多项选择题Which two are correct functions of the Cisco Anomaly Guard and Detector for preventing DDOS attacks? ()

A. uses Netflow data for anomaly detections
B. builds baseline profilesof normal operating conditions, enablingrapid identification of unusual activity that indicates an attack
C. accept events inputs from different network devicesvia syslog, SDEE and SNMP
D. dynamic diversion redirects and cleans only traffic destined for targeted devices, allowing unaffectedtraffic toflow freely and ensuring business continuity
E. pushes ACLs to network devices to only block the malicious traffic
F. using topology and configuration awareness, events from different devices are correlatedand attacks mitgitations are performed at the optimal location

点击查看答案

您可能感兴趣的试卷

你可能感兴趣的试题

1.单项选择题Birthday attacks are used against which of the following?()

A. digital signatures
B. symmetric ciphering
C. hashalgoritms
D. asymmetric ciphering
E. digital certificates

点击查看答案
2.单项选择题Which of the following statements is correct regarding a hybridcrypto system?()

A. uses symmetric crypto for keys distribution
B. uses symmetric crypto for proof of origin
C. uses symmetric crypto for fast encrypted/decryption
D. uses asymmetric crypto for message confidentiality
E. uses symmetric crypto to transmit the asymmetric keys that is thenused to encrypt a session

点击查看答案
3.多项选择题When configuring IOS firewall (CBAC) operations on Cisco routers, the "inspection rule" could be applied at which two locations? ()

A. at the untrusted interfacein the inbound direction
B. atthe untrusted interface in theoutbounddirection
C. at thetrusted interface inthe inbound direction
D. at the trusted interface in the outbound direction
E. at the trusted and untrusted interfaces in the inbound direction
F. at the trusted and untrusted interfaces in the outbounddirection

点击查看答案
4.多项选择题The CS-MARS appliance offers attackmitigatons using which twomethods?  ()

A. Automatically pushing ACLs to layer 3 devices to block the attacker’s traffic
B. Automatically pushing commands to layer 2 switches to shutdown the attacker’s ports
C. Automatically resetting the attacker’sTCP connections
D. RecommendingACLs tobe manuallypushed tolayer 3 devices such as routers/firewalls
E. Operating as an inline appliance, it automaticallyblocks malicious traffic inline
F. Working inconjuction with CSM to block the attacker’s traffic inline

点击查看答案
5.单项选择题Which of the following are not steps in setting up aTLS session? ()

A. Client sends Hello to Server listing all of its supported cipher suites
B. Server sends Hello to Client listing all of its supported cipher suites
C. Client calculates and sends encryptedpre_master_secret
D. Client and Server calculate keys from pre_master_secret
E. Server sends Change Cipher Spec to indicate a shift to encrypted mode

点击查看答案
6.单项选择题PEAP provides authentication for theEAP exchange using: ()

A. RC4
B. TLS
C. SSH
D. AES
E. 3DES

点击查看答案
7.单项选择题To enable TCP Port Forwarding applications using IOS WebVPN, what needs tobe downloaded to the client?()

A. Cisco SecurityAgent (CSA)
B. CiscoTrustAgent (CTA)
C. Cisco Secure Desktop (CSD)
D. A small Java Applet
E. SSLVPN Client (SVC)
F. SSLVPN Client (SVC) and Cisco Secure Desktop (CSD)

点击查看答案
8.单项选择题Why is NTP an important component when implementing IPSec VPN in a PKI environment?()

A. To ensure the router has the correct time when generating its private/public key pairs.
B. To ensure the router has the correct time when checking certificate validity from the remote peers
C. To ensure the router time is sync with the remote peers for encryption keys generation
D. To ensure the router time is sync with the remote peers during theDH exchange
E. To ensure the router time is sync with the remote peers when generating the cookies during IKE phase 1

点击查看答案
9.单项选择题Using FTP passive mode, after the client opens thecommand channel (port 21) to the FTP server and requests passive mode, what will be the next step? ()

A. The FTP server sends back an acknowledgment (ACK) to the client
B. The FTP server allocates a port touse for the data channel and transmit that port number to the client
C. The FTP server opens the data channel to the client using the port number indicated by the client
D. The FTP client opens the data channel to the FTP server on Port 20
E. The FTP client opens the datachannel to the FTP server on Port 21

点击查看答案
10.多项选择题Which of the following statements are true? ()

A. RC4 is a stream cipher
B. Stream ciphers require padding
C. AES is a block cipher
D. DES and 3DES are stream ciphers
E. AES is a stream cipher
F. AES, DES, and 3DES can be used as HMAC algorithms

点击查看答案

最新试题

When implementing internet standards you are required to follow RFC’s processes and procedures based onwhat RFC?()

题型:单项选择题

Which IOS QoS mechanism is used strictly to rate limit traffic destinedto the router itself?()

题型:单项选择题

For a router to obtain a certificate from a CA, what is the first stepof the certificate enrollment process?()

题型:单项选择题

Which of the following statements that describe Diffie Hellman Key exchange are correct? ()

题型:多项选择题

Which ones are the two type of ciphers?()

题型:单项选择题

Which should be the key driver for a company security policy’s creation, implementation and enforcement?()

题型:单项选择题

What Cisco technology protects against Spanning-Tree Protocol manipulation?()

题型:单项选择题

CSA protects your host by: ()

题型:单项选择题

Which statements are true concerning NAT? ()

题型:多项选择题

Which two statements are correct about the aaa authentication login default grouptacacs+ localglobal configuration command? ()

题型:多项选择题