1. Which two features can be implemented using the Cisco SDM Advanced Firewall wizard? (Choose two.)
A. DMZ support
B. custom rules
C. firewall signatures
D. application security
E. IP unicast reverse path forwarding
2. What three classifications reflect the different approaches used to identify malicious traffic? (Choose three.)
A. platform based
B. signature based
C. policy based
D. regular-expression based
E. symbol based
F. anomaly based
3. Which action can be taken by Cisco IOS IPS when a packet matches a signature pattern?
A. drop the packet
B. reset the UDP connection
C. block all traffic from the destination address for a specified amount of time
D. perform a reverse path verification to determine if the source of the malicious packet was spoofed
E. forward the malicious packet to a centralized NMS where further analysis can be taken
4. A router interface is configured with an inbound access control list and an inspection rule. How will an inbound packet on this interface be processed?
A. It will be processed by the inbound ACL. If the packet is dropped by the ACL, then it will be processed by the inspection rule.
B. It will be processed by the inbound ACL. If the packet is not dropped by the ACL, then it will be processed by the inspection rule.
C. It will be processed by the inspection rule. If the packet matches the inspection rule, the inbound ACL will be invoked.
D. It will be processed by the inspection rule. If the packet does not match the inspection rule, the inbound ACL will be invoked.
5. Which statement is true about an IPsec/GRE tunnel?
A. The GRE tunnel source and destination addresses are specified within the IPsec transform set.
B. An IPsec/GRE tunnel must use IPsec tunnel mode.
C. GRE encapsulation occurs before the IPsec encryption process.
D. Crypto map ACL is not needed to match which traffic will be protected.