I will admit it took me studying for the CCIE R&S to understand the difference between shaping and policing. Yes, you will slightly encounter this topic during CCNP switch but from how I remember it, it was in the switch exam which talks about hardware QoS.
Now working for a Service Provider I get to apply this, especially with our internet-cross connect with our customers. Basically, we shape for outbound traffic going to customer device to prevent them from trying to download their provisioned speed and Police, drop packet if they try to upload or push traffic towards us.
It is advisable that you match your shaper and your policer on the link. Remember that shaper is usually outbound and outbound only while policers can be both outbound and (usually) inbound.
Below is a good example of a shaper and policer config wherein for the policer, it will start dropping packets once its exceeded its provisioned bandwidth.
policy-map SHAPER
class class-default
shape average 100000000
!
policy-map POLICER
class class-default
police 100000000
comform-action transmit
violate-action drop
!
interface Gigabitethernet0/1
service-policy output SHAPER
service-policy input POLICER
!
I believe I have a previous blog post on QoS which focuses on LLQ.
Running-Config 