As mentioned in the introduction, "All About the Cisco Certified Security Professional Certification," you have two choices for review questions. The questions that follow next give you a bigger challenge than the exam itself by using an open-ended question format. By reviewing now with this more difficult question format, you can exercise your memory better and prove your conceptual and factual knowledge of this chapter. The answers to these questions are found in Appendix A.
For more practice with exam-like question formats, including questions using a router simulator and multiple choice questions, use the exam engine on the CD-ROM.
| 1: | What are some of the benefits of using a dedicated appliance for security rather than the same integrated functionality in another device? |
| 2: | What are the two significant advantages to SAFE's use of modules in the blueprint? |
| 3: | What is the primary method that a DDoS attack uses to achieve its effects? |
| 4: | Why do hosts represent the greatest risk on a network? |
| 5: | Is it important to lock down Telnet, web, or SNMP access to devices, and if so, why? |
| 6: | What is the role of VTP in a network? What could an attacker do with VTP? How can attacks using VTP be made less likely to succeed? |
| 7: | What is 802.1x? How can it be used to improve the security of a network? |
| 8: | What are the four factors a software audit should consider when determining the security of an application? |