單項(xiàng)選擇題What does qos pre-classify provides inregardto implementing QoS over GRE/IPSec VPN tunnels?()

A. enables IOS to copy the ToS field from the inner (original) IPheader to theouter tunnel IP header
B. enables IOS to make a copy of the inner (original) IP header and to run a QoS classification before encryption, based on fields in the inner IP header.
C. enables IOS to classify packets based on the ToS field in the inner (original) IP header
D. enables IOS to classify packets based on the ToS field in the outer tunnel IP header
E. enables the IOS classification engine to only see a single encrypted and tunneledflow to reduce classification complexity


您可能感興趣的試卷

你可能感興趣的試題

1.多項(xiàng)選擇題Asymmetric and symmetric ciphers differ in which of the following way(s)? () 

A.Asymmetric ciphers use pre-shared keys
B.Symmetric ciphers are faster to compute
C.Asymmetric ciphers are faster to compute
D.Asymmetric ciphers use public and private

2.單項(xiàng)選擇題Which of the following is the most effective technique to prevent source IPAddress spoofing?()

A. policy based routing (PBR)
B. unicast reverse path forwarding (uRPF)
C. lock and keyACL
D. RFC 1918filtering
E. IP source routing

3.單項(xiàng)選擇題Which type of attacks can be monitored and mitigated by CS-MARS using NetFlow data?()

A. Man-in-themiddle attack
B. Spoof attack
C. Land.C attack
D. Buffer Overflow
E. Day zero attack
F. Trojan Horse

4.單項(xiàng)選擇題Which best represents a typical attackthat takes advantage of RFC 792, ICMPType 3 messages?()

A. Blind connection-reset
B. Large packet echo request
C. Packet fragmentation offset
D. Broadcast-based echo request
E. Excessive bandwidth consumption

5.多項(xiàng)選擇題Cisco IOS IPS sends IPS alert messages using which two protocols? ()

A. SDEE
B. LDAP
C. SYSLOG
D. FTP
E. SNMP
F. SMTP

6.多項(xiàng)選擇題When implementing WLAN security, what are three benefits of using the Temporal Key Integrity Protocol (TKIP) instead of WEP? ()

A. TKIP uses an advanced encryption scheme based on AES
B. TKIP provides authentication and integrity checking using Cipher Block Chaining Message Authentication Code (CBC-MAC)
C. TKIP provides per-packet keyingand a rekeying mechanism
D. TKIP provides message integrity check
E. TKIP reduces WEP’s vulnerabilities byusing different hardware encryption chipset
F. TKIP uses a 48 bit InitializationVector

7.多項(xiàng)選擇題Which three statements regarding Cisco ASAmulticast routing support are correct? ()

A. ASA supports both stubmulticast routing and PIMmulticast routing. However, you cannot configure bothconcurrently on a single security appliance
B. When configured for stubmulticast routing, the ASA can act as the Rendezvous Point (RP)
C. If the ASAdetects IGMPversion1 routers, the ASAwill automatically switch to IGMP version 1 operations.
D. The ASA supports both PIM-SM and bi-directional PIM
E. Enabling multicast routing globally on the ASA automatically enables PIM and IGMP on all interfaces
F. The ASA can be configured for IGMP snooping toconstrain theflooding of multicast traffic by dynamically configuring themulticast traffic to be forwarded only those interfaces associated with hosts requesting themulticast group

8.單項(xiàng)選擇題The key lengths for DES and 3DES, respectively, are:()

A. 128 bits and 256 bits
B. 128 bits and 384 bits
C. 1024 bits and 3072bits
D. 64 bits and 192 bits
E. 56 bits and 168 bits
F. 128 bytes and 384 bytes

9.多項(xiàng)選擇題Which algorithms did TKIP add to the 802.11 specification? ()

A. key mixing
B. AES-based encryption
C. anti-replay sequence counter
D.  message integrity check
E. cyclic redundancy check

10.多項(xiàng)選擇題Whenever a failover takes place on the ASA (configured for failover), all active connections are droppedand clients must re-establish their connections unless: ()

A. The ASA is configured for Active-Standby failover.
B.  The ASA is configured for Active-Activefailover.
C. The ASA is configured for Active-Active failover and a state failover link has been configured.
D. The ASA is configured for Active-Standby failover and a state failover link has been configured.
E. The ASA is configured to use a serial cable as the failover link.
F. The ASA is configured for LAN-Based failover

最新試題

CSA protects your host by: ()

題型:單項(xiàng)選擇題

Which of the following statements that describe Diffie Hellman Key exchange are correct? ()

題型:多項(xiàng)選擇題

Which of the following is an example of a security technology that could be enabled by Netflow?()

題型:單項(xiàng)選擇題

When implementing best practices for IP Source Address Spoofing and Defeating Denial of Service Attacks with IP SourceAddress Spoofing, what RFC is commonly usedto protect your network?()

題型:單項(xiàng)選擇題

Choose the most correct statements about SMTP/ESMTP. ()

題型:多項(xiàng)選擇題

Which should be the key driver for a company security policy’s creation, implementation and enforcement?()

題型:單項(xiàng)選擇題

What Cisco technology protects against Spanning-Tree Protocol manipulation?()

題型:單項(xiàng)選擇題

What is true about SYN cookies?()

題型:單項(xiàng)選擇題

With PGP, which of the following entity signs a users’s public key?()

題型:單項(xiàng)選擇題

What are the header sizes for point-to-point and multi-point GRE(also known asmGRE) with tunnel key?()

題型:單項(xiàng)選擇題