The purpose of the "Do I Know This Already?" quiz is to help you decide if you really need to read the entire chapter. If you already intend to read the entire chapter, you do not necessarily need to answer these questions now.
The 11-question quiz, derived from the major sections in the "Foundation Topics" portion of the chapter, helps you determine how to spend your limited study time.
What is the best way to authenticate an H.323 connection?
Authenticate to the H.323 server
Telnet to the H.323 server
Virtual Telnet to the PIX Firewall for authentication
Virtual HTTP to the Cisco Secure ACS for authentication
What three services are used to authenticate by default in the PIX Firewall?
FTP, HTTP, HTTPS
FTP, Telnet, SSH
Auth-proxy, Local-auth, console
FTP, HTTPS, Telnet
None of the above
Which options are mandatory in every aaa authentication command on the PIX Firewall? (Select all that apply.)
include/exclude
inbound/outbound
local-ip/mask
group-tag
acl-name
How do you configure client IP address assignment on the Cisco Secure ACS when using the PIX Firewall as the AAA client?
Edit the AAA-client IP address in the System Configuration window.
Edit the AAA-client information in the Network Configuration window.
Edit the AAA Server information in the Interface Configuration window.
Edit the PIX Firewall information in the Network Configuration window.
None of the above
Why is it a good idea to rename your groups in Cisco Secure ACS?
To get the groups into a hierarchical format
To increase the performance of the Cisco Secure ACS
To simplify administration of users and groups
You cannot rename groups after they have been created.
None of the above
You are trying to create downloadable IP ACLs in Cisco Secure ACS, but the option is not available. What are two possible reasons?
You are running an older version of Cisco Secure ACS that does not support downloadable ACLs.
The PIX Firewall cannot connect to the Cisco Secure ACS.
Your authentication protocol is not RADIUS.
You do not have User-Level or Group-Level Downloadable ACLs selected in the Interface Configuration window, Advanced Options pane.
Where do you see the logs on the Cisco Secure ACS?
Interface Configuration window
Reports and Activity window
Network Configuration window
System Configuration window
You are installing Cisco Secure ACS on your new Windows 2000 Professional, but you cannot get it to load correctly. What is most likely the problem?
Cisco Secure ACS requires server software.
Your patch level is not up to date.
You are running a personal firewall or host-based IDS that is blocking the installation.
You do not have administrative privileges on that system.
All of the above
True or false: Cisco Secure ACS comes with its own online documentation.
True or false: The show aaa command shows you everything that has to do with your AAA server in its configuration.
What happens to virtual HTTP if you disable timeout uauth absolute?
The user cannot authenticate.
The user authenticates and never has to reauthenticate because the connection stays open.
The user can authenticate but cannot connect to the server.
None of the above
The answers to the "Do I Know This Already?" quiz are found in Appendix A, "Answers to the ''''Do I Know This Already?'''' Quizzes and Q&A Sections." The suggested choices for your next step are as follows:
Foundation Topics," "Foundation Summary," and "Q&A" sections.
Foundation Summary" section and then go to the "Q&A" section. Otherwise, move to the next chapter.