| A1: | b,d |
| A2: | a,e |
| A3: | a |
| A4: | d |
| A5: | b |
| A6: | b,d |
| A7: | b,c,e |
| A8: | a |
| A9: | b,e |
| 1: | What modules are found within the small network design? |
| A1: | Corporate Internet module Campus module |
| 2: | Where are private VLANs used in the small network design? |
| A2: | On the public services segment Optionally within the Campus module |
| 3: | What two security devices can be used in the Corporate Internet module to connect to the ISP module? |
| A3: | Firewall Cisco IOS Firewall router |
| 4: | Where would you use intrusion detection in the small network design? |
| A4: | A host-based IPS is used on servers located on the public services segment and can also be used on corporate internal servers, if required. It is also possible to use a limited form of an NIDS with the PIX Firewall or Cisco IOS Firewall router. |
| 5: | VPN functionality is provided by what devices in the small network design? |
| A5: | Firewall Cisco IOS Firewall router It is also possible to place a dedicated VPN device, such as the Cisco VPN 3000 Series Concentrator, if desired. |
| 6: | The Corporate Internet module connects to which modules? |
| A6: | ISP module Campus module |
| 7: | What are the two configuration types available in the small network design? |
| A7: | Headend or standalone configuration Branch configuration |
| 8: | The Campus module provides functionality to what components? |
| A8: | Corporate servers Corporate users Management server Layer 2 switch |
| 9: | Because no Layer 3 services are available in the Campus module, an increased emphasis is placed on ___________ and ____ security. |
| A9: | Application, host |
| 10: | What is a common design deviation in the Corporate Internet module? |
| A10: | To use dedicated devices to provide the functional components of the module rather than having the functionality in a single box. |
| 11: | The Corporate Internet module provides what services? |
| A11: | Internet, corporate public servers, VPN connectivity |