CCNP Secure FAQ Implementing and Configuring Cisco IOS Routed Data Plane Security
Q1. Which of the following are some of the most common types of routed data plane attacks?
A. Routing protocol spoofing
B. Slow-path denial of service
C. STP spoofing
D. Traffic flooding
Q2. Which of the following ACL ranges are used for standard access lists?
A. 100–199
B. 2000–2699
C. 1–99
D. 1300–1999
Q3. When using a reflexive access list, which of the following ACL types must be used?
A. Standard IP ACL
B. Extended IP ACL
C. Extended IP named ACL
D. Reflexive ACL
E. Standard IP named ACL
Q4. Which of the following are valid steps required for the creation of an FPM filtering policy?
A. Defining a service policy
B. Loading of a PCFD
C. Defining an access list
D. Loading of a PHDF
Q5. Which command are used to load a traffic classification file (TCDF)?
A. load protocol
B. load classification
C. load tcdf
D. load class-file
Q6. Which commands are used to configure matching for a traffic class?
A. match field
B. match start
C. match beginning
D. match l2-layer
E. match packet
Q7. Which of the following are restrictions when using FPM?
A. Stateful inspection only
B. IPv4/IPv6 unicast packets only
C. IPv4 unicast packets only
D. Cannot be used with IP options packets
Q8. Which of the following are benefits that are gained by using Flexible NetFlow?
A. Flexible key and nonkey fields
B. Version 5 export format
C. Standardized key and nonkey fields
D. Version 9 export format
Q9. Which of the following are Flexible NetFlow components?
A. Flow sequencers
B. Flow policers
C. Flow monitors
D. Flow samplers
Q10. Unicast RPF utilizes which of the following to compare source packet information?
A. IP routing table
B. CEF FIB
C. Topology tables
D. NetFlow records
Q11. There is a(n) _____ at the end of each access list.
Q12. An extended access list can use the number ranges of _____ and _____.
Q13. The wildcard mask that would be used with a subnet mask of 255.255.255.192 would be _____.
Q14. When assigning reflexive access lists to an interface, they are typically placed _____ on an interface facing away from the internal network or _____ on an interface facing toward the internal network.
Q15. Both PHDF and TCDF are formatted using _____.
Q16. When using FPM, traffic can be classified using _____ files or using the _____.
Q17. FPM is only able to inspect _____ unicast packets.
Q18. _____ fields are used by NetFlow to identify specific flows.
Q19. Unicast RPF can operate in _____ or _____ mode.
Q20. When configuring Unicast RPF, the first thing that must be configured is _____.
More Resources