“Do I Know This Already?” Quiz
The “Do I Know This Already?” quiz allows you to assess if you should read the entire chapter. If you miss no more than one of these self-assessment questions, you might want to move ahead to the “Exam Preparation Tasks.” Table 13-1 lists the major headings in this chapter and the “Do I Know This Already?” quiz questions covering the material in those headings so you can assess your knowledge of these specific areas. The answers to the “Do I Know This Already?” quiz appear in Appendix A.
1. Control plane packets are handled by which of the following?
a. Ingress Interface
b. CPU
c. Management Interface
d. SNMP Interface
2. Which of the following functions is not handled by the control plane?
a. BGP
b. RSVP
c. SSH
d. ICMP
3. Which command provides information on receive adjacency traffic?
a. show ip bgp
b. show processes cpu
c. show interfaces summary
d. show ip cef
4. Control plane policing helps to protect the CPU by doing what?
a. Diverting all control plane traffic to the data and management planes
b. Filtering and rate-limiting traffic destined to the control plane
c. Rate-limiting SNMP traffic to reduce the impact on the CPU
d. Throttling all traffic ingressing the device during heavy traffic periods until the CPU performance has improved
5. In the following CoPP example, which traffic is being prevented from reaching the control plane?
Extended IP access list 123
10 deny tcp 192.168.1.0 0.0.0.25 any eq telent
20 deny udp 192.168.1.0 0.0.0.255 any eq domain
30 permit tcp any any eq telnet
40 permit udp any any eq domain
50 deny ip any any
Class-map match-all PEARSON
match access-group 123
policy-map Pearson_Example
class Pearson
police 10000 5000 5000 conform-action DROP exceed-action drop
a. Telnet traffic from the 192.168.1.0/24
b. Telnet and DNS traffic from outside the 192.168.1.0./24 subnet
c. Telnet and DNS traffic from the 192.168.1.0/24 subnet
d. DNS traffic from the 192.168.1.0/24 subnet
6. Which of the following is not a subinterface that can be leveraged as part of control plane protection?
a. Host subinterface
b. Frame Relay subinterface
c. CEF-Exception subinterface
d. Transit subinterface
7. Which line in the following OSPF configuration will not be required for MD5 authentication to work?
interface GigabitEthernet0/1
ip address 192.168.10.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 CCNA
!
router ospf 65000
router-id 192.168.10.1
area 20 authentication message-digest
network 10.1.1.0 0.0.0.255 area 10
network 192.168.10.0 0.0.0.255 area 0
!
a. ip ospf authentication message-digest
b. network 192.168.10.0 0.0.0.255 area 0
c. area 20 authentication message-digest
d. ip ospf message-digest-key 1 md5 CCNA
8. Which of the following pairs of statements is true in terms of configuring MD authentication?
a. Interface statements (OSPF, EIGRP) must be configured; use of key chain in OSPF
b. Router process (OSPF, EIGRP) must be configured; key chain in EIGRP
c. Router process or interface statement for OSPF must be configured; key chain in EIGRP
d. Router process (only for OSPF) must be configured; key chain in OSPF
9. Which of the following statements is true?
a. RIPv1 supports cleartext authentication, and RIPv2 supports MD5 authentication.
b. RIPv2 and OSPF make use of a key chain for authentication.
c. RIPv2 and EIGRP both require router process configuration for authentication.
d. RIPv2 and EIGRP both make use of a key chain for authentication.
10. What is needed to implement MD5 authentication for BGP?
a. Interface and router process configuration
b. Interface and key chain configuration
c. Router process configuration
d. Router process and key chain configuration