A.Inoculate systems by applying update patches.
B.Limit traffic rate.
C.Apply authentication.
D.Quarantine infected machines.
E.Enable anti-spoof measures.
您可能感興趣的試卷
你可能感興趣的試題
A.Transparent tunneling must be enabled.
B.A valid root certificate must be installed.
C.A group pre-shared secret must be properly configured.
D.The option to "Allow Local LAN Access" must be selected.
A.mode configuration
B.the VPN client establishment of an ISAKMP SA
C.IPsec quick mode completion of the connection
D.VPN client initiation of the IKE phase 1 process
A.DDoS signatures
B.strong signatures
C.exploit signatures
D.numeric signatures
E.spoofing signatures
F.connection signatures
A.The IPS is in the traffic path.
B.Only one active interface is required.
C.Full benefit of an IPS will not be realized unless deployed in conjunction with an IDS.
D.When malicious traffic is detected,the IPS will only send an alert to a management station.
A.The IDS is in the traffic path.
B.The IDS can send TCP resets to the source device.
C.The IDS can send TCP resets to the destination device.
D.The IDS listens promiscuously to all traffic on the network.
E.Default operation is for the IDS to discard malicious traffic.
A.All traffic is permitted from the inbound to the outbound interface upon successful authentication of the user.
B.A specific access profile is retrieved from a TACACS+ or RADIUS server and applied to an IOS Firewall based on user provided credentials.
C.Prior to responding to a proxy ARP,the router will prompt the user for a login and password which are authenticated based on the configured AAA policy.
D.The proxy server capabilities of the IOS Firewall are enabled upon successful authentication of the user.
A.network-based application recognition (NBAR)
B.authentication proxy
C.stateful packet filtering
D.AAA services
E.proxy server
F.IPS
A.The IP inspection rule can be applied in the inbound direction on the secured interface.
B.The IP inspection rule can be applied in the outbound direction on the unsecured interface.
C.The ACL applied in the outbound direction on the unsecured interface should be an extended ACL.
D.The ACL applied in the inbound direction on the unsecured interface should be an extended ACL.
E.For temporary openings to be created dynamically by Cisco IOS Firewall,the access-list for thereturning traffic must be a standard ACL.
F.For temporary openings to be created dynamically by Cisco IOS Firewall,the IP inspection rule must be applied to the secured interface.
Refer to the exhibit. MPLS has been configured on all routers in the domain. In order for R2 and R3 to forward frames between them with label headers, what additional configuration will be required on devices that are attached to the LAN segment?()
A.Decrease the maximum MTU requirements on all router interfaces that are attached to the LAN segment.
B.Increase the maximum MTU requirements on all router interfaces that are attached to the LAN segment.
C.No additional configuration is required. Interface MTU size will be automatically adjusted to accommodate the larger size frames.
D.No additional configuration is required. Frames with larger MTU size will be automatically fragmented and forwarded on all LAN segments.
Refer to the exhibit. The show mpls interfaces detail command has been used to display information about the interfaces on router R1 that have been configured for label switching. Which statement is true about the MPLS edge router R1?()
A.Packets can be labeled and forwarded out interface Fa0/1 because of the MPLS operational status of the interface.
B.Because LSP tunnel labeling has not been enabled on interface Fa0/1, packets cannot be labeled and forwarded out interface Fa0/1.
C.Packets can be labeled and forwarded out interface Fa1/1 because MPLS has been enabled on this interface.
D.Because the MTU size is increased above the size limit, packets cannot be labeled and forwarded out interface Fa1/1.
最新試題
Which two mechanisms can be used to detect IPsec GRE tunnel failures?()
Refer to the exhibit.What does the "26" in the first two hop outputs indicate?()
What is a reason for implementing MPLS in a network?()
Refer to the exhibit.What are the two options that are used to provide High Availability IPsec?()
Which form of DSL technology is typically used as a replacement for T1 lines?()
What are two possible actions an IOS IPS can take if a packet in a session matches a signature?()
Which three techniques should be used to secure management protocols?()
What are three configurable parameters when editing signatures in Security Device Manager (SDM)?()
Refer to the exhibit. Which statement about the authentication process is true?()
Which three MPLS statements are true?()