多項選擇題Which two statements are true about the Cisco Classic (CBAC) IOS Firewall set?()

A.It can be used to block bulk encryption attacks
B.It can be used to protect against denial of service attacks
C.Traffic originating from the router is considered trusted, so it is not inspected
D.Based upon the custom firewall rules, an ACL entry is statically created and added to theexisting ACL permanently
E.Temporary ACL entries that allow selected traffic to pass are created and persist for theduration of the communication session


您可能感興趣的試卷

你可能感興趣的試題

1.單項選擇題

Refer to the exhibit. Host A has sent an ARP message to the default gateway IP address10.10.10.1. Which statement is true?()

A.DSw1 will reply with the MAC address of the next AVF
B.DSw2 will reply with the MAC address of the next AVF
C.Because of the invalid timers that are configured, DSw1 will not reply
D.Because of the invalid timers that are configured, DSw2 will not reply
E.DSw1 will reply with the IP address of the next AVF
F.DSw2 will reply with the IP address of the next AVF

2.多項選擇題

This item contains several questions that you must answer. You can view these questions byclicking on the Questions button to the left. Changing questions can be accomplished by clickingthe numbers to the left of each question. In order to complete the questions, you will need to referto the SDM and the topology, neither of which is currently visible. To gain access to either thetopology or the SDM, click on the button to left side of the screen that corresponds to the sectionyou wish to access. When you have finished viewing the topology the SDM, you can return to yourquestions by clicking on the Questions button to the left.

Off Shore Industries is a large worldwide sailing charter. The company has recently upgraded itsInternet connectivity. As a recent addition to the network engineering team, you have been taskedwith documenting the active Firewall configurations on the Annapolis router using the Cisco Routerand Security Device Manager (SDM) utility.
Using the SDM output from Firewall and ACL Tasks under the Configure tab, answer the followingquestions:
Which two statements would specify a permissible incoming TCP packet on a trusted interface inthis configuration?()

A.The packet has a source address of 10.79.233.107
B.The packet has a source address of 172.16.81.108
C.The packet has a source address of 198.133.219.40
D.The destination address is not specified within the inspection rule SDM_LOW

3.單項選擇題

This item contains several questions that you must answer. You can view these questions byclicking on the Questions button to the left. Changing questions can be accomplished by clickingthe numbers to the left of each question. In order to complete the questions, you will need to referto the SDM and the topology, neither of which is currently visible. To gain access to either thetopology or the SDM, click on the button to left side of the screen that corresponds to the sectionyou wish to access. When you have finished viewing the topology the SDM, you can return to yourquestions by clicking on the Questions button to the left.

Off Shore Industries is a large worldwide sailing charter. The company has recently upgraded itsInternet connectivity. As a recent addition to the network engineering team, you have been taskedwith documenting the active Firewall configurations on the Annapolis router using the Cisco Routerand Security Device Manager (SDM) utility. Using the SDM output from Firewall and ACL Tasksunder the Configure tab, answer the following questions:
Which statement is true?()

A.Both FastEthernet 0/0 and Serial 0/0/0 are trusted interface
B.Both FastEthernet 0/0 and Serial 0/0/0 are untrusted interfaces
C.FastEthernet 0/0 is a trusted interface and Serial 0/0/0 is an untrusted interface
D.FastEthernet 0/0 is an untrusted interface and Serial 0/0/0 is a trusted interface

4.多項選擇題Which three of the following network features are methods used to achieve high availability?()

A.Spanning Tree Protocol (STP)
B.Delay reduction
C.Hot Standby Routing Protocol (HSRP)
D.Dynamic routing protocols
E.Quality of Service (QoS)
F.Jitter management

5.單項選擇題

What can be determined about the HSRP relationship from the displayed debug output?()

A.Router 172.16.11.111 will be the active router because its HSRP priority is preferred over router172.16.11.112
B.The IP address 172.16.11.112 is the virtual HSRP router IP address
C.The nonpreempt feature is enabled on the 172.16.11.112 router
D.The IP address 172.16.11.111 is the virtual HSRP router IP address
E.Router 172.16.11.112 will be the active router because its HSRP priority is preferred over router172.16.11.111
F.The preempt feature is not enabled on the 172.16.11.111 router

