Config Router

You are here: Home / Cisco / CCNP Secure FAQ Network Security Fundamentals

CCNP Secure FAQ Network Security Fundamentals

by

CCNP Secure FAQ Network Security Fundamentals

Q1. Which network security element, if attacked, could directly affect traffic flows going across a segment?
A. Routers
B. Switches
C. Servers
D. Firewalls
E. Bridges

Answer: B

Q2. Which of the following are main aspects that must be considered when securing a network?
A. Availability
B. Stability
C. Confidentiality
D. Integrity
E. Redundancy
E. Defensibility

Answer: A, C, and D

Q3. Which of the following describes a technique that provides security to a network through the use of a multilayer approach?
A. Hierarchical security
B. Nested technique
C. Security-in-Depth
D. Defense-in-Depth
E. Zoned security
F. Vested technique

Answer: D

Q4. Which of the following are the main sections of the Security Control Framework?
A. Complete control
B. Controllable security
C. Security management
D. Total visibility
E. Hieratical design

Answer: A and D

Q5. Which of the following actions are defined by the Security Control Framework?
A. Harden
B. Identify
C. Secure
D. Document
E. Isolate
F. All of these answers are correct.

Answer: A, B, and E

Q6. Which of the following technologies are used by the monitor action defined by the Security Control Framework?
A. Anomaly detection systems
B. Control plane policing
C. System log (syslog)
D. QoS enforcement
E. AAA/accounting
F. Management traffic encryption

Answer: A, C, and E

Q7. Which of the following technologies are used by the enforce action defined by the Security Control Framework?
A. Content filtering
B. AAA/accounting
C. Simple Network Management Protocol (SNMP)
D. Policy based routing (PBR)
E. AAA/authorization
F. Digital certificates

Answer: A, D, and E

Q8. Which of the following parts of SAFE defines security mechanisms that secure the network infrastructure itself?
A. Security Control Framework (SCF)
B. Network Foundation Protection (NFP)
C. Network core blueprint
D. Integrated Security Protection (ISP)
E. Infrastructure Foundation Protection (IFP)

Answer: B

Q9. Which of the following are valid design blueprints defined in SAFE?
A. Enterprise Internet edge
B. External WAN edge
C. Intranet data center
D. Enterprise core
E. Internet branch
F. ISP connection

Answer: A, C, and D

Q10. Which of the following are valid steps in the SAFE architectural lifecycle?
A. Design
B. Optimize
C. Operate
D. Implement
E. All of these answers are correct.

Answer: E

Q11. The _____ security aspect protects network data from being altered in transit.

Answer: integrity

Q12. The _____ ensures network and service availability.

Answer: Security Control Framework (SCF)

Q13. The SCF model defines the harden, isolate, and _____ actions to obtain complete control.

Answer: enforce

Q14. To provide _____, the SCF defines the identify, monitor, and correlate actions.

Answer: total visibility

Q15. The Network Time Protocol (NTP) is typically used with the _____ SCF action.

Answer: correlation

Q16. The design blueprints have been designed around various PINs in a network; PIN stands for _____.

Answer: Places in the Network

Q17. The SAFE design principle _____ was developed to make sure that designs were easily capable of meeting industry benchmarks.

Answer: Regulatory Compliance and Industry Standards

Q18. The security focuses of service availability, DoS/DDoS protection, data confidentiality/integrity, and server protection are used most in the _____ design blueprint.

Answer: intranet data center

Q19. The part of the network that typically connects to end users that all exist within similar geographic areas is defined in the _____ design blueprint.

Answer: Enterprise Campus

Q20. The management design blueprint is defined to increase security through the use of the _____ security focuses.

Answer: Access Control, data confidentiality, and integrity

More Resources