Home > Articles > Cisco > CCNP Security

  • Print
  • + Share This
From the author of Trouble Spots

Trouble Spots

In the SECURE v1.0 exam, you will possibly see several “drag-and-drop” questions. These require that you drag several items from a list on the left to the appropriate match in a list on the right. The logic for the match can be to put a list of items in order, or to match based on definition. These types of questions require memorization of details about technologies such as IPSEC, NAT, Zone-based Firewalls, and several types of VPNs available in Cisco IOS Software.

The bulk of the questions are multiple choice questions. Several of the multiple choice questions are simple question and answer, while quite a few involve being presented with either a sample of Cisco IOS configuration lines or several lines containing the output from either a “show” or “debug” command. From these sections of output, you must choose the answer(s) that can be determined from the output that is provided. This type of question will require experience in configuring and troubleshooting security features on Cisco IOS software-based routers and switches.

The SECURE v1.0 exam also contains a few scenario-based questions. These can become confusing, because there are several windows that you must switch back and forth between. These windows will display the scenario description, network diagrams, and simulated consoles in which you enter Cisco IOS Software commands. You will have to navigate between the windows during the scenario. Clicking on devices in the network topology diagram will open a console window. Depending on the scenario, you may have several questions that you must answer by using limited “show” commands; alternately, you may have to completely configure a security feature, such as Zone Based Policy Firewalls or GET VPN. Being comfortable with configuring and troubleshooting the technologies listed in the exam outline (login required) cannot be stressed enough. The scenario questions can be very time consuming. Remember, this exam has 70 questions and only a few (possibly only one) will be a scenario question, which will consume a substantial amount of time due to all the configuration items you must enter. You should take care to answer the scenario properly, but watch the clock so you can still answer the remaining questions.

  • + Share This
  • 🔖 Save To Your Account