“Do I Know This Already?” Quiz – Cisco IPS-Only Deployment in Inline Mode
“Do I Know This Already?” Quiz
The “Do I Know This Already?” quiz enables you to assess whether you should read this entire chapter thoroughly or jump to the “Exam Preparation Tasks” section. If you are in doubt about your answers to these questions or your own assessment of your knowledge of the topics, read the entire chapter. Table 6-1 lists the major headings in this chapter and their corresponding “Do I Know This Already?” quiz questions. You can find the answers in Appendix A, “Answers to the ‘Do I Know This Already?’ Quizzes.”
Table 6-1 “Do I Know This Already?” Section-to-Question Mapping
Foundation Topics Section | Questions |
Inline Mode Essentials | 1 |
Best Practices for Inline Mode | 2 |
Inline Mode Configuration | 3, 4 |
Verification | 5 |
The goal of self-assessment is to gauge your mastery of the topics in this chapter. If you do not know the answer to a question or are only partially sure of the answer, you should mark that question as wrong for purposes of the self-assessment. Giving yourself credit for an answer you correctly guess skews your self-assessment results and might provide you with a false sense of security.
1. Which of the following statements is false?
- A threat defense supports NAT in the inline mode.
- An inline set is a logical group of one or more interface pairs.
- A threat defense does not support blocking with reset or interactive blocking.
- Both inline mode and transparent mode work like bump in the wire.
2. Which of the following options offer better handling of traffic in an IPS-only deployment?
- Enabling portfast on the switch ports that are connected to the inline interface pair.
- Enabling the fail open features for the inline interface set.
- Allowing the inline set to propagate its link state.
- All of these answers are correct.
3. Which of the following statements is true?
- The steps to configure inline mode and transparent mode are identical.
- An inline pair uses loopback IP addresses to transfer traffic.
- The Snort fail open feature is enabled on an inline set by default.
- The Propagate Link State feature is not enabled by default on an inline set.
4. Which of the following statements is true?
- You should include both interface pairs in the same inline set to ensure the recognition of asynchronous traffic.
- The fail open feature allows a threat defense device to continue its traffic flow through the device by bypassing the detection.
- Propagate Link State reduces the routing convergence time when one of the interfaces in an inline set goes down.
- All of these answers are correct.
5. Which command displays the advanced settings of an inline interface set?
- show interface ip brief
- show inline-set
- show interface detail
- show interface inline detail