单项选择题

On the basis of the show policy-map type inspect zone-pair session command output provided in theexhibit.What can be determined about this Cisco IOS zone based firewall policy?()




A.Stateful packet inspection will be applied only to HTTP packets that also match ACL 110
B.This is an inbound policy(applied to traffic sourced from the less secured zone destined to the moresecured zone)
C.This is an outbound policy(applied to traffic sourced from the more secured zone destined to the lesssecured zone)
D.All packets will be dropped since the class-default traffic class is matching all traffic

点击查看答案

您可能感兴趣的试卷

你可能感兴趣的试题

1.多项选择题When using the Cisco SDM Quick Setup Siteto-Site VPN wizard, which three parameters do you configure?()

A.Source interface where encrypted traffic originates
B.IP address for the remote peer
C.Transform set for the IPsec tunnel
D.Interface for the VPN connection

点击查看答案
2.单项选择题Which statement is true about a Smurf attack?()

A.It sends ping requests in segments of an invalid size
B.It intercepts the third step in a TCP three-way handshake to hijack a session
C.It sends ping requests to a subnet, requesting that devices on that subnet send ping replies to a targetsystem
D.It uses Trojan horse applications to create a distributed collection of "zombie" computers, which can beused to launch a coordinated DDoS attack

点击查看答案
3.单项选择题What will be disabled as a result of the no service password-recovery command?()

A.password encryption service
B.changes to the config-register setting
C.the xmodem privilege EXEC mode command to recover the Cisco IOS image
D.ROMMON

点击查看答案
4.单项选择题A standard access control list has been configured on a router and applied to interface Serial 0 in anoutbound direction. No ACL is applied to Interface Serial 1 on the same router. What will happen whentraffic being filtered by the access list does not match the configured ACL statements for Serial 0?()

A.The traffic is dropped
B.The resulting action is determined by the destination IP address
C.The source IP address is checked,and,if a match is not found, traffic is routed out interface Serial 1
D.The resulting action is determined by the destination IP address and port number

点击查看答案
5.单项选择题Regarding constructing a good encryption algorithm, what does creating an avalanche effect indicate?()

A.Altering the key length causes the ciphertext to be completely different
B.Changing only a few bits of a ciphertext message causes the plain text to be completely different
C.Altering the key length causes the plain text to be completely different
D.Changing only a few bits of a plain-text message causes the ciphertext to be completely different

点击查看答案
6.单项选择题Which item is correct regarding Cisco IOS IPS on Cisco IOS Release 12.4(11)T and later ?()

A.requires the Basic or Advanced Signature Definition File
B.uses the built-in signatures that come with the Cisco IOS image as backup
C.supports SDEE,SYSLOG,and SNMP for sending Cisco IPS alerts
D.uses Cisco IPS 5.x signature format

点击查看答案
7.单项选择题After enabling port security on a Cisco Catalyst switch, what is the default action when the configuredmaximum of allowed MAC addresses value is exceeded?()

A.The port’s violation mode is set to restrict
B.The port is shut down
C.The MAC address table is cleared and the new MAC address is entered into the table
D.The port remains enabled, but bandwidth is throttled until old MAC addresses are aged out

点击查看答案
8.单项选择题Stream ciphers run on which of the following?()

A.Fixed-length groups of digits called blocks
B.Individual blocks,one at a time,with the transformations varying during the encryption
C.Individual digits,one at a time,with the transformations varying during the encryption
D.Fixed-length groups of bits called blocks

点击查看答案
9.单项选择题What is the objective of the aaa authentication login console-in local command?()

A.It specifies the login authentication method list named console-in using the local user database on the router
B.It specifies the login authorization method list named console-in using the local RADIUS username-password data base
C.It specifies the login authentication list named console-in using the local username- password data base on the router
D.It specifies the login authorization method list named console-in using the local username- password data base on the router

点击查看答案
10.多项选择题Which statement best describes the Turbo ACL feature? ()

A.The Turbo ACL feature processes ACLs into lookup tables for greater efficiency
B.The Turbo ACL feature leads to increased latency, because the time it takes to match the packet isvariable
C.The Turbo ACL feature leads to reduced latency, because the time it takes to match the packet is fixedand consistent
D.Turbo ACLs increase the CPU load by matching the packet to a predetermined list

点击查看答案

最新试题

Which type of MAC address is dynamically learned by a switch port and then added to the switch’s runningconfiguration?()

题型:单项选择题

If you click the Configure button along the top of Cisco SDM is graphical interface,which Tasks buttonpermits you to configure such features as SSH, NTP, SNMP, and syslog?()

题型:单项选择题

Refer to the exhibit. Which statement is correct based on the show login command output shown?()

题型:单项选择题

For the following options, which feature is the foundation of Cisco Self-Defending Network technology?()

题型:单项选择题

Regarding constructing a good encryption algorithm, what does creating an avalanche effect indicate?()

题型:单项选择题

What will be disabled as a result of the no service password-recovery command?()

题型:单项选择题

Which option ensures that data is not modified in transit?()

题型:单项选择题

Which three are distinctions between asymmetric and symmetric algorithms? ()

题型:多项选择题

In an IEEE 802.1x deployment,between which two devices EAPOL messages typically are sent?()

题型:单项选择题

Which information is stored in the stateful session flow table while using a stateful firewall?()

题型:单项选择题