A. PFS group.
B. Encryption algorithm.
C. Hashing Algorithm.
D. Authenticationmethod.
E. Lifetime duration.
您可能感兴趣的试卷
你可能感兴趣的试题
A. The sender of the message.
B. The receipient of the message.
C. The sender’s administrator who provides the sender with the PGP program.
D. A third party that belongs to what’s often known as "web of trust", that can verify the relationship between the user and the key.
E. The vendor of the PGP program.
A. tunnel source
B. tunnel destination
C. tunnel key
D. ip address
E. tunnelvrf
A. A DH key exchange is an algorithm that utilizes asymmetric cryptographic keys.
B. The DH key exchange is used to establish a shared secret over an insecure medium during an IPSec phase 1 exchange.
C. The DH exchange is susceptible to man-in-the-middle attacks.
D. The DH exchange is used to authenticate the peer device duringan IPSec phase 1 exchange.
E.A DH exchange provides Perfect Forward Secrecy (PFS).
A. 3DES is muchmore secure than DES.
B. Both DES and 3DES are stream ciphers.
C. DES uses 64 bitkeys, although the effective key lengthis only 56bits.
D. The decryption operation for both DES and 3DES is the same as the encryption operation.
E. DES can only be used for encryption, whereas 3DES can also be used for authentication.
A. The RADIUSVendor Specific Attribute type is decimal 26.
B. A radius server that does not understandthevendor-specific information sent by a clientmust reject the authentication request.
C. A vendor can freely choose theVendor-ID it wants to use when implementing Vendor Specific Attributes as long as the same Vendor-ID is used on all of its products.
D. Vendor Specific AttributeMUST include the Length field.
E. In Cisco’s Vendor Specific Attribute implementation, vendor-ID of 1 is commonly referred to as Cisco AV(Attribute Value) pairs.
F. Vendor Specific Attributes use a RADIUS attribute type between 127 and 255.
A. Access-reject
B. Access-response
C. Access-challenge
D. Access-reply
E. Access-accept
A.Prevents DoS from legimate, non-hostile end systems
B.Prevents disruption of "special services", such as Mobile IP
C.Defeats DoS Attacks which employ IPSource Address Spoofing
D.Restricts directed broadcasts at the ingress router
E.Allows DHCP or BOOTP packets to reach the relay agents asappropriate
A. Multicastis supported
B. Dynamic routing protocols are supported
C. VPN configurations are supported
D. Static routes are supported
A.Any matching state condition will result with the state being triggered
B. Once a state condition ismet, the system ceases searching further conditions and will cause the state condition to trigger
C. All specified state conditions are used as part of the requirements tobe met to for the state to trigger
D. Once the state conditions are met, they become persistent and can only be removed using the Reset feature
A. SignatureFidelity Rating
B. Alert Severity Rating
C. Exploit Probability Rating
D. Target Value Rating
E. Attack Relevancy Rating
最新试题
Since HTTP is one of the most common protocols used in the internet, what should be done at a firewall level to ensure thatthe protocol is being used correctly? ()
Of the threats discussed below, what is the main advantage of using Cisco Secure Desktop which is part of the Cisco ASA VPN solution?()
Which of the following is an example of a security technology that could be enabled by Netflow?()
What Cisco Switch feature best protects against CAM table overflow attacks?()
What Cisco technology protects against Spanning-Tree Protocol manipulation?()
What are the header sizes for point-to-point and multi-point GRE(also known asmGRE) with tunnel key?()
When configuring a multipoint GRE (mGRE) tunnel interface, which one of the following is NOT a valid configuration option:()
When implementing best practices for IP Source Address Spoofing and Defeating Denial of Service Attacks with IP SourceAddress Spoofing, what RFC is commonly usedto protect your network?()
Which is a benefit of implementing RFC 2827?()
Which IOS QoS mechanism is used strictly to rate limit traffic destinedto the router itself?()