11.1

Question 1

What’s outside the net work has never been trusted but now what’s inside the net work also can’t be trusted this is called the – – – – – – Security model where everything in the network is considered untrustworthy until proven otherwise

Answer 1

Zero trust

Question 2

Network devices such as ——————— are designed to pass traffic through the net work as quickly and efficiently as possible

Answer 2

Routers and switches

Question 3

The last decision is called the – – – – – rule which insurance any traffic the ACL does not explicitly permit is deny by default

Answer 3

Implicit deny

Question 4

Thanks to a routers – – – – – – Routers can also declined to Ford certain packets depending on their contact

Answer 4

Access control list

Question 5

On most routers each interface must be assigned a separate – – – – and different – – – – maybe associated with inbound and outbound traffic

Answer 5

ACL

Question 6

The – – – – command is used to sign statement to an ACL on Cisco routers and similar routers the commandments identify the ACL and include a permit or deny argument

Answer 6

access-list

Question 7

This refers to the decision making layer of connective network devices

Answer 7

Control plane

Question 8

An adoption of quality of service filters can be used to rate limit traffic on the control plane and management plan of routers and switches using a feature called – – – – –

Answer 8

Control plane policing or COPP

Question 9

The – – – – command entered and team app configuration mode will pair of the class map created earlier it to your new policy map as follows

Answer 9

Class limit – I CMP

Question 10

The – – – – – feature filters are a Messages so the messages can only come from specific interfaces on the switch. Additionally – – – – offers other criteria that can filter are iMessages on Valon interfaces according to source Mac or IP address

Answer 10

RA guard

Question 11

Or a guard is configured on Cisco switches using Z – – – – – command

Answer 11

Raguard

Question 12

A – – – – – – – running on a client device however could be used to implement and on Pass attack by configuring an attacker IP address is the victims computers default gateway

Answer 12

Rogue DHCP server

Question 13

DHCP messages should be monitored by enabling – – – – – – on the

Answer 13

DHCP snooping

Question 14

Like like like like like like can we can figure it on a switch to protect against our spoofing attacks

Answer 14

DAI or dynamic ARP inspection

Question 15

 A – – – – – or proxy acts as an intermediary between the external and internal networks screening all incoming and outgoing traffic

Answer 15

Proxy server

Question 16

Although a proxy server appears to the outside world as an internal network server in reality it’s merely another filter invoice for the – – – – –

Answer 16

Internal lan

Question 17

– – – – – Are often used by enterprise networks to protect internal network clients however individual sometimes rely on – – – – two mask there Internet activities

Answer 17

Proxy server

Question 18

Also proxies might sound similar to VPN there is a critical difference . – – – – Might encrypt traffic but proxy does not

Answer 18

VPN