多项选择题Cisco IOS IPS sends IPS alert messages using which two protocols? ()

A. SDEE
B. LDAP
C. SYSLOG
D. FTP
E. SNMP
F. SMTP

点击查看答案

您可能感兴趣的试卷

你可能感兴趣的试题

1.多项选择题When implementing WLAN security, what are three benefits of using the Temporal Key Integrity Protocol (TKIP) instead of WEP? ()

A. TKIP uses an advanced encryption scheme based on AES
B. TKIP provides authentication and integrity checking using Cipher Block Chaining Message Authentication Code (CBC-MAC)
C. TKIP provides per-packet keyingand a rekeying mechanism
D. TKIP provides message integrity check
E. TKIP reduces WEP’s vulnerabilities byusing different hardware encryption chipset
F. TKIP uses a 48 bit InitializationVector

点击查看答案
2.多项选择题Which three statements regarding Cisco ASAmulticast routing support are correct? ()

A. ASA supports both stubmulticast routing and PIMmulticast routing. However, you cannot configure bothconcurrently on a single security appliance
B. When configured for stubmulticast routing, the ASA can act as the Rendezvous Point (RP)
C. If the ASAdetects IGMPversion1 routers, the ASAwill automatically switch to IGMP version 1 operations.
D. The ASA supports both PIM-SM and bi-directional PIM
E. Enabling multicast routing globally on the ASA automatically enables PIM and IGMP on all interfaces
F. The ASA can be configured for IGMP snooping toconstrain theflooding of multicast traffic by dynamically configuring themulticast traffic to be forwarded only those interfaces associated with hosts requesting themulticast group

点击查看答案
3.单项选择题The key lengths for DES and 3DES, respectively, are:()

A. 128 bits and 256 bits
B. 128 bits and 384 bits
C. 1024 bits and 3072bits
D. 64 bits and 192 bits
E. 56 bits and 168 bits
F. 128 bytes and 384 bytes

点击查看答案
4.多项选择题Which algorithms did TKIP add to the 802.11 specification? ()

A. key mixing
B. AES-based encryption
C. anti-replay sequence counter
D.  message integrity check
E. cyclic redundancy check

点击查看答案
5.多项选择题Whenever a failover takes place on the ASA (configured for failover), all active connections are droppedand clients must re-establish their connections unless: ()

A. The ASA is configured for Active-Standby failover.
B.  The ASA is configured for Active-Activefailover.
C. The ASA is configured for Active-Active failover and a state failover link has been configured.
D. The ASA is configured for Active-Standby failover and a state failover link has been configured.
E. The ASA is configured to use a serial cable as the failover link.
F. The ASA is configured for LAN-Based failover

点击查看答案
6.多项选择题Whattwo things must you do onthe router before generating an SSH key with the "crypto key generate rsa"IOS command? ()

A. Configure the SSH version that the router will use
B. Configure the host name of the router
C. Enable AAA Authentication
D. Configure the default IP domain name that the router will use
E. Enable SSH transport support onthe vty lines

点击查看答案
7.单项选择题What is the main reason for using the "ip ips deny-action ips-interface" IOS command?()

A. To selectively apply drop actions to specific interfaces
B. To enable IOS to droptraffic for signatures configured with the Drop action
C. To support load-balancing configurations in which traffic can arrive via multipleinterfaces 
D. This is nota valid IOS command

点击查看答案
8.多项选择题Which of the following is true about the Cisco IOS-IPS functionality? ()

A. The signatures available are built into the IOS code.
B. Toupdate signatures youneed to install a new IOS image
C. To activate new signatures you download a new Signature DefiitionFile (SDF) from Cisco’s web site
D. Loading and enabling selected IPS signatures is user configurable
E. Cisco IOS onlyprovides Intrusion Detection functionality
F. Cisco IOS-IPS requires a network module installed in your router running sensor software

点击查看答案
9.单项选择题What is true about a Pre-Block ACLconfigured when setting up your sensor toperform IP Blocking?()

A. The Pre-Block ACL is overwritten when a blockingaction is initiatied by the sensor
B. The blocking ACL entries generated by the sensor override the Pre-Block ACL entries
C. The Pre-Block ACL entries override the blocking ACL entries generated by the sensor
D. The Pre-Block ACL is replaced by the Post-Block ACL when a blocking actionis initiated bythe sensor
E. You can not configure a Pre-Block ACL when configuring IP Blockingon your sensor

点击查看答案
10.多项选择题Which two IP multicast addresses belong to the group represented by the MAC address of 0x01-00-5E-15-6A-2C? ()

A. 224.21.106.44
B. 224.25.106.44
C. 233.149.106.44
D. 236.25.106.44
E. 239.153.106.44

点击查看答案

最新试题

When implementing internet standards you are required to follow RFC’s processes and procedures based onwhat RFC?()

题型:单项选择题

Of the threats discussed below, what is the main advantage of using Cisco Secure Desktop which is part of the Cisco ASA VPN solution?()

题型:单项选择题

In an L2TP voluntary tunneling scenario, the VPDN tunnel is terminated between:()

题型:单项选择题

Select the two correctstatements from the list below that describe DES and 3DES: ()

题型:多项选择题

Since HTTP is one of the most common protocols used in the internet, what should be done at a firewall level to ensure thatthe protocol is being used correctly? ()

题型:单项选择题

When configuring a multipoint GRE (mGRE) tunnel interface, which one of the following is NOT a valid configuration option:()

题型:单项选择题

What group in Cisco IOS does 1536-bit Diffie-Hellman prime modulus equivalent too?()

题型:单项选择题

Which ones are the two type of ciphers?()

题型:单项选择题

What are the header sizes for point-to-point and multi-point GRE(also known asmGRE) with tunnel key?()

题型:单项选择题

Which SSL protocol takes anapplication message tobe transmitted, fragments the datainto manageable blocks, optionally compresses the data, applies a MAC, encrypts, adds a header, and transmits the resulting unit ina TCPsegment?()

题型:单项选择题