多項(xiàng)選擇題An IPS sensor with3 sniffing interfaces can be configuredas:  ()

A. 3 promiscuous sensors
B. 3 inline sensors
C. 1 inline sensor, 1 promiscuous sensor
D. 2 inline sensors, 1 promiscuous sensors


您可能感興趣的試卷

你可能感興趣的試題

1.多項(xiàng)選擇題Given the topology of a server (with IP 209.165.202.150) protected behind the inside interface of an ASA/PIX,and the Internet on the outside interface. Users on the Internet need to access the server at any time, but the firewall administrator does not want to NAT the address of the server - since itis currentlya public address. Which of the following commands can be used to accomplish this? ()

A. nat (inside) 0 209.165.202.150 255.255.255.255
B. access-list no-nat permit ip host209.165.202.150 anynat(inside) 0 access-list no-nat
C. static(inside,outside) 209.165.202.150 209.165.202.150 netmask 255.255.255.255
D. no nat-control
E. nat (inside) 1 209.165.202.150 255.255.255.255

3.單項(xiàng)選擇題Select thebest answer to this qestion. ASA/PIX Active/Active failover can be used toload-balance:()

A. All traffic passing through theappliance
B. Traffic from internal networks on a per IP basis
C. Based on protocol only.
D. On a per-context basis only.

5.單項(xiàng)選擇題ASA/PIXversion 7.0 introduced ModularPolicyFramework (MPF) as anextensible wayto classify traffic,and then apply policies (or actions) to that traffic. MPF at aminimum requires which three commands?()

A. http-map, tcp-map, class-map
B. class-map, tcp-map, policy-map
C. class-map, policy-map, service-map
D. class-map, service-policy, policy-map

7.多項(xiàng)選擇題Which two are correct functions of the Cisco Anomaly Guard and Detector for preventing DDOS attacks? ()

A. uses Netflow data for anomaly detections
B. builds baseline profilesof normal operating conditions, enablingrapid identification of unusual activity that indicates an attack
C. accept events inputs from different network devicesvia syslog, SDEE and SNMP
D. dynamic diversion redirects and cleans only traffic destined for targeted devices, allowing unaffectedtraffic toflow freely and ensuring business continuity
E. pushes ACLs to network devices to only block the malicious traffic
F. using topology and configuration awareness, events from different devices are correlatedand attacks mitgitations are performed at the optimal location

8.單項(xiàng)選擇題Birthday attacks are used against which of the following?()

A. digital signatures
B. symmetric ciphering
C. hashalgoritms
D. asymmetric ciphering
E. digital certificates

9.單項(xiàng)選擇題Which of the following statements is correct regarding a hybridcrypto system?()

A. uses symmetric crypto for keys distribution
B. uses symmetric crypto for proof of origin
C. uses symmetric crypto for fast encrypted/decryption
D. uses asymmetric crypto for message confidentiality
E. uses symmetric crypto to transmit the asymmetric keys that is thenused to encrypt a session

10.多項(xiàng)選擇題When configuring IOS firewall (CBAC) operations on Cisco routers, the "inspection rule" could be applied at which two locations? ()

A. at the untrusted interfacein the inbound direction
B. atthe untrusted interface in theoutbounddirection
C. at thetrusted interface inthe inbound direction
D. at the trusted interface in the outbound direction
E. at the trusted and untrusted interfaces in the inbound direction
F. at the trusted and untrusted interfaces in the outbounddirection

最新試題

Which should be the key driver for a company security policy’s creation, implementation and enforcement?()

題型:?jiǎn)雾?xiàng)選擇題

Select the two correctstatements from the list below that describe DES and 3DES: ()

題型:多項(xiàng)選擇題

Which IOS QoS mechanism is used strictly to rate limit traffic destinedto the router itself?()

題型:?jiǎn)雾?xiàng)選擇題

Which Cisco security software product mitigates Day Zero attacks on desktops and servers - stopping known and unknown attacks without requiring reconfigurations or updates on the endpoints?()

題型:?jiǎn)雾?xiàng)選擇題

Which statements are true concerning NAT? ()

題型:多項(xiàng)選擇題

Which SSL protocol takes anapplication message tobe transmitted, fragments the datainto manageable blocks, optionally compresses the data, applies a MAC, encrypts, adds a header, and transmits the resulting unit ina TCPsegment?()

題型:?jiǎn)雾?xiàng)選擇題

CS-MARS works with which IOS feature to accomplish anomaly detection?()

題型:?jiǎn)雾?xiàng)選擇題

Which of these is the best way to provide sender non-repudiation?()

題型:?jiǎn)雾?xiàng)選擇題

Which is a benefit of implementing RFC 2827?()

題型:?jiǎn)雾?xiàng)選擇題

Since HTTP is one of the most common protocols used in the internet, what should be done at a firewall level to ensure thatthe protocol is being used correctly? ()

題型:?jiǎn)雾?xiàng)選擇題