B. 2
C. 3
D. 4
E. 5 Answer: C Explanation: The SAFE medium network design consists of three modules: the corporate Internet module, the campus module, and the WAN module. Ref: Safe White papers; Page 16 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 22 How are application layer attacks mitigated in the SAFE SMR small network corporate Internet module?
A. NIDS
B. Virus scanning at the host level.
C. HIDS on the public servers.
D. Filtering at the firewall.
E. CAR at ISP edge.
F. TCP setup controls at the firewall to limit exposure. Answer: C Explanation: Application layer attacks - Mitigated through HIDS on the public servers Ref: Safe White papers; Page 11 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 23 What is IP logging, as defined for the Cisco IDS appliance?
A. IDS logs IP address information for hosts being attacked.
B. IDS logs user information from an attacking host.
C. IDS captures packets from an attacking host.
D. IDS logs IP address information from an attacking host. Answer: C Explanation: In addition to the packet capture that analyzes the traffic to identify malicious activity, the IDSM-2 can perform IP session logging that can be configured as a response action on a per-signature basis. If configured as such, when the signature fires, session logs will be created over a pre-specified time period in a TCP Dump format. Ref: Cisco Services Modules - Cisco Catalyst 6500 IDS (IDSM-2) Services Module
QUESTION 24 The high availability of network resources in Cisco AVVID Network Infrastructure solutions can be optimized through: (Choose all that apply)
A. Hot swap ability
B. Protocol Resiliency
C. Hardware Redundancy
D. Network Capacity Design
E. Fast Network convergence Answer: B, C, D Explanation: Determining how resilient a network is to change or disruption is major concern for network managers. This assessment of network availability is critical. It is essential that every network deployment emphasizes availability as the very first consideration in a baseline network design. Key availability issues to address include: Protocol Resiliency Hardware Redundancy Network Capacity Design Ref: Safe White papers; Page 23 Cisco AVVID Network Infrastructure Overview - White Paper
QUESTION 25 Threats that come from hackers who are more highly motivated and technically competent are called:
A. Sophisticated
B. Advanced
C. External
D. Structured Answer: D Explanation: Structured threats come from adversaries that are highly motivated and technically competent. Ref: Cisco Secure Intrusion Detection System (Cisco press) Page 9
QUESTION 26 According to SAFE, small network design has how many modules?
A. 2
B. 3
C. As many as the Enterprise architecture.
D. 5
E. 4 Answer: A Explanation: The small network design has two modules: the corporate Internet module and the campus module. Ref: Safe White papers; 10 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 27 If you permit syslog access from devices on the outside of a firewall, what type of filtering at the egress router should be implemented?
A. RFC 1771
B. RFC 1918
C. RFC 1305
D. SAFE design mandates no filtering at this point.
E. RFC 2827 Answer: E Explanation: When allowing syslog access from devices on the outside of a firewall, RFC 2827 filtering at the egress router should be implemented. Ref: Safe White papers; 72 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 28 What are the two options for the remote sites connecting into the SAFE SMR medium design? (Choose two)
A. ATM Connection only.
B. IPSec VPN into the corporate Internet module.
C. ISDN
D. Frame Relay Connection only.
E. Private WAN connection using the WAN module. Answer: B, E Explanations: From a WAN perspective, there are two options for the remote sites connecting into the medium design. The first is a private WAN connection using the WAN module; the second is an IPSec VPN into the corporate Internet module. Ref: Safe White papers; 16 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 29 Cisco SAFE Small, Midsize, and Remote-User Networks (SMR) recommends a personal firewall software in the software access option if?
A. He is not using a strong password on his PC.
B. The user established a VPN tunnel.
C. The used DSL service.
D. The user does not establish a VPN tunnel. Answer: D Explanations: Because the remote user may not always want the VPN tunnel established when connected to the Internet or ISP network, personal firewall software is recommended to mitigate against unauthorized access to the PC. .Ref: Safe White papers; 28 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 30 If you need to choose between using integrated functionality in a network device versus using a specialized function appliance, first and foremost you must make your decision based on:
A. The capacity and functionality of the appliance.
B. The integration advantage of the device.
C. Ease of implementation, use and the maintenance of the system.
D. Limiting the complexity of the design. Answer: A Explanation: The integrated functionality is often attractive because you can implement it on existing equipment, or because the features can interoperate with the rest of the device to provide a better functional solution. Appliances are often used when the depth of functionality required is very advanced or when performance needs require using specialized hardware. Make your decisions based on the capacity and functionality of the appliance versus the integration advantage of the device. Ref: Safe White papers; 4 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
