多項(xiàng)選擇題

Study the exhibit carefully. The Cisco IOS IPsec High Availability (IPsec HA) Enhancementsfeature provides an infrastructure for reliable and secure networks to provide transparent availability of the VPN gateways - that is, Cisco IOS Software-based routers. What are the twooptions that are used to provide High Availability IPsec?()

A.HSRP
B.Dual Router Mode (DRM) IPsec
C.IPsec Backup Peerings
D.RRI


您可能感興趣的試卷

你可能感興趣的試題

2.單項(xiàng)選擇題Which statement correctly describes IPsec VPN backup technology?()

A.The cypto isakmp keepalive command is used to configure the Stateful Switchover (SSO)protocol
B.Reverse Route Injection (RRI) is configured on at the remote site to inject the central sitenetworks
C.Each Hot Standby Routing Protocol (HSRP) standby group has two well-known MACaddresses and a virtual IP address
D.The cypto isakmp keepalive command is used to configure stateless failover

3.多項(xiàng)選擇題You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()

A.The crypto ACL number
B.The IPSEC mode (tunnel or transport)
C.The GRE tunnel interface IP address
D.The GRE tunnel source interface or IP address, and tunnel destination IP address
E.The MTU size of the GRE tunnel interface

4.多項(xiàng)選擇題

Refer to the exhibit. Which two statements about the AAA configuration are true?()

A.A good security practice is to havethe none parameter configured as the final method used toensure that no other authentication method will be used
B.If a TACACS+ server is not available, then a user connecting via the console port would not beable to gain access since no other authentication method has been defined
C.If a TACACS+ server is not available, then the user Bob could be able to enter privileged modeas long as the proper enable password is entered
D.Theaaa new-model command forces the router to override every other authentication methodpreviously configured for the router lines
E.To increase security, group radius should be used instead of group tacacs+
F.Two authentication options are prescribed by the displayedaaa authentication command

5.單項(xiàng)選擇題In computer security, AAA stands for authentication, authorization and accounting. Which optionabout the AAA authentication enable default group radius enable command is correct?()

A.If the radius server returns an error, the enable password will be used
B.If the radius server returns a ’failed’ message, the enable password will be used
C.The command login authentication group will associate the AM authentication to a specifiedinterface
D.If the group database is unavailable, the radius server will be used

6.單項(xiàng)選擇題

Authentication is the process of determining if a user or identity is who they claim to be. Refer tothe exhibit. Which statement about the authentication process is correct?()

A.The LIST1 list will disable authentication on the console port
B.All login requests will be authenticated using the group tacacs+ method
C.The default login authentication will automatically be applied to all login connections
D.Because no method list is specified, the LIST1 list will not authenticate anyone on the consoleport

7.單項(xiàng)選擇題As a network engineer, do you know for what purpose SDM uses Security Device Event Exchange(SDEE)?()

A.to provide a keepalive mechanism
B.to pull event logs from the router
C.to extract relevant SNMP information
D.to perform application-level accounting

8.單項(xiàng)選擇題As a network technician, do you know what is a recommended practice for secure configurationmanagement?()

A.Disable post scan
B.Use SSH or SSL
C.Enable trust levels
D.Deny echo replies on all edge routers

9.單項(xiàng)選擇題

Network Topology Exhibit:

Configuration Exhibit:
NET(config)# access-list 112 deny icmp any any echo log
NET(config)# access-list 112 deny imp any any redirect log
NET(config)# access-list 112 deny icmp any any mask-request log
NET(config)# access-list 112 permit icmp any 10.1.1.0 0.0.0.255
NET(config)# interface Fa0/1
NET(config-if)# ip access-group 112 in
You work as a network administrator at networkTut.com, study the exhibit carefully. The
configuration has been applied to router NET to mitigate the threat of certain types of ICMPbasedattacks while allowing some ICMP traffic to the corporate LAN to work. However, the configurationis incorrect. On the basis of the information in the exhibit, which configuration option wouldcorrectly configure router NET?()

A.The first three statements of ACL 112 should have permitted the ICMP traffic and the laststatement should deny the identified traffic
B.The last statement of ACL 112 should have been "access-list 112deny icmp any 10.2.1.00.0.0.255"
C.The last statement of ACL 112 should have been "access-list 112permit icmp any 10.2.1.00.0.0.255"
D.ACL 112 should have been applied to interface Fa0/0 in an inbound direction
E.The last statement of ACL 112 should have been "access-list 112deny icmp any 10.1.1.00.0.0.255"
F.ACL 112 should have been applied to interface Fa0/1 in an outbound direction
G.None of the above

10.單項(xiàng)選擇題Which statement about PPPoA configuration is correct?()

A.The dsl operating-mode auto command is required if the default mode has been changed
B.The ip mtu 1496 command must be applied on the dialer interface
C.The encapsulation ppp command is required
D.The ip mtu 1492 command must be applied on the dialer interface

最新試題

Match the xDSL type on the above to the most appropriate implementation on the below.

題型:?jiǎn)柎痤}

As a network engineer, study the exhibit carefully. Router Net is unable to establish an ADSLconnection with its provider. Which action would correct this problem?()

題型:?jiǎn)雾?xiàng)選擇題

Which three statements accurately describe IOS Firewall configurations?()

題型:多項(xiàng)選擇題

As a network engineer, do you know for what purpose SDM uses Security Device Event Exchange(SDEE)?()

題型:?jiǎn)雾?xiàng)選擇題

Drag each element of the Cisco IOS Firewall Feature Set from the above and drop onto itsdescription on the below.

題型:?jiǎn)柎痤}

cisco ios command to interface dialer 0

題型:?jiǎn)柎痤}

Drag the protocols that are used to distribute MPLS labels from the above to the target area on thebelow.(Not all options will be used)

題型:?jiǎn)柎痤}

Drag and drop the xDSL type on the above to the appropriate xDSL description on the below.

題型:?jiǎn)柎痤}

Identify the recommended steps for worm attack mitigation by dragging and dropping them into thetarget area in the correct order.

題型:?jiǎn)柎痤}

Drag and drop each function on the above to the hybrid fiber-coaxial architecture component that itdescribes on the below.

題型:?jiǎn)柎痤}