多項(xiàng)選擇題When configuring IOS firewall (CBAC) operations on Cisco routers, the "inspection rule" could be applied at which two locations? ()

A. at the untrusted interfacein the inbound direction
B. atthe untrusted interface in theoutbounddirection
C. at thetrusted interface inthe inbound direction
D. at the trusted interface in the outbound direction
E. at the trusted and untrusted interfaces in the inbound direction
F. at the trusted and untrusted interfaces in the outbounddirection


您可能感興趣的試卷

你可能感興趣的試題

1.多項(xiàng)選擇題The CS-MARS appliance offers attackmitigatons using which twomethods?  ()

A. Automatically pushing ACLs to layer 3 devices to block the attacker’s traffic
B. Automatically pushing commands to layer 2 switches to shutdown the attacker’s ports
C. Automatically resetting the attacker’sTCP connections
D. RecommendingACLs tobe manuallypushed tolayer 3 devices such as routers/firewalls
E. Operating as an inline appliance, it automaticallyblocks malicious traffic inline
F. Working inconjuction with CSM to block the attacker’s traffic inline

2.單項(xiàng)選擇題Which of the following are not steps in setting up aTLS session? ()

A. Client sends Hello to Server listing all of its supported cipher suites
B. Server sends Hello to Client listing all of its supported cipher suites
C. Client calculates and sends encryptedpre_master_secret
D. Client and Server calculate keys from pre_master_secret
E. Server sends Change Cipher Spec to indicate a shift to encrypted mode

3.單項(xiàng)選擇題PEAP provides authentication for theEAP exchange using: ()

A. RC4
B. TLS
C. SSH
D. AES
E. 3DES

4.單項(xiàng)選擇題To enable TCP Port Forwarding applications using IOS WebVPN, what needs tobe downloaded to the client?()

A. Cisco SecurityAgent (CSA)
B. CiscoTrustAgent (CTA)
C. Cisco Secure Desktop (CSD)
D. A small Java Applet
E. SSLVPN Client (SVC)
F. SSLVPN Client (SVC) and Cisco Secure Desktop (CSD)

5.單項(xiàng)選擇題Why is NTP an important component when implementing IPSec VPN in a PKI environment?()

A. To ensure the router has the correct time when generating its private/public key pairs.
B. To ensure the router has the correct time when checking certificate validity from the remote peers
C. To ensure the router time is sync with the remote peers for encryption keys generation
D. To ensure the router time is sync with the remote peers during theDH exchange
E. To ensure the router time is sync with the remote peers when generating the cookies during IKE phase 1

最新試題

Which Cisco security software product mitigates Day Zero attacks on desktops and servers - stopping known and unknown attacks without requiring reconfigurations or updates on the endpoints?()

題型:?jiǎn)雾?xiàng)選擇題

What Cisco Switch feature best protects against CAM table overflow attacks?()

題型:?jiǎn)雾?xiàng)選擇題

Which should be the key driver for a company security policy’s creation, implementation and enforcement?()

題型:?jiǎn)雾?xiàng)選擇題

Of the threats discussed below, what is the main advantage of using Cisco Secure Desktop which is part of the Cisco ASA VPN solution?()

題型:?jiǎn)雾?xiàng)選擇題

Which one of the following is NOT a supported IKE attribute?()

題型:?jiǎn)雾?xiàng)選擇題

Since HTTP is one of the most common protocols used in the internet, what should be done at a firewall level to ensure thatthe protocol is being used correctly? ()

題型:?jiǎn)雾?xiàng)選擇題

Cisco Clean Access ensures that computers connecting to your network have which of the following?()

題型:?jiǎn)雾?xiàng)選擇題

Which is a benefit of implementing RFC 2827?()

題型:?jiǎn)雾?xiàng)選擇題

Select the two correctstatements from the list below that describe DES and 3DES: ()

題型:多項(xiàng)選擇題

When implementing internet standards you are required to follow RFC’s processes and procedures based onwhat RFC?()

題型:?jiǎn)雾?xiàng)選擇題