CCSP SECUR FAQ : Scaling Management of an Enterprise VPN Environment
Q1. Which of the following is not supported by CiscoWorks 2000?
A. Management and monitoring of PIX firewalls
B. Management and monitoring of the CSIDS
C. Management and monitoring of Cisco HIDS
D. Management and monitoring of syslog servers
E. Web-based interface for the configuration, management, and troubleshooting of VPNs
Q2. Which of the following operating systems support the installation of CiscoWorks 2000? (Choose all that apply)
A. Red Hat Linux
B. Windows 2000 Server
C. Sun Solaris 9
D. Windows 2000 Professional
E. Open BSD
Q3. Which server platform is required for the installation of the Router MC? (Choose all that apply)
A. Windows 2000 Advanced Server
B. CiscoWorks 2000
C. Sun Solaris 2.6
D. VPN/Security Management Solution
E. Windows 2000 Server
Q4. Where is the “hub” normally located when creating a “hub-and-spoke” network?
A. In the geographic center of the network, to ensure a relatively equal distance between spoke sites
B. In a central location that is primarily determined by the throughput available for each spoke site
C. At the site with the best Internet connection
D. At a location that is logically central to the organization, such as the corporate headquarters
E. At the site with the least complex network
Q5. In a “hub-and-spoke” network design, how do the spoke locations communicate?
A. The spokes do not communicate with each other.
B. All traffic is routed through the “hub.”
C. All spoke sites are configured for a full-mesh VPN.
D. The hub proxies all connections back out to the spokes.
E. None of the above.
Q6. When configuring the hub settings in the context of the VPN and firewall policies, exactly which items are configured?
A. How many VPN connections can be accepted by the hub router
B. The type of router that is used at the hub location
C. The internal interfaces and networks on the “hub side”
D. The central site router that has priority for the connection
E. All of the above
Q7. How long will an activity be available for editing by any user?
A. Until it has been “deployed”
B. Until it has been “submitted”
C. Until it has been “approved”
D. Until it has been “deleted”
E. Until it has been “rejected”
Q8. When configuring the firewall settings of the VPN and firewall policies, what component are you configuring?
A. CBAC
B. The PIX firewall
C. Access control lists
D. Cisco Secure ACS
E. All of the above
F. None of the above
Q9. What doe the term “inheritance” mean when talking about the Router MC?
A. Any changes made to the “hub” will affect the “spokes.”
B. Any policies applied to a device will affect the group that the device is assigned to.
C. Any policies applied to a device level group will affect the global group.
D. Policy changes will not affect a device if it is in the “locked group.”
E. None of the above.
Q10. Which components can be used multiple times when configuring the Router MC?
A. Device names
B. Organizational IDs
C. VPN policies
D. Building blocks
E. None of the above
Q11. If you install CiscoWorks 2000 on any Windows platform, which additional packages are required?
Q12. What is the significance of configuring the “hub” of the “hub-and-spoke” network to be located at the corporate headquarters?
Q13. What are some of the general settings when configuring the VPN and firewall policies on the Router MC?
Q14. What is meant by “device hierarchy and inheritance”?
Q15. I have just completed deploying a job and it appears that the VPN is having connectivity issues. What steps can I take to repair the damage?
Q16. What is the method used to capture data about existing devices and send it to the Router MC?
Q17. What items are predefined in the Router MC?
Q18. What is the definition of IPSec?
Q19. What additional functionality do you get by tunneling IPSec with GRE?
Q20. What is defined within the “tunnel policies”?
Q21. How long can a job remain open?
Q22. What should you do if a job deployment doesn’t “stick”?
Q23. What CiscoWorks 2000 account has read-only permissions?
More Resources