Chapter 14. Cisco IDS Network Module for Access Routers


This chapter covers the following subjects:

  • NM-CIDS Overview

  • NM-CIDS Hardware Architecture

  • Traffic Capture for NM-CIDS

  • NM-CIDS Installation and Configuration Tasks

  • NM-CIDS Maintenance Tasks

  • Recovering the NM-CIDS Software Image

Flexibility of deployment options is a strength of the Cisco IPS solution. Besides deploying appliance sensors, you can also deploy sensors in your Catalyst 6500 switches via the IDSM-2. A final deployment location is your access routers. Deploying IPS sensors in your access routers enables you to incorporate intrusion prevention by using your existing network infrastructure devices.

Note

Access routers are the network devices you use to connect your internal network with remote sites (via private lines or public carriers).


Understanding the various deployment options is vital to effectively deploying a Cisco IPS solution that is customized to your network environment. Although the Cisco IDS Network Module (NM-CIDS) for access routers is a full-featured IPS sensor, there are unique configuration and operational tasks associated with this device. Understanding these unique tasks will assist you in incorporating the network module into your Cisco IPS solution.

"Do I Know This Already?" Quiz

The purpose of the "Do I Know This Already?" quiz is to help you decide if you really need to read the entire chapter. If you already intend to read the entire chapter, you do not necessarily need to answer these questions now.

The 10-question quiz, derived from the major sections in the "Foundation and Supplemental Topics" portion of the chapter, helps you determine how to spend your limited study time.

Table 14-1 outlines the major topics discussed in this chapter and the "Do I Know This Already?" quiz questions that correspond to those topics.

Table 14-1. "Do I Know This Already?" Foundation and Supplemental Topics Mapping

Foundation or Supplemental Topic

Questions Covering This Topic

NM-CIDS Overview

1, 2, 3

NM-CIDS Hardware Architecture

-

Traffic Capture for NM-CIDS

4, 5

NM-CIDS Installation and Configuration Tasks

6, 7

NM-CIDS Maintenance Tasks

8, 9

Recovering the NM-CIDS Software Image

10


Caution

The goal of self-assessment is to gauge your mastery of the topics in this chapter. If you do not know the answer to a question or are only partially sure of the answer, you should mark this question wrong for purposes of the self-assessment. Giving yourself credit for an answer you correctly guess skews your self-assessment results and might provide you with a false sense of security.


1.

What is the maximum amount of traffic that the network module can examine?

  1. 85 Mbps

  2. 45 Mbps

  3. 60 Mbps

  4. 100 Mbps

  5. 150 Mbps

2.

How many external interfaces are on the network module?

  1. No external ports

  2. 1 Ethernet port

  3. 1 Ethernet port and 1 console port

  4. 1 console port

3.

Which router platform is not a supported router platform for the network module?

  1. 3700 Series

  2. 3660

  3. 2691

  4. 2600XM Series

  5. 800 Series

4.

Which of the following are true about packets being forwarded to the NM-CIDS? (Choose two.)

  1. Packets dropped by an input ACL are forwarded.

  2. Packets dropped by an output ACL are not forwarded.

  3. Packets dropped by an input ACL are not forwarded.

  4. Packets dropped by an output ACL are forwarded.

5.

Which of the following packets would be forwarded to NM-CIDS?

  1. ARP packet

  2. Packet with a bad IP version

  3. Packet whose length is 18 bytes

  4. Packet with a TTL of 1

  5. Packet with an incorrect header length

6.

Which name does the router assign to the NM-CIDS?

  1. network-module

  2. ids-module

  3. ids-sensor

  4. sensor-module

  5. ids-device

7.

Which port would you use to access the NM-CIDS in slot 2 via Telnet?

  1. 2001

  2. 2033

  3. 2010

  4. 2065

  5. 2045

8.

Which command performs a hardware reboot of the NM-CIDS?

  1. service-module ids-sensor 1/0 reload

  2. service-module ids-sensor 1/0 reset

  3. service-module ids-sensor 1/0 reboot

  4. service-module ids-sensor 1/0 restart

9.

Which command (if used incorrectly) can cause you to lose data on your NM-CIDS hard disk?

  1. service-module ids-sensor 1/0 reload

  2. service-module ids-sensor 1/0 shutdown

  3. service-module ids-sensor 1/0 restart

  4. service-module ids-sensor 1/0 reset

  5. service-module ids-sensor 1/0 reboot

10.

Which of the following is not a valid file transfer protocol to use when you re-image the application image via the boot helper?

  1. FTP

  2. SCP

  3. TFTP

The answers to the "Do I Know This Already?" quiz are found in the appendix. The suggested choices for your next step are as follows:

  • 8 or less overall score Read the entire chapter. This includes the "Foundation and Supplemental Topics" and "Foundation Summary" sections and the Q&A section.

  • 9 or 10 overall score If you want more review on these topics, skip to the "Foundation Summary" section and then go to the Q&A section. Otherwise, move to the next chapter.



CCSP IPS Exam Certification Guide
CCSP IPS Exam Certification Guide
ISBN: 1587201461
EAN: 2147483647
Year: 2004
Pages: 119
Authors: Earl Carter

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net