單項選擇題

Refer to the exhibit. Based on the VPN connection shown, which statement is true?()

A.Traffic that matches access list 103 will be protected
B.This VPN configuration will not work because the tunnel IP and peer IP are the same
C.The tunnel is down because the transform set needs to include the Authentication Header parameter
D.The tunnel is down as result of being a static rule. It should be configured as a Dynamic IPsec policy


您可能感興趣的試卷

你可能感興趣的試題

3.單項選擇題How do you define the authentication method that will be used with AAA?()

A.With the method aaa command
B.With the method command
C.With a method list
D.With a method statement

5.單項選擇題

On the basis of the show policy-map type inspect zone-pair session command output provided in theexhibit.What can be determined about this Cisco IOS zone based firewall policy?()




A.Stateful packet inspection will be applied only to HTTP packets that also match ACL 110
B.This is an inbound policy(applied to traffic sourced from the less secured zone destined to the moresecured zone)
C.This is an outbound policy(applied to traffic sourced from the more secured zone destined to the lesssecured zone)
D.All packets will be dropped since the class-default traffic class is matching all traffic

6.多項選擇題When using the Cisco SDM Quick Setup Siteto-Site VPN wizard, which three parameters do you configure?()

A.Source interface where encrypted traffic originates
B.IP address for the remote peer
C.Transform set for the IPsec tunnel
D.Interface for the VPN connection

7.單項選擇題Which statement is true about a Smurf attack?()

A.It sends ping requests in segments of an invalid size
B.It intercepts the third step in a TCP three-way handshake to hijack a session
C.It sends ping requests to a subnet, requesting that devices on that subnet send ping replies to a targetsystem
D.It uses Trojan horse applications to create a distributed collection of "zombie" computers, which can beused to launch a coordinated DDoS attack

8.單項選擇題What will be disabled as a result of the no service password-recovery command?()

A.password encryption service
B.changes to the config-register setting
C.the xmodem privilege EXEC mode command to recover the Cisco IOS image
D.ROMMON

9.單項選擇題A standard access control list has been configured on a router and applied to interface Serial 0 in anoutbound direction. No ACL is applied to Interface Serial 1 on the same router. What will happen whentraffic being filtered by the access list does not match the configured ACL statements for Serial 0?()

A.The traffic is dropped
B.The resulting action is determined by the destination IP address
C.The source IP address is checked,and,if a match is not found, traffic is routed out interface Serial 1
D.The resulting action is determined by the destination IP address and port number

10.單項選擇題Regarding constructing a good encryption algorithm, what does creating an avalanche effect indicate?()

A.Altering the key length causes the ciphertext to be completely different
B.Changing only a few bits of a ciphertext message causes the plain text to be completely different
C.Altering the key length causes the plain text to be completely different
D.Changing only a few bits of a plain-text message causes the ciphertext to be completely different