多項選擇題IPSec VPN is a widely-acknowledged solution for enterprise network. Which three IPsec VPNstatements are true?()

A.IKE keepalives are unidirectional and sent every ten seconds
B.IPsec uses the Encapsulating Security Protocol (ESP) or the Authentication Header (AH)protocol for exchanging keys
C.To establish IKE SA, main mode utilizes six packets while aggressive mode utilizes only threepackets
D.IKE uses the Diffie-Hellman algorithm to generate symmetrical keys to be used by IPsec peers


您可能感興趣的試卷

你可能感興趣的試題

3.單項選擇題Which statement correctly describes IPsec VPN backup technology?()

A.The cypto isakmp keepalive command is used to configure the Stateful Switchover (SSO)protocol
B.Reverse Route Injection (RRI) is configured on at the remote site to inject the central sitenetworks
C.Each Hot Standby Routing Protocol (HSRP) standby group has two well-known MACaddresses and a virtual IP address
D.The cypto isakmp keepalive command is used to configure stateless failover

4.多項選擇題You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()

A.The crypto ACL number
B.The IPSEC mode (tunnel or transport)
C.The GRE tunnel interface IP address
D.The GRE tunnel source interface or IP address, and tunnel destination IP address
E.The MTU size of the GRE tunnel interface

5.多項選擇題

Refer to the exhibit. Which two statements about the AAA configuration are true?()

A.A good security practice is to havethe none parameter configured as the final method used toensure that no other authentication method will be used
B.If a TACACS+ server is not available, then a user connecting via the console port would not beable to gain access since no other authentication method has been defined
C.If a TACACS+ server is not available, then the user Bob could be able to enter privileged modeas long as the proper enable password is entered
D.Theaaa new-model command forces the router to override every other authentication methodpreviously configured for the router lines
E.To increase security, group radius should be used instead of group tacacs+
F.Two authentication options are prescribed by the displayedaaa authentication command

最新試題

Drag and drop the xDSL type on the above to the appropriate xDSL description on the below.

題型:問答題

Drag and drop each management protocol on the above to the correct category on the below.

題型:問答題

Drag each element of the Cisco IOS Firewall Feature Set from the above and drop onto itsdescription on the below.

題型:問答題

Drag and drop the steps in the process for provisioning a cable modem to connect to a headendon the above to the below in the order defined by the DOCSIS standard.

題型:問答題

As a network engineer, study the exhibit carefully. Router Net is unable to establish an ADSLconnection with its provider. Which action would correct this problem?()

題型:單項選擇題

In computer security, AAA stands for authentication, authorization and accounting. Which optionabout the AAA authentication enable default group radius enable command is correct?()

題型:單項選擇題

Study this exhibit carefully. What information can be derived from the SDM firewall configurationdisplayed?()

題型:單項選擇題

Drag and drop question. The upper gives the MPLS functions, the bottom describes the planes.Drag the above items to the proper location at the below

題型:問答題

Identify the recommended steps for worm attack mitigation by dragging and dropping them into thetarget area in the correct order.

題型:問答題

Study the exhibit carefully.Routers A and B are customer routers. Routers 1, 2, 3 and 4 are provider routers. The routers areoperating with various IOS versions. Which frame mode MPLS configuration statement is true?()

題型:單項選擇題