多項選擇題Whenever a failover takes place on the ASA (configured for failover), all active connections are droppedand clients must re-establish their connections unless: ()

A. The ASA is configured for Active-Standby failover.
B.  The ASA is configured for Active-Activefailover.
C. The ASA is configured for Active-Active failover and a state failover link has been configured.
D. The ASA is configured for Active-Standby failover and a state failover link has been configured.
E. The ASA is configured to use a serial cable as the failover link.
F. The ASA is configured for LAN-Based failover


您可能感興趣的試卷

你可能感興趣的試題

1.多項選擇題Whattwo things must you do onthe router before generating an SSH key with the "crypto key generate rsa"IOS command? ()

A. Configure the SSH version that the router will use
B. Configure the host name of the router
C. Enable AAA Authentication
D. Configure the default IP domain name that the router will use
E. Enable SSH transport support onthe vty lines

2.單項選擇題What is the main reason for using the "ip ips deny-action ips-interface" IOS command?()

A. To selectively apply drop actions to specific interfaces
B. To enable IOS to droptraffic for signatures configured with the Drop action
C. To support load-balancing configurations in which traffic can arrive via multipleinterfaces 
D. This is nota valid IOS command

3.多項選擇題Which of the following is true about the Cisco IOS-IPS functionality? ()

A. The signatures available are built into the IOS code.
B. Toupdate signatures youneed to install a new IOS image
C. To activate new signatures you download a new Signature DefiitionFile (SDF) from Cisco’s web site
D. Loading and enabling selected IPS signatures is user configurable
E. Cisco IOS onlyprovides Intrusion Detection functionality
F. Cisco IOS-IPS requires a network module installed in your router running sensor software

4.單項選擇題What is true about a Pre-Block ACLconfigured when setting up your sensor toperform IP Blocking?()

A. The Pre-Block ACL is overwritten when a blockingaction is initiatied by the sensor
B. The blocking ACL entries generated by the sensor override the Pre-Block ACL entries
C. The Pre-Block ACL entries override the blocking ACL entries generated by the sensor
D. The Pre-Block ACL is replaced by the Post-Block ACL when a blocking actionis initiated bythe sensor
E. You can not configure a Pre-Block ACL when configuring IP Blockingon your sensor

5.多項選擇題Which two IP multicast addresses belong to the group represented by the MAC address of 0x01-00-5E-15-6A-2C? ()

A. 224.21.106.44
B. 224.25.106.44
C. 233.149.106.44
D. 236.25.106.44
E. 239.153.106.44

6.單項選擇題A network administrator is using a LAN analyzer to troubleshoot OSPF router exchange messages sent to ALLOSPF ROUTERS. To what MAC address are these messages sent?()

A. 00-00-1C-EF-00-00
B. 01-00-5E-00-00-05
C. 01-00-5E-EF-00-00
D. EF-FF-FF-00-00-05
E. EF-00-00-FF-FF-FF
F. FF-FF-FF-FF-FF-FF

7.單項選擇題According to RFC 3180, what is the correct GLOP address for AS456?()

A. 224.0.4.86
B. 224.4.86.0
C. 233.1.200.0
D. 239.2.213.0
E. 239.4.5.6

8.多項選擇題What are two important guidelines to follow when implementing VTP?()

A. CDPmust be enabled on all switches in theVTP management domain.
B. All switches in the VTPdomain must run the same version of VTP.
C. When using secure mode VTP, only configure management domain passwords onVTP servers.
D. EnablingVTP pruning on a server willenable the feature for the entire management domain.
E. Use of theVTPmulti-domain feature should be restricted to migration and temporary implementation.

9.多項選擇題What are two key characteristics of VTP? ()

A.VTP messages are sent out all switch-switch connections.
B.VTP L2 messages are communicated to neighbors using CDP.
C.VTP manages addition, deletion, and renaming of VLANs 1 to 4094.
D.VTP pruning restricts flooded traffic, increasing available bandwidth.
E.VTP V2 can only be used in a domain consisting of V2 capable switches.
F.VTP V2 performs consistency checks on all sources of VLAN information.

10.單項選擇題How doTCP SYN attacks take advantage ofTCPto prevent new connections from being established to a host under attack?()

A.These attacks send multiple FIN segments forcing TCP connection release.
B.These attacks fill up a hosts’ listen queue by failing to ACK partially openedTCPconnections.
C.These attacks take advantage of the hosts transmit backoff algorithm by sending jam signals to the host.
D.These attacks increment the ISN of each segment by a random number causing constant TCP retransmissions.
E.These attacks send TCP RST segments in response toconnection SYN+ACK segments forcing SYN retransmissions.




最新試題

Select the two correctstatements from the list below that describe DES and 3DES: ()

題型:多項選擇題

When implementing best practices for IP Source Address Spoofing and Defeating Denial of Service Attacks with IP SourceAddress Spoofing, what RFC is commonly usedto protect your network?()

題型:單項選擇題

CSA protects your host by: ()

題型:單項選擇題

ASDM on the ASA platform is executed as:()

題型:單項選擇題

Since HTTP is one of the most common protocols used in the internet, what should be done at a firewall level to ensure thatthe protocol is being used correctly? ()

題型:單項選擇題

Which one of the following is NOT a supported IKE attribute?()

題型:單項選擇題

Which Cisco security software product mitigates Day Zero attacks on desktops and servers - stopping known and unknown attacks without requiring reconfigurations or updates on the endpoints?()

題型:單項選擇題

Cisco Clean Access ensures that computers connecting to your network have which of the following?()

題型:單項選擇題

Which one of the following is NOT a valid RADIUS packet type?()

題型:單項選擇題

What Cisco technology protects against Spanning-Tree Protocol manipulation?()

題型:單項選擇題