單項(xiàng)選擇題Which statement best describes Cisco IOS Zone-Based Policy Firewall?()

A.A router interface can belong to multiple zones.
B.Policy maps are used to classify traffic into different traffic classes, and class maps are used to assignaction to the traffic classes.
C.The pass action works in only one direction
D.A zone-pair is bidirectional because it specifies traffic flowing among the interfaces within the zone-pair in both directions.


您可能感興趣的試卷

你可能感興趣的試題

2.單項(xiàng)選擇題As a candidate for CCNA examination, when you are familiar with the basic commands, if you input thecommand "enable secret level 5 password" in the global mode , what does it indicate?()

A.Set the enable secret command to privilege level 5
B.The enable secret password is hashed using MD5
C.The enable secret password is for accessing exec privilege level 5
D.The enable secret password is hashed using SHA
E.The enable secret password is encrypted using Cisco proprietary level 5 encryption

5.單項(xiàng)選擇題Which description about asymmetric encryption algorithms is correct?()

A.They use the same key for encryption and decryption of data.
B.They use different keys for decryption but the same key for encryption of data.
C.They use different keys for encryption and decryption of data.
D.They use the same key for decryption but different keys for encryption of data.

6.單項(xiàng)選擇題For the following items ,which one can be used to authenticate the IPsec peers during IKE Phase 1?()

A.pre-shared key
B.integrity check value
C.XAUTH
D.Diffie-Hellman Nonce

7.單項(xiàng)選擇題

Which description is correct based on the exhibit and partial configuration?()

A.All traffic destined for network 172.16.150.0 will be denied due to the implicit denyall.
B.All traffic from network 10.0.0.0 will be permitted.
C.Access-list 101 will prevent address spoofing from interface E0.
D.This ACL will prevent any host on the Internet from spoofing the inside network address as the sourceaddress for packets coming into the router from the Internet.

8.單項(xiàng)選擇題In a brute-force attack, what percentage of the keyspace must an attacker generally search through until heor she finds the key that decrypts the data?()

A.Roughly 50 percent
B.Roughly 66 percent  ActualTests.com
C.Roughly 75 percent
D.Roughly 10 percent

最新試題

Which two primary port authentication protocols are used with VSANs?()

題型:多項(xiàng)選擇題

Refer to the exhibit. Which statement is correct based on the show login command output shown?()

題型:?jiǎn)雾?xiàng)選擇題

How do you define the authentication method that will be used with AAA?()

題型:?jiǎn)雾?xiàng)選擇題

Which VoIP components can permit or deny a call attempt on the basis of a network’s available bandwidth?()

題型:?jiǎn)雾?xiàng)選擇題

Which statement is true about a Smurf attack?()

題型:?jiǎn)雾?xiàng)選擇題

When configuring SSH, which is the Cisco minimum recommended modulus value?()

題型:?jiǎn)雾?xiàng)選擇題

Which method is of gaining access to a system that bypasses normal security measures?()

題型:?jiǎn)雾?xiàng)選擇題

What are two characteristics of the SDM Security Audit wizard?()

題型:多項(xiàng)選擇題

What will be disabled as a result of the no service password-recovery command?()

題型:?jiǎn)雾?xiàng)選擇題

For the following items, which one acts as a VPN termination device and is located at a primary networklocation?()

題型:?jiǎn)雾?xiàng)選擇題