A.The IP inspection rule can be applied in the inbound direction on the secured interface
B.The IP inspection rule can be applied in the outbound direction on the unsecured interface
C.The ACL applied in the inbound direction on the unsecured interface should be an extendedACL.
D.For temporary openings to be created dynamically by Cisco IOS Firewall, the access-list for thereturning traffic must be a standard ACL
您可能感興趣的試卷
你可能感興趣的試題
Study this exhibit carefully. What information can be derived from the SDM firewall configurationdisplayed?()
A.Access-list 101 was configured for the trusted interface, and access-list 100 was configured forthe untrusted interface
B.Access-list 100 was configured for the trusted interface, and access-list 101 was configured forthe untrusted interface
C.Access-list 100 was configured for the inbound direction, and access-list 101 was configured forthe outbound direction on the trusted interface
D.Access-list 100 was configured for the inbound direction, and access-list 101 was configured forthe outbound direction on the untrusted interface
This item contains several questions that you must answer. You can view these questions byclicking on the Questions button to the left. Changing questions can be accomplished by clickingthe numbers to the left of each question. In order to complete the questions, you will need to referto the SDM and the topology, neither of which is currently visible. To gain access to either thetopology or the SDK click on the button to left side of the screen that corresponds to the sectionyou wish to access. When you have finished viewing the topology the SDK you can return to yourquestions by clicking on the Questions button to the left.
Which IPSec rule is used for the Olympia branch and what does it define?()
A.102
B.116
C.127
D.IP traffic sourced from 10.10.10.0/24 destined to 10.5.15.0/24 will use the VPN
E.IP traffic sourced from 10.10.10.0/24 destined to 10.8.28.0/24 will use the VPN
F.IP traffic sourced from 10.10.10.0/24 destined to 10.5.33.0/24 will use the VPN
This item contains several questions that you must answer. You can view these questions byclicking on the Questions button to the left. Changing questions can be accomplished by clicking the numbers to the left of each question. In order to complete the questions, you will need to referto the SDM and the topology, neither of which is currently visible.
To gain access to either the topology or the SDK click on the button to left side of the screen thatcorresponds to the section you wish to access. When you have finished viewing the topology theSDK you can return to your questions by clicking on the Questions button to the left.
Which defined peer IP address an local subnet belong to Crete?()
A.peer address 192.168.55.159
B.peer address 192.168.89.192
C.peer address 192.168.195.23
D.subnet 10.5.15.0/24
E.subnet 10.7.23.0/24
F.subnet 10.4.38.0/24
This item contains several questions that you must answer. You can view these questions byclicking on the Questions button to the left. Changing questions can be accomplished by clickingthe numbers to the left of each question. In order to complete the questions, you will need to referto the SDM and the topology, neither of which is currently visible.
To gain access to either the topology or the SDK click on the button to left side of the screen that Cisco 642-832: Practice Exam corresponds to the section you wish to access. When you have finished viewing the topology theSDK you can return to your questions by clicking on the Questions button to the left.
Which peer authentication method and which IPSEC mode is used to connect to the branchlocations?()
A.Digital Certificate
B.Pre-Shared Key
C.Transport Mode
D.Tunnel Mode
E.GRE/IPSEC Transport Mode
F.GRE/IPSEC Tunnel Mode
最新試題
cisco ios command to interface dialer 0
Which statement correctly describes IPsec VPN backup technology?()
IPSec VPN is a widely-acknowledged solution for enterprise network. Which three IPsec VPNstatements are true?()
Drag the IOS commands from the left that would be used to implement a GRE tunnel using the10.1.1.0.30 network on interface serial 0/0 to the correct target area on the right.
Drag and drop each management protocol on the above to the correct category on the below.
Match the xDSL type on the above to the most appropriate implementation on the below.
Drag each element of the Cisco IOS Firewall Feature Set from the above and drop onto itsdescription on the below.
Drag the DSL technologies on the left to their maximum(down/up) data rate values on the below.
Network Topology Exhibit:Configuration Exhibit:NET(config)# access-list 112 deny icmp any any echo logNET(config)# access-list 112 deny imp any any redirect logNET(config)# access-list 112 deny icmp any any mask-request logNET(config)# access-list 112 permit icmp any 10.1.1.0 0.0.0.255NET(config)# interface Fa0/1NET(config-if)# ip access-group 112 inYou work as a network administrator at networkTut.com, study the exhibit carefully. Theconfiguration has been applied to router NET to mitigate the threat of certain types of ICMPbasedattacks while allowing some ICMP traffic to the corporate LAN to work. However, the configurationis incorrect. On the basis of the information in the exhibit, which configuration option wouldcorrectly configure router NET?()
Drag and drop each function on the above to the hybrid fiber-coaxial architecture component that itdescribes on the below.