Refer to the exhibit. You are the network security administrator responsible for router security.Your networkuses internal IP addressing according to RFC 1918 specifications.From the default rules shown,whichaccess control list would prevent IP address spoofing of these internal networks?()
A.SDM_Default_197
B.SDM_Default_199
C.SDM_Default_196
D.SDM_Default_198
您可能感兴趣的试卷
你可能感兴趣的试题
A.With the method aaa command
B.With the method command
C.With a method list
D.With a method statement
A.SenderBase
B.TrafMon
C.IronPort M-Series
D.E-Base
On the basis of the show policy-map type inspect zone-pair session command output provided in theexhibit.What can be determined about this Cisco IOS zone based firewall policy?()
A.Stateful packet inspection will be applied only to HTTP packets that also match ACL 110
B.This is an inbound policy(applied to traffic sourced from the less secured zone destined to the moresecured zone)
C.This is an outbound policy(applied to traffic sourced from the more secured zone destined to the lesssecured zone)
D.All packets will be dropped since the class-default traffic class is matching all traffic
A.Source interface where encrypted traffic originates
B.IP address for the remote peer
C.Transform set for the IPsec tunnel
D.Interface for the VPN connection
A.It sends ping requests in segments of an invalid size
B.It intercepts the third step in a TCP three-way handshake to hijack a session
C.It sends ping requests to a subnet, requesting that devices on that subnet send ping replies to a targetsystem
D.It uses Trojan horse applications to create a distributed collection of "zombie" computers, which can beused to launch a coordinated DDoS attack
A.password encryption service
B.changes to the config-register setting
C.the xmodem privilege EXEC mode command to recover the Cisco IOS image
D.ROMMON
A.The traffic is dropped
B.The resulting action is determined by the destination IP address
C.The source IP address is checked,and,if a match is not found, traffic is routed out interface Serial 1
D.The resulting action is determined by the destination IP address and port number
A.Altering the key length causes the ciphertext to be completely different
B.Changing only a few bits of a ciphertext message causes the plain text to be completely different
C.Altering the key length causes the plain text to be completely different
D.Changing only a few bits of a plain-text message causes the ciphertext to be completely different
A.requires the Basic or Advanced Signature Definition File
B.uses the built-in signatures that come with the Cisco IOS image as backup
C.supports SDEE,SYSLOG,and SNMP for sending Cisco IPS alerts
D.uses Cisco IPS 5.x signature format
A.The port’s violation mode is set to restrict
B.The port is shut down
C.The MAC address table is cleared and the new MAC address is entered into the table
D.The port remains enabled, but bandwidth is throttled until old MAC addresses are aged out
最新试题
Please choose the correct description about Cisco Self-Defending Network characteristics.()
What are two characteristics of the SDM Security Audit wizard?()
When configuring role-based CLI on a Cisco router,which action will be taken first ?()
A standard access control list has been configured on a router and applied to interface Serial 0 in anoutbound direction. No ACL is applied to Interface Serial 1 on the same router. What will happen whentraffic being filtered by the access list does not match the configured ACL statements for Serial 0?()
During role-based CLI configuration, what must be enabled before any user views can be created?()
Which one of the aaa accounting commands can be used to enable logging of both the start and stoprecords for user terminal sessions on the router?()
Which statement is correct regarding the aaa configurations based on the exhibit provided?()
What is a static packet-filtering firewall used for ?()
On the basis of the show policy-map type inspect zone-pair session command output provided in theexhibit.What can be determined about this Cisco IOS zone based firewall policy?()
Which VoIP components can permit or deny a call attempt on the basis of a network’s available bandwidth?()