3.5.5 Check Your Understanding – Cisco Network Foundation Protection Framework Answers

1. Which NFP plane would typically use out-of-band (OOB) access?

  • control plane
  • management plane
  • data plane

Explanation: The information flow between in the management plane can be out-of-band (OOB), where information flows within a network on which no production traffic resides. It can also be in-band, where information flows across the enterprise production network, the internet, or both.

2. Which NFP plane uses CoPP?

  • control plane
  • management plane
  • data plane

Explanation: The control plane uses Control Plane Policing (CoPP) to allow users to control the flow of traffic that is handled by the route processor of a network device.

3. Which NFP plane is responsible for applying access control lists (ACLs)?

  • control plane
  • management plane
  • data plane

Explanation: The data plane is responsible for applying ACLs such as whether traffic from hosts, networks, or users, can access the network.

4. The control plane is responsible for which of the following features? (Choose three.)

  • routing protocol authentication
  • blocking unwanted traffic or users
  • logs and accounts for all access
  • port security
  • route processor traffic
  • mitigating spoof attacks
  • role-based access control
  • password policy
  • AutoSecure

Explanation: The control plane is responsible for routing protocol authentication, route processor traffic (CoPP), and AutoSecure.

5. The management plane is responsible for which of the following features? (Choose three.)

  • routing protocol authentication
  • blocking unwanted traffic or users
  • logs and accounts for all access
  • port security
  • route processor traffic
  • mitigating spoof attacks
  • role-based access control
  • password policy
  • AutoSecure

Explanation: The management plane is responsible for the following features: login and password policy; present legal notification; data confidentiality; role-based access control (RBAC); action authorization; and management access reporting.

6. The data plane is responsible for which of the following features? (Choose three.)

  • routing protocol authentication
  • blocking unwanted traffic or users
  • logs and accounts for all access
  • port security
  • route processor traffic
  • mitigating spoof attacks
  • role-based access control
  • password policy
  • AutoSecure

Explanation: The data plane is responsible for ACLs and port security that block unwanted traffic as well as mitigating spoof attacks.

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments