Answers to the “Do I Know This Already?” Quizzes and Q&A Questions - CCDA 640-864

Information Technology Reference

In-Depth Information

3.

D. The Cisco NAC Appliance is an integrated solution led by Cisco that incorporates

the network infrastructure and third-party software to impose security policies on the

attached endpoints.

4.

A. Cisco Security MARS (CS-MARS) is an appliance-based solution for network

security administrators to monitor, identify, isolate, and respond to security threats.

5.

A, B, and C. Cisco IOS Trust and Identity is a set of services that include AAA, SSH,

SSL, 802.1X, and PKI.

6.

B. Cisco IOS IPsec offers data encryption at the IP packet level using a set of stan-

dards-based protocols.

7.

D. High-Performance Advanced Integration Module (AIM) is a hardware module for

terminating large numbers of VPN tunnels.

8.

C and D. Built-In Hardware VPN Acceleration is hardware-based encryption that

offloads VPN processing from the router's internal CPU to improve VPN throughput.

High-Performance Advanced Integration Module (AIM) is a hardware module for

terminating large numbers of VPN tunnels.

9.

D. Cisco NAC can restrict access to noncompliant devices but permit access to trusted

wired or wireless endpoints such as desktops, laptops, PDAs, and servers.

10. A and B. Cisco Catalyst 6500 switches support FWSM and IDSM2 service modules.

11. B. The Anomaly Guard Module provides attack responses by blocking malicious

traffic at Gbps line rates.

12. A, B, and C. Some identity and access control protocols include 802.1X, ACLs, and

NAC. NetFlow collects stats on packets flowing through the router.

13. A and C. Cisco Security MARS and ACS are two Cisco security management tools.

14. Tr ue. NetFlow is u s ed for threat detec t ion and mit ig at ion.

15. Tr ue. Cis co ASAs, PIX s ec ur it y appliance s, FWSM, and IOS firewall are par t of

infection containment.

16. D. The IOS Intrusion Prevention System (IPS) offers inline deep packet inspection to

successfully diminish a wide range of network attacks.

17. IPS. The Cisco 4200 IPS sensor appliances can identify, analyze, and block unwanted

traffic on the network.

18. B. Cisco Secure Access Control Server (ACS) provides centralized control for

administrative access to Cisco devices and security applications.

19. False. IPS 4255 delivers 650 Mbps of performance and can be used to protect

partially utilized gigabit-connected subnets.

20. i = D, ii = C, iii = B, iv = A

Search WWH ::

Custom Search

Home