Information Technology Reference
In-Depth Information
18.
D
19.
i = B, ii = C, iii = A, iv = D
20.
D. The foundation of security solutions is a security policy.
21.
C. AH and ESP are part of IP security.
22.
C. Secure connectivity has requirements of confidentiality, integrity, and authenticity
when using the Internet as a transport.
23.
B. Threat defense integrates security into routers, switches, and appliances to ward off
attacks.
24.
C. Secure connectivity has requirements of encryption and authentication to provide
secure transport access public networks.
Chapter 13
“Do I Know This Already?” Quiz
1.
A, B, and C. SAFE Architecture does not provide self-healing of network devices.
2.
C. The Cisco ASAs provide high-performance firewall, IPS, antivirus, IPsec, and VPN
services.
3.
B. 802.1x is an IEEE media-level access control standard that permits and denies
admission to the network and applies traffic policy based on identity.
4.
A. Network Access Control (NAC) protects the network from security threats by
enforcing security compliance on all devices attempting to access the network.
5.
A and C. The Cisco FWSM and ASA security appliances all support firewall filtering
with ACLs.
6.
B. IronPort ESA is a firewall and threat-monitoring appliance for SMTP
(TCP port 25)-based traffic.
7.
A. Cisco Security Manager (CSM) is an integrated solution for configuration manage-
ment of firewall, VPN, router, switch module, and IPS devices.
8.
B and C. Cisco IOS IPS and ASA can be used to integrate security into the network.
9.
B. NetFlow provides information for detecting and mitigating threats.
10.
C. Cisco ACS is a security management platform for controlling administrative access
for Cis co dev ice s and s ec ur it y applic at ion s.
Q&A
1.
B. Integrated Services Router (ISR) combines IOS firewall, VPN, and IPS services.
2.
C. The 802.1X protocol is a standards-based protocol for authenticating network
clients by permitting or denying access to the network.
