tailieunhanh - ccsp csi exam certification guide phần 7

Như đã đề cập trong phần giới thiệu, "Tất cả các Giới thiệu về chứng chỉ Cisco Certified Professional an", bạn có hai sự lựa chọn cho các câu hỏi xem xét lại. Các câu hỏi tiếp theo cung cấp cho bạn một thách thức lớn hơn so với kỳ thi bằng cách sử dụng một định dạng câu hỏi mở. | 210 Chapter 13 Designing Small SAFE Networks Table 13-11 lists the expected threats and mitigation actions found within the Campus module. Table 13-11 Campus Module Threats and Threat Mitigation Threat Threat Mitigation Application layer attacks Operating systems devices and applications are kept up to date with the latest security fixes and are protected by HIDSs. Packet sniffers A switched infrastructure limits the effectiveness of sniffing. Port redirection HIDSs prevent port redirection agents from being installed. Trust exploitation Private VLANs prevent hosts on the same subnet from communicating unless necessary. Unauthorized access HIDSs and application access control are used to mitigate unauthorized access. Virus and Trojan-horse applications Host-based virus scanning and host intrusion prevention prevents most viruses and many Trojan horses. Reference 211 Q A As mentioned in the Introduction All About the Cisco Certified Security Professional Certification you have two choices for review questions. The questions that follow next give you a more rigorous challenge than the exam itself by using an open-ended question format. By reviewing now with this more difficult question format you can exercise your memory better and prove your conceptual and factual knowledge of this chapter. The answers to these questions are found in Appendix A. For more practice with exam-like question formats including questions using a router simulator and multiple choice questions use the exam engine on the CD-ROM. 1. What modules are found within the small network design 2. Where are private VLANs used in the small network design 3. What two security devices can be used in the Corporate Internet module to connect to the ISP module 4. Where would you use intrusion detection in the small network design 5. VPN functionality is provided by what devices in the small network design 6. The Corporate Internet module connects to which modules 7. What are the two configuration types .