CCNP Secure IPS FAQ: Cisco IDS Network Module for Access Routers

CCNP Secure IPS FAQ: Cisco IDS Network Module for Access Routers

Q1. What is the maximum amount of traffic that the network module can examine?
A. 85 Mbps
B. 45 Mbps
C. 60 Mbps
D. 100 Mbps
E. 150 Mbps

Answer: B

Q2. How many external interfaces are on the network module?
A. No external ports
B. 1 Ethernet port
C. 1 Ethernet port and 1 console port
D. 1 console port

Answer: B

Q3. Which router platform is not a supported router platform for the network module?
A. 3700 Series
B. 3660
C. 2691
D. 2600XM Series
E. 800 Series

Answer: E

Q4. Which of the following are true about packets being forwarded to the NM-CIDS? (Choose two.)
A. Packets dropped by an input ACL are forwarded.
B. Packets dropped by an output ACL are not forwarded.
C. Packets dropped by an input ACL are not forwarded.
D. Packets dropped by an output ACL are forwarded

Answer: C, D

Q5. Which of the following packets would be forwarded to NM-CIDS?
A. ARP packet
B. Packet with a bad IP version
C. Packet whose length is 18 bytes
D. Packet with a TTL of 1
E. Packet with an incorrect header length

Answer: D

Q6. Which name does the router assign to the NM-CIDS?
A. network-module
B. ids-module
C. ids-sensor
D. sensor-module
E. ids-device

Answer: C

Q7. Which port would you use to access the NM-CIDS in slot 2 via Telnet?
A. 2001
B. 2033
C. 2010
D. 2065
E. 2045

Answer: D

Q8. Which command performs a hardware reboot of the NM-CIDS?
A. service-module ids-sensor 1/0 reload
B. service-module ids-sensor 1/0 reset
C. service-module ids-sensor 1/0 reboot
D. service-module ids-sensor 1/0 restart

Answer: B

Q9. Which command (if used incorrectly) can cause you to lose data on your NM-CIDS hard disk?
A. service-module ids-sensor 1/0 reload
B. service-module ids-sensor 1/0 shutdown
C. service-module ids-sensor 1/0 restart
D. service-module ids-sensor 1/0 reset
E. service-module ids-sensor 1/0 reboot

Answer: D

Q10. Which of the following is not a valid file transfer protocol to use when you re-image the application image via the boot helper?
A. FTP
B. SCP
C. TFTP

Answer: A

Q11. How many NM-CIDS devices can you have in a single access router?

Answer: You can have only one NM-CIDS installed in each access router.

Q12. How much traffic can an NM-CIDS monitor?

Answer: An NM-CIDS can examine a maximum of 45 Mbps of traffic.

Q13. NM-CIDS is supported on which router platforms?

Answer: The NM-CIDS is supported on the following router platforms: 2600XM Series 2691, 3660, 3725, and 3745.

Q14. What does the “EN” LED on the NM-CIDS front panel indicate?

Answer: The “EN” LED on the NM-CIDS front panel indicates that the NM-CIDS has passed the self-test and is available to the router.

Q15. Which IOS forwarding features impact the operations of the NM-CIDS?

Answer: The following IOS forwarding features impact the operation of the NM-IDS: Access Control Lists (ACLs), encryption, Network Address Translation (NAT), IP multicast, UDP flooding, IP broadcast, and GRE tunnels

Q16. Are packets dropped by ACLs forwarded to NM-CIDS for examination?

Answer: Packets dropped by input ACLs are not forwarded to NM-CIDS (to avoid duplicate packets), but packets dropped by output ACLs are forwarded to NM-CIDS for examination.

Q17. Which type of encrypted traffic can NM-CIDS analyze?

Answer: NM-CIDS can examine encrypted traffic for IPSec tunnels terminated on the router, but it cannot analyze encrypted traffic passing through the router

Q18. When you use inside NAT, which IP addresses are forwarded to NM-CIDS?

Answer: With inside NAT, only the inside IP addresses are sent to the NM-CIDS.

Q19. Which types of packets are not forwarded to NM-CIDS for analysis?

Answer: Address Resolution Protocol (ARP) packets are not forwarded to NM-CIDS for examination. Packets in which an IP header field contains an error, such as an irregularity in a field, are not forwarded to NM-CIDS for examination.

Q20. Should you run Cisco IOS-IDS in conjunction with NM-CIDS?

Answer: No. Running Cisco IOS-IDS in conjunction with NM-CIDS can adversely impact the operation of your access router.

Q21. What is the preferred clock configuration on NM-CIDS?

Answer: The preferred clock configuration for NM-CIDS is to use NTP mode on the NMCIDS.

Q22. What is the least-preferred clock configuration on NM-CIDS?

Answer: The least-preferred clock configuration on NM-CIDS is to run Cisco IOS clock mode on the NM-CIDS and set the Cisco IOS time zone to the local time zone.

Q23. When you are using Cisco IOS clock mode, accurate NM-CIDS time depends on what factors?

Answer: When you are using Cisco IOS clock mode, accurate NM-CIDS time depends on the router’s local time, the router’s time zone offset, and the router’s summer time mode and offset, as well as the NM-CIDS’s time zone offset and the NM-CIDS’s summer time mode and offset.

Q24. What are the two methods for accessing the console on the NM-CIDS?

Answer: The Cisco IOS software performs a reverse Telnet that enables you to access the NMCIDS console via Telnet or the service-module command.

Q25. What is the formula for calculating the port number to Telnet to when you are accessing NMCIDS via Telnet?

Answer: The formula for calculating the Telnet port is (32 x slot number) + 2001.

Q26. Which command enables you to shut down the NM-CIDS from the router CLI?

Answer: The command to shut down the NM-CIDS from the router CLI is service-module ids-sensor slot/0 shutdown.

About the author

Scott

Leave a Comment