多項(xiàng)選擇題Which two statements are true about the Cisco Classic (CBAC) IOS Firewall set?()

A.It can be used to block bulk encryption attacks
B.It can be used to protect against denial of service attacks
C.Traffic originating from the router is considered trusted, so it is not inspected
D.Based upon the custom firewall rules, an ACL entry is statically created and added to theexisting ACL permanently
E.Temporary ACL entries that allow selected traffic to pass are created and persist for theduration of the communication session


您可能感興趣的試卷

你可能感興趣的試題

1.單項(xiàng)選擇題

Refer to the exhibit. Host A has sent an ARP message to the default gateway IP address10.10.10.1. Which statement is true?()

A.DSw1 will reply with the MAC address of the next AVF
B.DSw2 will reply with the MAC address of the next AVF
C.Because of the invalid timers that are configured, DSw1 will not reply
D.Because of the invalid timers that are configured, DSw2 will not reply
E.DSw1 will reply with the IP address of the next AVF
F.DSw2 will reply with the IP address of the next AVF

2.多項(xiàng)選擇題

This item contains several questions that you must answer. You can view these questions byclicking on the Questions button to the left. Changing questions can be accomplished by clickingthe numbers to the left of each question. In order to complete the questions, you will need to referto the SDM and the topology, neither of which is currently visible. To gain access to either thetopology or the SDM, click on the button to left side of the screen that corresponds to the sectionyou wish to access. When you have finished viewing the topology the SDM, you can return to yourquestions by clicking on the Questions button to the left.

Off Shore Industries is a large worldwide sailing charter. The company has recently upgraded itsInternet connectivity. As a recent addition to the network engineering team, you have been taskedwith documenting the active Firewall configurations on the Annapolis router using the Cisco Routerand Security Device Manager (SDM) utility.
Using the SDM output from Firewall and ACL Tasks under the Configure tab, answer the followingquestions:
Which two statements would specify a permissible incoming TCP packet on a trusted interface inthis configuration?()

A.The packet has a source address of 10.79.233.107
B.The packet has a source address of 172.16.81.108
C.The packet has a source address of 198.133.219.40
D.The destination address is not specified within the inspection rule SDM_LOW

3.單項(xiàng)選擇題

This item contains several questions that you must answer. You can view these questions byclicking on the Questions button to the left. Changing questions can be accomplished by clickingthe numbers to the left of each question. In order to complete the questions, you will need to referto the SDM and the topology, neither of which is currently visible. To gain access to either thetopology or the SDM, click on the button to left side of the screen that corresponds to the sectionyou wish to access. When you have finished viewing the topology the SDM, you can return to yourquestions by clicking on the Questions button to the left.

Off Shore Industries is a large worldwide sailing charter. The company has recently upgraded itsInternet connectivity. As a recent addition to the network engineering team, you have been taskedwith documenting the active Firewall configurations on the Annapolis router using the Cisco Routerand Security Device Manager (SDM) utility. Using the SDM output from Firewall and ACL Tasksunder the Configure tab, answer the following questions:
Which statement is true?()

A.Both FastEthernet 0/0 and Serial 0/0/0 are trusted interface
B.Both FastEthernet 0/0 and Serial 0/0/0 are untrusted interfaces
C.FastEthernet 0/0 is a trusted interface and Serial 0/0/0 is an untrusted interface
D.FastEthernet 0/0 is an untrusted interface and Serial 0/0/0 is a trusted interface

4.多項(xiàng)選擇題Which three of the following network features are methods used to achieve high availability?()

A.Spanning Tree Protocol (STP)
B.Delay reduction
C.Hot Standby Routing Protocol (HSRP)
D.Dynamic routing protocols
E.Quality of Service (QoS)
F.Jitter management

5.單項(xiàng)選擇題

What can be determined about the HSRP relationship from the displayed debug output?()

A.Router 172.16.11.111 will be the active router because its HSRP priority is preferred over router172.16.11.112
B.The IP address 172.16.11.112 is the virtual HSRP router IP address
C.The nonpreempt feature is enabled on the 172.16.11.112 router
D.The IP address 172.16.11.111 is the virtual HSRP router IP address
E.Router 172.16.11.112 will be the active router because its HSRP priority is preferred over router172.16.11.111
F.The preempt feature is not enabled on the 172.16.11.111 router

最新試題

Study the exhibit carefully.Routers A and B are customer routers. Routers 1, 2, 3 and 4 are provider routers. The routers areoperating with various IOS versions. Which frame mode MPLS configuration statement is true?()

題型:單項(xiàng)選擇題

This item contains several questions that you must answer. You can view these questions byclicking on the Questions button to the left. Changing questions can be accomplished by clicking the numbers to the left of each question. In order to complete the questions, you will need to referto the SDM and the topology, neither of which is currently visible.To gain access to either the topology or the SDK click on the button to left side of the screen thatcorresponds to the section you wish to access. When you have finished viewing the topology theSDK you can return to your questions by clicking on the Questions button to the left.Which defined peer IP address an local subnet belong to Crete?()

題型:多項(xiàng)選擇題

Drag each element of the Cisco IOS Firewall Feature Set from the above and drop onto itsdescription on the below.

題型:問答題

You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()

題型:多項(xiàng)選擇題

Drag the DSL local loop topic on the left to the correct descriptions on the right.

題型:問答題

Drag the protocols that are used to distribute MPLS labels from the above to the target area on thebelow.(Not all options will be used)

題型:問答題

Network Topology Exhibit:Configuration Exhibit:NET(config)# access-list 112 deny icmp any any echo logNET(config)# access-list 112 deny imp any any redirect logNET(config)# access-list 112 deny icmp any any mask-request logNET(config)# access-list 112 permit icmp any 10.1.1.0 0.0.0.255NET(config)# interface Fa0/1NET(config-if)# ip access-group 112 inYou work as a network administrator at networkTut.com, study the exhibit carefully. Theconfiguration has been applied to router NET to mitigate the threat of certain types of ICMPbasedattacks while allowing some ICMP traffic to the corporate LAN to work. However, the configurationis incorrect. On the basis of the information in the exhibit, which configuration option wouldcorrectly configure router NET?()

題型:單項(xiàng)選擇題

As a network technician, do you know what is a recommended practice for secure configurationmanagement?()

題型:單項(xiàng)選擇題

Authentication is the process of determining if a user or identity is who they claim to be. Refer tothe exhibit. Which statement about the authentication process is correct?()

題型:單項(xiàng)選擇題

Drag and drop each management protocol on the above to the correct category on the below.

題型:問答題