Kingdom of Saudi Arabia

Technical and vocational training corporation

second semester

Name: Rawan alawwad

• what is the AMP for endpoints, AMP for networking, and AMP for content
security, and what of each one integrateswith cisco?

AMP for Endpoints : by integrates with Cisco AMP for Networks to protection and
security for networks and endpoints.
AMP for Networks : Provides a network security appliances by integrated into dedicated
Cisco ASA Firewall and Cisco FirePOWER.
AMP for Content Security : This is an integrated feature in Cisco Cloud Web Security or
Cisco Web and Email Security Appliances to protect content .

• What are the benefits of Cisco email security solutions?

1- Spam blocking 2- Advanced malware protection 3- Outbound message control .

• What are the Three ways to grant sponsor permissions?

1- allow sponsor account 2- allow all accounts 3- don’t allow any account .

• What are the Layer 2 attacks?

1-STP 2- CAM 3- VLAN 4– Address Spoofing 5 -ARP 6-DHCP .

• What is the CAM table attack?

1-Fill cam 2- Intruder Runs 3- Switch floods all traffic 4- Attacker captures traffic .

• What are the Security Violation Modes?

1- Protect 2- Restrict 3- Shutdown .

• What are the DHCP attacks?

1- DHCP Spoofing 2- DHCP starvation .

1
 Kingdom of Saudi Arabia
Technical and vocational training corporation
second semester

• What are the two possible levels of IP traffic securityfiltering?

1- Source Ip address filter 2-source Ip and mac address filter .

• Determine the root and the best path for it from E

ROOT= A – best bath From E = C

• what are the VPN Benefits?

1- Cost Savings 2- Security 3- Scalability 4- Compatibility .

• what are the types of VPNs?

1-Remote-Access VPN 2- Site-to-Site VPN Access

• what is the difference between AH and ESP?

AH : provides authentication and integrity .
ESP: provides confidentiality authentication and integrity .

•what is the work of firewalls?

protect networks and systems from unauthorized access and malicious activity by limiting
and controlling network traffic.

2
Kingdom of Saudi Arabia
Technical and vocational training corporation
second semester

• what are the types of firewalls and in any layers?

1- Packet Filtering Firewall – layer 3-4
2- Application Gateway Firewall – layer 3-4-5-7
3- Stateful Firewall – layer 3-4-5
4- NAT Firewall – layer 3-4

3
 Kingdom of Saudi Arabia
Technical and vocational training corporation
second semester

• what are the benefits of stateful firewalls?

1- Primary means defense .
2- Strong packet filtering .
3- Improved performance over packet filtering .
4- Defends against spoofing and Dos attacks .
5- Richer data log .
6-
•
what is the DMZ?
a physical or logical subnetwork that sits between an organization's private internal
network and an external network .

•what is the Firewall best practices?

1- Position firewalls at security boundaries .
2- It is unwise to rely exclusively on a firewall for security.
3- Deny all traffic by default. Permit only services that are needed.
4- •Ensure that physical access to the firewall is controlled.
5- Monitor firewall logs.
6- Practice change management for firewall configuration changes.
7- Remember that firewalls primarily protect from technical attacks originating from the
outside.

•
what is the ZPF?
a firewall solution that is built into Cisco IOS routers provides a stateful firewall that uses to
provide granular control over network traffic .

• what are the benefits of ZPF?

1-Dependent on ACLs .
2- Router security posture is to block unless explicitly allowed .
3- Policies are easy to read and troubleshoot with C3PL .
4- One policy affects any given traffic instead of needing multiple ACLs and inspection
actions .

• what are the design steps of ZPF?

1-Determine the zones .

2-Establish policies between zones .
3-Design the physical infrastructure .
4-Identify subsets within zones and merge traffic requirements .

• what are the ZPF actions?

1- Inspect .
2- Drop .
3- Pass .
4