Question 51: The features of traditional IPSes are found in all of these modern systems, except:
A. Antimalware
B. Next-generation firewalls
C. Unified threat management appliances
D. Network behavior analysis systems
Correct Answer: A. Antimalware
Explanation: IPS capabilities have been rolled into many modern security technologies, such as next-generation firewalls, unified threat management appliances and network behavior analysis systems, but are not included in traditional antimalware products.
Question 52: How much network security spending is allocated to IPSes?
A. 5%
B. 10%
C. 15%
D. 20%
Correct Answer: B. 10%
Explanation: Although many IPS features are now incorporated into other products, the IPS market still represents 10% of network security spending.
Question 53: If it detects a threat, an IPS can:
A. Record the details of the threat
B.Report the threat to security admins
C. Take preventative action to stop the threat
D. All of the above
Correct Answer: D. All of the above
Explanation: IPSes are designed to identify nefarious activity in real time, record threats, report detected threats and take preventative action to stop the threat from doing damage to the system.
Question 54: How does machine learning benefit IDSes/IPSes?
A. By lowering the volume of attacks analyzed
B. By adding heuristic anomaly detection capabilities
C. By searching for similar patterns to known attacks
D. By helping identify signatures more quickly
Correct Answer: C. By searching for similar patterns to known attacks
Explanation: Automating discovery and creation of attack signatures, combined with the use of supervised learning, enables machine learning systems to learn about attacks and apply that knowledge to search for other instances displaying the same or similar behavior.
Question 55: Which of the following is a step you should take when considering a move to NVMe-oF?
A. Determine what fabric you’ll be using
B. Verify that your vendor adheres to NVMe-oF standards
C. Run an initial test in a lab environment
D. All of the above
Correct Answer: D. All of the above
Explanation: In most cases, you’ll want to deploy NVMe-oF over your existing storage network fabric. Fibre Channel, InfiniBand, iWARP, RDMA over Converged Ethernet and TCP are the options. You’ll need to make sure that your storage system will work with NVMe-oF and that your vendor is adhering to the NVMe-oF standard and not a proprietary approach. Running a test of your initial implementation is smart and a good way to get an understanding of how the technology works before putting it into a production environment.
Question 56: Which is true about NVMe-oF?
A. Products haven’t yet matured enough to handle production workloads
B. NVMe-oF is unlikely to replace rack-scale PCIe as the future of data center network infrastructure
C. It provides a simpler way to increase scale-out capacity
D. None of the above
Correct Answer: C. It provides a simpler way to increase scale-out capacity
Explanation: Not too long ago, rack-scale, switched PCIe fabric was seen as the future of data center storage network infrastructure. For now, NVMe-oF-based storage has changed that as it has become the standard protocol for storage network communication. NVMe products have matured to the point that they can support production workloads, and NVMe-oF is providing a simpler way to increase scale-out capacity. It skirts the centralized controller and takes a more direct route between the storage media and the host, letting one host communicate with many drives and increasing scale-out capability.
Question 57: Which is something you do not need to check when getting ready to deploy NVMe-oF?
A. That your NVMe drives support NVMe-oF
B. That your storage system has adequate throughput to keep up with the speed of your NVMe physical storage device
C. That the adapter connecting your initiator and the target supports remote direct memory access (RDMA)
D. That your device drivers and OS kernels are up to date
Correct Answer: A. That your NVMe drives support NVMe-oF
Explanation: If you’ve already implemented NVMe SSDs in your storage infrastructure, they will work with NVMe-oF, so there’s no need to check them. However, you will need to check that the throughput of the connection between your initiator and target is fast enough to keep up with the speed of your NVMe devices to take full advantage of NVMe and NVMe-oF’s capabilities. You’ll also need to check that the adapter connecting the initiator and target supports RDMA, because NVMe drives access system memory through RDMA. Most adapters provide that support, but it can’t hurt to check. Finally, make sure all your device drivers and OS kernels are up to date, because outdated ones can cause problems.
Question 58: Which is true of network fabrics in relation to NVMe-oF?
A. The initial NVMe-oF specification only supported Fibre Channel (FC)
B. NVMe over TCP can run over standard Ethernet networks
C. FC and RDMA NVMe-oF implementations are simpler than TCP ones
D. With FC and RDMA, data must be copied to memory buffers and IO cards
Correct Answer: B. NVMe over TCP can run over standard Ethernet networks
Explanation: When the NVMe-oF spec came out in 2016, it supported both FC and RDMA. TCP was added as a fabric option two years later. Data in FC and RDMA networks is transferred without being copied to memory buffers or IO cards, but NVMe-oF storage can be more complex to implement over those networks, requiring extra equipment and configuration, than over TCP. NVMe over TCP can run across a standard Ethernet network.
Question 59: Which of the following is a disadvantage of using NVMe over TCP?
A. NVMe over TCP can increase system process loads
B. Changes are often needed to network infrastructure and devices
C. NVMe over TCP takes a significant performance hit as distance increases
D. Specialized equipment is often needed when implementing NVMe over TCP
Correct Answer: A. NVMe over TCP can increase system process loads
Explanation: One downside of NVMe over TCP is that it can increase system processor loads. This situation results when TCP uses processing power to manage some operations. However, NVMe over FC or RDMA are more likely to need network infrastructure and client device alternations; NVMe over TCP is designed to run without changes. TCP can sustain high performance and low latency even over long distances, and it can be deployed on existing standard equipment.
Question 60: NVMe and NVMe-oF have solved all the storage performance problems.
A. True
B. False
Correct Answer: B. False
Explanation: NVMe has dramatically reduced latency and improved performance between the storage controller CPU or the server and attached flash storage drives. And NVMe-oF has done the same for the storage network and shared storage. However, as processors support increasing numbers of SSDs, the hardware involved gets increasingly complicated and can negatively affect system performance. The cause of this problem is the storage software, which must be rewritten to focus on CPU efficiency.