Network Foundation Protection

Question 1

Name three core elements addressed by NFP (Network Foundation Protection).

Answer 1

Management Plane, Control Plane, Data Plane

Question 2

If you add authentication to your routing protocol so that only trusted authorized routers share information, which plane in the NFP are you securing?

Answer 2

Control Plane

Question 3

If you use authentication and authorization services to control which administrators can access which networked devices and control what they are allowed to do, which primary plane of NFP are you protecting?

Answer 3

Management plane

Question 4

Name two protocols used to protect the management plane?

Answer 4

HTTPS, SSH

Question 5

Name two ways to implement role-based access control related to the management plane.

Answer 5

Views, AAA services

Question 6

What do CoPP and CPPr have in common?

Answer 6

They both focus on control plane protection, They both can identify traffic destined for the router that will likely require direct CPU resources to be used by the router

Question 7

Which type of attacks can you mitigate by authenticating a routing protocol?

Answer 7

Man-in-the-Middle attack, Denial-of-service attack, Reconnaissance attack

Question 8

What is a significant difference between CoPP and CPPr?

Answer 8

CPPr can classify and act on more-specific traffic than CoPP

Question 9

Name four ways to enable you to protect the data plane.

Answer 9

IOS zone-based firewall, IPS, Access lists, Port security

Question 10

DHCP snooping protects which component of NFP?

Answer 10

Data Plane