1. Home
  2. Networking
  3. CCSP Cisco Certified Security Professional Certification

Chapter Review

Chapter Review

The CiscoSecure Access Control Server (ACS) is a server-based application offering centralized user access control support for the various network devices. CiscoSecure ACS can be installed on either Windows or UNIX servers that meet minimum resource requirements.

ACS allows the administrator to manage user access for Cisco IOS routers, firewalls, Cisco Catalyst switches, and virtual private networks (VPNs), as well as newer technologies like dial-up and broadband DSL, cable access solutions, voice over IP (VoIP), Cisco wireless implementations, and third-party vendor TACACS+ offerings.

ACS is a strategic product at Cisco, incorporating new advanced features as they become available to increase the diversity and granularity of implementations. Current support includes the use of network OS security databases and management tools, user and administrative access reporting, database synchronization and user importation tools, Lightweight Directory Access Protocol (LDAP) user authentication support, dynamic quota generation, and restrictions such as time of day and day of week, as well as user and device group profiles.

Questions

1.?

Which two of the following are server platforms supported by Cisco Secure ACS?

  1. Novell NetWare

  2. Microsoft Windows

  3. UNIX (Sun Solaris)

  4. Linux

B. and C. Microsoft Windows and UNIX (Sun Solaris)

2.?

Which one of the following isn’t controllable by a network administrator using Cisco Secure ACS for Windows?

  1. What accounting information is kept for capacity planning, account billing, or security audits

  2. What privileges each user will have while in the network

  3. What encryption method will be used for interdevice communications

  4. Which users can access the network from either wired or wireless connections

  5. What access and command controls are enabled for each configuration administrator

C. What encryption method will be used for interdevice communications

3.?

Which IEEE standard is being introduced to support CiscoSecure ACS in the LAN?

  1. 802.1q

  2. 802.11b

  3. 802.1x

  4. 802.3au

C. 802.1 x

4.?

True or False. Cisco Secure ACS for Windows does not support MSCHAP version 2.

  1. True

  2. False

B. False. With ACS for Windows v3.0, it now supports MSCHAP.

5.?

True or False. Cisco Secure ACS for Windows supports per-user access control lists.

  1. True

  2. False

A. True

6.?

True or False. Cisco Secure ACS for Windows requires a choice between TACACS+ and RADIUS support.

  1. True

  2. False

B. False. It will support both simultaneously.

7.?

Cisco Secure ACS supports Token Card authentication on which platform?

  1. Windows only

  2. UNIX only

  3. Both UNIX and Windows

  4. Neither one

C. Both UNIX and Windows

8.?

Which Cisco Secure ACS for Windows service is the internal web server?

  1. CSAuth

  2. CSMon

  3. CSLog

  4. CSAdmin

B. CSMon

9.?

Which Cisco Secure ACS-supported database would provide fastest authentication?

  1. Windows NT/2000 user database

  2. Novell NDS

  3. Token Card servers

  4. CiscoSecure user database

D. CiscoSecure user database because it s internal to ACS

10.?

Which of the following does not impact Cisco Secure ACS server performance?

  1. Number and size of the CPUs

  2. Amount of server memory

  3. Number of users in the database

  4. Remote users connection speed

D. The remote users connection speed

11.?

Which of the following won’t work as a Cisco Secure ACS platform?

  1. Windows 2000 Server

  2. Windows 2000 Advanced Server

  3. Windows 2000 Datacenter Server

  4. Windows 2000 Professional

  5. Windows NT Server 4.0

D. Windows 2000 Professional. It must be a version of the server.

12.?

True or False. Cisco Secure ACS for Windows and UNIX are identical, and they provide the same features and service.

  1. True

  2. False

B. False

13.?

True or False. One limitation of Cisco Secure ACS for UNIX is its lack of support for TACACS+.

  1. True

  2. False

B. False. Cisco Secure ACS for UNIX supports both.

14.?

Once installed, Cisco Secure ACS is configured and administered using what?

  1. CLI only

  2. Web browser only

  3. CLI and/or web browser

  4. Windows Management Interface

B. Web browser only

15.?

Which two of the following will only access the ACS HTML interface using a web browser from the server on which Cisco Secure ACS is installed?

  1. http://Windows-server-IP-address:2002

  2. http://localhost:2002

  3. http://Windows-server-host-name:2002

  4. http://127.0.0.1:2002

B. http://localhost:2002 and d. http://127.0.0.1:2002

Answers

1.?

B. and C. Microsoft Windows and UNIX (Sun Solaris)

2.?

C. What encryption method will be used for interdevice communications

3.?

C. 802.1x

4.?

B. False. With ACS for Windows v3.0, it now supports MSCHAP.

5.?

A. True

6.?

B. False. It will support both simultaneously.

7.?

C. Both UNIX and Windows

8.?

B. CSMon

9.?

D. CiscoSecure user database because it’s internal to ACS

10.?

D. The remote users connection speed

11.?

D. Windows 2000 Professional. It must be a version of the server.

12.?

B. False

13.?

B. False. Cisco Secure ACS for UNIX supports both.

14.?

B. Web browser only

15.?

B. http://localhost:2002 and d. http://127.0.0.1:2002




BackCover
CCSP - Cisco Certified Security Professional Certification All-in-One Exam Guide
Introduction
Part I: Introduction to Network Security
Part II: Securing the Network Perimeter
Chapter 3: Cisco AAA Security Technology
Chapter 4: Cisco Secure ACS and TACACS+/RADIUS Technologies
Describe Cisco Secure ACS
Features and Architecture of Cisco Secure ACS for Windows
Features of CiscoSecure ACS for UNIX
Installing Cisco Secure ACS 3.0 for Windows
Administering and Troubleshooting Cisco Secure ACS for Windows
TACACS+ Overview
Configuring Cisco Secure ACS and TACACS+
Verifying TACACS+
Chapter Review
Chapter 5: Securing Cisco Perimeter Routers
Chapter 6: IOS Firewall Feature Set - CBAC
Chapter 7: IOS Firewall - Intrusion Detection System
Chapter 8: IOS Firewall - Authentication Proxy
Part III: Virtual Private Networks (VPNs)
Part IV: PIX Firewalls
Part V: Intrusion Detection Systems (IDS)
Part VI: Cisco SAFE Implementation
Appendix A: Access Control Lists
Appendix B: About the CD
List of Figures
List of Tables
List of Sidebars