correct IOS syntax to specify local host mapping on a Cisco router?
4 TFTP uses what well-known, defined TCP/UDP port?
5 What is the correct IOS command to copy a file from a TFTP server to the system flash?
6 Define the two modes of FTP.
7 FTP uses what TCP port numbers?
8 What well-known port do Secure Socket Layer (SSL) and Secure Shell (SSH) use?
9 Define SNMP and give an example.
10 What well-known UDP ports are used by SNMP?
11 What IOS command enables SNMP on a Cisco IOS router?
12 Which TCP/UDP port numbers are defined for use by Network Time Protocol or NTP?
13 When defining a stratum value on a Cisco router, what is the range and what value is closest to an atomic clock?
14 Secure Shell (SSH) allows what to be accomplished when in use?
15 What is the difference between an SNMP inform request and an SNMP trap?
16 What does the SNMP MIB refer to?
17 What is the SNMP read-write community string for the following router configuration?
snmp-server community simon ro snmp-server community Simon rw
18 Before you can TFTP a file from a Cisco router to a UNIX- or Windows-based system, what is the first step you must take after enabling the TFTP server daemon on both platforms?
19 What IOS command can be implemented to restrict SNMP access to certain networks by applying access lists? Can you apply standard, extended, or both?
20 Does TFTP have a mechanism for username and password authentication?
21 Can you use your Internet browser to configure a Cisco router? If so, how?
22 A network administrator defines a Cisco router to allow HTTP requests but forgets to add the authentication commands. What is the default username and password pairing that allows HTTP requests on the default TCP port 80? Can you predefine another TCP port for HTTP access other than port 80?
Was this article helpful?