CCNP Secure FAQ Implementing and Configuring Cisco IOS Control Plane Security
Q1. The central processing unit of each device is tasked to not do which of these?
A. Process fast-path data plane traffic
B. Process control plane traffic
C. Process management plane traffic
D. Process slow-path data plane traffic
Q2. The route processor is divided into which of the following parts?
A. Distributed switch engine
B. Management plane
C. Central switch engine
D. Control plane
Q3. The purpose of a slow-path denial of service attack is to force packets to be what?
A. Distributed switched
B. Process switched
C. Routed
D. Switched
Q4. When using Control Plane Policing, the two types of policing types include which of the following?
A. Distributed control plane services
B. Summarized control plane services
C. Processed control plane services
D. Aggregate control plane services
Q5. Which of the following traffic is classified as always destined for the control plane?
A. Data traffic packets
B. Routing protocol control packets
C. Management protocol packets
D. Marked QoS packets
Q6. When using Control Plane Protection, which of the following subinterfaces are not used to further refine control plane security?
A. Control plane host subinterface
B. Control plane transmit subinterface
C. Control plane CEF-exception subinterface
D. Control plane transit subinterface
Q7. Which of the following features were added with Control Plane Protection?
A. Port filtering
B. Queue thresholding
C. Protocol filtering
D. Port thresholding
Q8. Which of the CPPr features provide the ability to early-drop specific packets before they get to the process level?
A. Queue thresholding
B. Packet filtering
C. Protocol filtering
D. Port filtering
Q9. What security mechanism works by creating a hash that is then transmitted to verify authenticity?
A. MD4
B. CPPr
C. MD5
D. AES
Q10. Which of the following steps is not used by the MQC to create and deploy a traffic policy?
A. Creation of a class map
B. Application of a class map
C. Creation of a policy map
D. Application of a policy map
Q11. The control plane includes the group of processes that are run at the _____ level and control most high-level control IOS functions.
Q12. The _____ is responsible for the high-speed routing of packets that typically come from nondistributed interfaces.
Q13. _____ control plane services are considered first, and then the conditioned traffic is passed through to _____ control plane services.
Q14. Output control plane services are applied after the packet exits the control plane and are only available with _____ control plane services.
Q15. _____ allows the control plane to be considered like a separate entity with its own input and output interface.
Q16. With Control Plane Protection, the control plane interface is split into four pieces, an _____ and _____.
Q17. The _____ receives all control plane IP traffic that is directed at one of the device’s interfaces.
Q18. The _____ feature enhances Control Plane Protection by providing a mechanism for Climiting the number of matched protocol packets allowed at the process level.
Q19. _____ works by creating a one-way hash out of a shared secret and sending this hash between source and destination.
Q20. A _____ is essentially an electronic repository of keys and their respective shared secret and validity schedules.
More Resources