Blog

What is a characteristic of an IDS? It often requires assistance from other network devices to respond to an attack. It can be configured to drop trigger packets that are…

What is an advantage of using an IPS? It can stop trigger packets. It has no impact on network latency. It is installed outside of the data traffic flow. It…

What are two characteristics of both IPS and IDS sensors? (Choose two.) both use signatures to detect patterns both can detect atomic patterns both can stop trigger packets neither introduce…

Which statement describes Cisco IOS Zone-Based Policy Firewall operation? The pass action works in only one direction. A router interface can belong to multiple zones. Service policies are applied in…

What is the first step in configuring a Cisco IOS zone-based policy firewall via the CLI? Create zones. Define traffic classes. Define firewall policies. Assign policy maps to zone pairs.…

When using Cisco IOS zone-based policy firewall, where is the inspection policy applied? to a global service policy to an interface to a zone to a zone pair Answers Explanation…

Which two rules about interfaces are valid when implementing a Zone-Based Policy Firewall? (Choose two.) If neither interface is a zone member, then the action is to pass traffic. If…

What is the result in the self zone if a router is the source or destination of traffic? No traffic is permitted. All traffic is permitted. Only traffic that originates…

When a Cisco IOS zone-based policy firewall is being configured, which three actions can be applied to a traffic class? (Choose three.) drop inspect pass reroute queue shape Answers Explanation…

Designing a ZPF requires several steps. Which step involves dictating the number of devices between most-secure and least-secure zones and determining redundant devices? determine the zones establish policies between zones…

Which two statements describe the two configuration models for Cisco IOS firewalls? (Choose two.) The IOS Classic Firewall and ZPF cannot be combined on a single interface. ZPF must be…

When implementing a ZPF, what is the default security setting when forwarding traffic between two interfaces in the same zone? Traffic between interfaces in the same zone is selectively forwarded…

How does a firewall handle traffic when it is originating from the public network and traveling to the private network? Traffic that is originating from the public network is not…

What are two differences between stateful and stateless firewalls? (Choose two.) A stateless firewall is able to filter sessions that use dynamic port negotiations while a stateful firewall cannot. A…

Which type of firewall makes use of a proxy server to connect to remote servers on behalf of clients? stateful firewall stateless firewall packet filtering firewall application gateway firewall Answers…

What are two possible limitations of using a firewall in a network? (Choose two.) It cannot sanitize protocol flows. A misconfigured firewall can create a single point of failure. Network…

When implementing components into an enterprise network, what is the purpose of a firewall? A firewall is a system that stores vast quantities of sensitive and business-critical information. A firewall…

What are two characteristics of a stateful firewall? (Choose two.) uses static packet filtering techniques uses connection information maintained in a state table analyzes traffic at Layers 3, 4 and…

What is one limitation of a stateful firewall? poor log information weak user authentication cannot filter unnecessary traffic not as effective with UDP- or ICMP-based traffic Answers Explanation & Hints:…

What is one benefit of using a stateful firewall instead of a proxy server? prevention of Layer 7 attacks better performance ability to perform user authentication ability to perform packet…