6.多項選擇題

Examine the router output above. Which two items are correct?()

A.If Ethernet 0/2 goesdown, the standby router will take over
B.The local IP address of Router A is 10.1.0.6
C.When Ethernet 0/3 of RouterA comes back up, the priority will become 105
D.Router A will assume the active state if its priority is the highest
E.The local IP address of Router A is 10.1.0.20

7.多項選擇題

Refer to the exhibit. Based upon the debug output that is shown, which three statements aboutHSRP are true?()

A.The router with IP address 172.16.11.112 is using default HSRP priority
B.The IP address 172.16.11.115 is the virtual HSRP IP address
C.The priority of the router with IP address 172.16.11.112 is preferred over the router with IPaddress 172.16.11.111
D.The router with IP address 172.16.11.111 haspreempt configured
E.The final active router is the router with IP address 172.16.11.111
F.The router with IP address 172.16.11.112 has nonpreempt configured

8.多項選擇題

Refer to the exhibit. Which two problems are the most likely cause of the exhibited output?()

A.VRRP misconfiguration
B.spanning tree issues
C.transport layer issues
D.physical layer issues
E.HSRP misconfiguration

9.多項選擇題

Examine the router output above. Which two items are correct?()

A.If Ethernet 0/2 goesdown, the standby router will take over
B.The local IP address of Router A is 10.1.0.6
C.When Ethernet 0/3 of RouterA comes back up, the priority will become 105
D.Router A will assume the active state if its priority is the highest
E.The local IP address of Router A is 10.1.0.20

10.單項選擇題

What can be determined about the HSRP relationship from the displayed debug output?()

A.Router 172.16.11.111 will be the active router because its HSRP priority is preferred over router172.16.11.112
B.The IP address 172.16.11.112 is the virtual HSRP router IP address
C.The nonpreempt feature is enabled on the 172.16.11.112 router
D.The IP address 172.16.11.111 is the virtual HSRP router IP address
E.Router 172.16.11.112 will be the active router because its HSRP priority is preferred over router172.16.11.111
F.The preempt feature is not enabled on the 172.16.11.111 router

最新試題

Drag the protocols that are used to distribute MPLS labels from the above to the target area on thebelow.(Not all options will be used)

題型:問答題

Which statement about PPPoA configuration is correct?()

題型:單項選擇題

You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()

題型:多項選擇題

As a network engineer, do you know for what purpose SDM uses Security Device Event Exchange(SDEE)?()

題型:單項選擇題

IPSec VPN is a widely-acknowledged solution for enterprise network. Which three IPsec VPNstatements are true?()

題型:多項選擇題

IPSec VPN is a widely-acknowledged solution for enterprise network. What are the four steps tosetup an IPsec VPN?()

題型:單項選擇題

Study the exhibit carefully. The Cisco IOS IPsec High Availability (IPsec HA) Enhancementsfeature provides an infrastructure for reliable and secure networks to provide transparent availability of the VPN gateways - that is, Cisco IOS Software-based routers. What are the twooptions that are used to provide High Availability IPsec?()

題型:多項選擇題

Match the xDSL type on the above to the most appropriate implementation on the below.

題型:問答題

Which two encapsulation methods require that an 827 ADSL router be configured with a PPPusername and CHAP password?()

題型:多項選擇題

This item contains several questions that you must answer. You can view these questions byclicking on the Questions button to the left. Changing questions can be accomplished by clickingthe numbers to the left of each question. In order to complete the questions, you will need to referto the SDM and the topology, neither of which is currently visible. To gain access to either thetopology or the SDK click on the button to left side of the screen that corresponds to the sectionyou wish to access. When you have finished viewing the topology the SDK you can return to yourquestions by clicking on the Questions button to the left.Which IPSec rule is used for the Olympia branch and what does it define?()

題型:多項選擇題