1.Drag Drop question

　　Drag and drop question. Drag the items to the proper locations.

　　Correct Answers:

　　2.Drag Drop question

　　Drag and drop question. Drag the items to the proper locations.

　　Correct Answers:

　　3.Which IDS guideline should be followed, according to SAFE SMR?

　　A: use UDP resets more often than shunning, because UDP traffic is more difficult to spoof

　　B: use TCP resets more often than shunning, because TCP traffic is more difficult to spoof

　　C: use TCP resets no longer than 15 minutes

　　D: use UDP resets no longer than 15 minutes

　　Correct Answers:　B

　　4.LAB

　　Correct Answers:　

　　5.As an alternative design in the SAFE SMR small network campus module, a small filtering router can be placed between the rest of the network and which devices?

　　A: Layer 2 switches

　　B: management stations

　　C: corporate users

　　D: routers

　　Correct Answers:　B

　　6.How are password attacks mitigated in the SAFE SMR midsize network design corporate Internet module?

　　A: filtering at the ISP, edge router, and corporate firewall

　　B: RFC 2827 and 1918 filtering at ISP edge and midsize network edge router

　　C: e-mail content filtering, HIDS, and host-based virus scanning

　　D: OS and IDS detection

　　E: CAR at the ISP edge and TCP setup controls at the firewall

　　Correct Answers:　D

　　7.Following termination of the VPN tunnel, what action is performed on remote user traffic in the SAFE SMR midsize network design corporate Internet module?

　　A: Traffic is sent through a Layer 2 switch.

　　B: Traffic is sent through a Layer 3 switch.

　　C: Traffic is sent through a firewall.

　　D: Traffic is sent through a router.

　　Correct Answers:　C

　　8.What are the SAFE guidelines when routing information is exchanged with an outside routing domain? (Select two.)

　　A:Use exterior gateway protocols only.

　　B:Use exterior gateway protocols that operate between routing domains and do not allow administrators to build and act on policies.

　　C:Use exterior gateway protocols because they allow administrators to build and act on policies rather than just on reachability information.

　　D:Do not use autonomous system path filters on every EBGP peering session in network.

　　E:Use exterior gateway protocols or static routes

　　F:Make certain that your outside peer advertises your routes to other peers for maximum reachability

　　Correct Answers:　A, C

　　9.Which two Cisco components encompass secure management? Choose two.

　　A:Cisco VPN Concentrators

　　B:CiscoWorks

　　C:Cisco IDS Sensors

　　D:Cisco PIX Firewalls

　　E:Web Device Managers

　　Correct Answers:　B, E

　　10.When is personal firewall software recommended in the software access option in the SAFE SMR remote user design environment?

　　A: when the VPN tunnel is established

　　B: when the VPN tunnel is not established

　　C: when the ISP does not provide firewall protection

　　D: when firewall protection is provided via the corporate connection

　　Correct Answers:　B