“Do I Know This Already?” Quiz – Cisco Network Discovery Policy
“Do I Know This Already?” Quiz
The “Do I Know This Already?” quiz enables you to assess whether you should read this entire chapter thoroughly or jump to the “Exam Preparation Tasks” section. If you are in doubt about your answers to these questions or your own assessment of your knowledge of the topics, read the entire chapter. Table 9-1 lists the major headings in this chapter and their corresponding “Do I Know This Already?” quiz questions. You can find the answers in Appendix A, “Answers to the ‘Do I Know This Already?’ Quizzes.”
Table 9-1 “Do I Know This Already?” Section-to-Question Mapping
Foundation Topics Section | Questions |
Network Discovery Essentials | 1–2 |
Best Practices for Network Discovery | 3–5 |
Fulfilling Prerequisites | 6 |
Configurations | 7 |
Verification | 8 |
The goal of self-assessment is to gauge your mastery of the topics in this chapter. If you do not know the answer to a question or are only partially sure of the answer, you should mark that question as wrong for purposes of the self-assessment. Giving yourself credit for an answer you correctly guess skews your self-assessment results and might provide you with a false sense of security.
1. Which of the following statements about application detectors is true?
- Internal detectors are always on; they are built in the software.
- The management center leverages OpenAppID to create custom detectors.
- Secure Firewall software comes with a set of application detectors, by default.
- All of these answers are correct.
2. Which of the following databases contain the fingerprint information?
- Snort rule database
- URL filtering database
- Vulnerability Database
- Discovery event database
3. What does a network discovery policy allow Secure Firewall to discover?
- Hosts
- Users
- Applications
- All of these answers are correct.
4. For accurate discovery of the latest applications, which of the following should you consider?
- Ensure that the network discovery policy is set to monitor the load-balancer devices.
- Use the network addresses instead of network objects.
- Generate Rule Recommendations in an intrusion policy.
- Keep the Vulnerability Database (VDB) version up to date.
5. Which of the following is considered a best practice when deploying network discovery policy?
- Deploy the threat defense as close as possible to the gateway.
- Add the addresses 0.0.0.0/0 and ::/0 in the rule for an accurate host profile.
- Exclude the IP addresses of any NAT and load-balancing devices from the list of monitored networks.
- For precise detection of the latest application, create a rule to discover private IP addresses.
6. Which of the following statements is not true?
- To discover applications, hosts, or users from certain subnets, you can trust the traffic from that subnet to expedite the discovery process.
- Secure Firewall uses the Adaptive Profiles option to perform application control.
- The Adaptive Profiles option should be always enabled to ensure superior detection.
- Trusted connections are not subject to deep inspection or discovery.
7. Which of the following statements is false?
- If you forgot to create an object using the Object Management page, you can still create one on the fly directly from the Add Rule window.
- Creating objects for the network resources and reusing them in the discovery rules are optional; however, it helps with rule management in the long term.
- You can create objects only for three elements: network addresses, port numbers, and interfaces.
- You can group multiple objects into a single configuration.
8. What is the reason that some operating systems appear as pending?
- The network discovery policy deployment is not complete.
- The threat defense is currently waiting on further packets to conclude analysis.
- The management center has reached its license limit.
- The operating system is currently being updated by the host.