网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
单选题
Which attribute is required for all IKE phase 2 negotiations?()
A
proxy-ID
B
preshared key
C
Diffie-Hellman group key
D
main or aggressive mode
参考答案
参考解析
解析:
暂无解析
更多 “单选题Which attribute is required for all IKE phase 2 negotiations?()A proxy-IDB preshared keyC Diffie-Hellman group keyD main or aggressive mode” 相关考题
考题
多选题Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?()Adata integrityBdata confidentialityCdata authenticationDouter IP header confidentialityEouter IP header authentication
考题
单选题Where do you configure SCREEN options?()A
zones on which an attack might arriveB
zones you want to protect from attackC
interfaces on which an attack might arriveD
interfaces you want to protect from attack
考题
单选题Using a policy with the policy-rematch flag enabled, what happens to the existing and newsessions when you change the policy action from permit to deny?()A
The new sessions matching the policy are denied. The existing sessions are dropped.B
The new sessions matching the policy are denied. The existing sessions, not being allowed to carry any traffic, simply timeout.C
The new sessions matching the policy might be allowed through if they match another policy. The existing sessions are dropped.D
The new sessions matching the policy are denied. The existing sessions continue until they are completed or their timeout is reached.
考题
单选题Regarding a route-based versus policy-based IPsec VPN, which statement is true?()A
A route-based VPN generally uses less resources than a policy-based VPN.B
A route-based VPN cannot have a deny action in a policy; a policy-based VPN can have a deny action.C
A route-based VPN is better suited for dialup or remote access compared to a policy-based VPN.D
A route-based VPN uses a policy referencing the IPsec VPN; a policy-based VPN policy does not use apolicy referencing the IPsec VPN
考题
单选题Which type of source NAT is configured in the exhibit?() [edit security nat destination] user@host# show pool A { address 10.1.10.5/32; } rule-set 1 { from zone untrust; rule 1A { match { destination-address 100.0.0.1/32; } then { destination-nat pool A; } } }A
static destination NATB
static source NATC
pool-based destination NAT without PATD
pool-based destination NAT with PAT
考题
单选题A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in azone called UNTRUST to the address book entry Server in a zone called TRUST.However, the administrator does not want the server to be able to initiate any type of traffic from the TRUSTzone to the UNTRUST zone. Which configuration would correctly accomplish this task?()A
AB
BC
CD
D
考题
单选题By default, which condition would cause a session to be removed from the session table?()A
Route entry for the session changed.B
Security policy for the session changed.C
The ARP table entry for the source IP address timed out.D
No traffic matched the session during the timeout period.
考题
单选题Which IDP policy action closes the connection and sends an RST packet to both the client and the server?()A
close-connectionB
terminate-connectionC
close-client-and-serverD
terminate-session
热门标签
最新试卷