單項(xiàng)選擇題Why is NTP an important component when implementing IPSec VPN in a PKI environment?()

A. To ensure the router has the correct time when generating its private/public key pairs.
B. To ensure the router has the correct time when checking certificate validity from the remote peers
C. To ensure the router time is sync with the remote peers for encryption keys generation
D. To ensure the router time is sync with the remote peers during theDH exchange
E. To ensure the router time is sync with the remote peers when generating the cookies during IKE phase 1


您可能感興趣的試卷

你可能感興趣的試題

1.單項(xiàng)選擇題Using FTP passive mode, after the client opens thecommand channel (port 21) to the FTP server and requests passive mode, what will be the next step? ()

A. The FTP server sends back an acknowledgment (ACK) to the client
B. The FTP server allocates a port touse for the data channel and transmit that port number to the client
C. The FTP server opens the data channel to the client using the port number indicated by the client
D. The FTP client opens the data channel to the FTP server on Port 20
E. The FTP client opens the datachannel to the FTP server on Port 21

2.多項(xiàng)選擇題Which of the following statements are true? ()

A. RC4 is a stream cipher
B. Stream ciphers require padding
C. AES is a block cipher
D. DES and 3DES are stream ciphers
E. AES is a stream cipher
F. AES, DES, and 3DES can be used as HMAC algorithms

3.多項(xiàng)選擇題Which of the following statements are true regardinghashing? ()

A. MD5 produces a 160-bit result.
B. SHA-256 is an extension to SHA-1 with a longer output.
C. MD5 takes more CPU cycles to compute than SHA-1.
D. Changing1 bit of the input to SHA-1 changes 1 bit of the output.
E. SHA-1 is stronger than MD5 because it can be used with a key to prevent modification.

4.多項(xiàng)選擇題Which two steps does a receiver perform to validate a message using HMAC? ()  

A. decrypts the received MAC using a secret key
B. compares the computed MAC vs. the MAC received
C. authenticate the receivedmessage using the sender’s public key
D. look up the sender’s public key
E. extracts the MAC from the receivedmessage thenencrypts the received message with a secret keyto producethe MAC
F. Computes the MAC using the receivedmessage and a secret key as inputs to the hash function

5.單項(xiàng)選擇題Which of the following best describes a hash function?()

A.An irreversible fast encryption method
B.A reversible fast encryption method
C.A reversible value computed from a piece of data and used to detect modifications
D.An irreversible value computed froma piece of data and used to detect modifications
E.A table inwhich values are stored for efficient retrieval.

6.單項(xiàng)選擇題What does qos pre-classify provides inregardto implementing QoS over GRE/IPSec VPN tunnels?()

A. enables IOS to copy the ToS field from the inner (original) IPheader to theouter tunnel IP header
B. enables IOS to make a copy of the inner (original) IP header and to run a QoS classification before encryption, based on fields in the inner IP header.
C. enables IOS to classify packets based on the ToS field in the inner (original) IP header
D. enables IOS to classify packets based on the ToS field in the outer tunnel IP header
E. enables the IOS classification engine to only see a single encrypted and tunneledflow to reduce classification complexity

7.多項(xiàng)選擇題Asymmetric and symmetric ciphers differ in which of the following way(s)? () 

A.Asymmetric ciphers use pre-shared keys
B.Symmetric ciphers are faster to compute
C.Asymmetric ciphers are faster to compute
D.Asymmetric ciphers use public and private

8.單項(xiàng)選擇題Which of the following is the most effective technique to prevent source IPAddress spoofing?()

A. policy based routing (PBR)
B. unicast reverse path forwarding (uRPF)
C. lock and keyACL
D. RFC 1918filtering
E. IP source routing

9.單項(xiàng)選擇題Which type of attacks can be monitored and mitigated by CS-MARS using NetFlow data?()

A. Man-in-themiddle attack
B. Spoof attack
C. Land.C attack
D. Buffer Overflow
E. Day zero attack
F. Trojan Horse

10.單項(xiàng)選擇題Which best represents a typical attackthat takes advantage of RFC 792, ICMPType 3 messages?()

A. Blind connection-reset
B. Large packet echo request
C. Packet fragmentation offset
D. Broadcast-based echo request
E. Excessive bandwidth consumption