网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
What are some general guidelines regarding the placement of access control lists?()
- A、You should place standard ACLS as close as possible to the source of traffic to be denied.
- B、You should place extended ACLS as close as possible to the source of traffic to be denied.
- C、You should place standard ACLS as close as possible to the destination of traffic to be denied.
- D、You should place extended ACLS should be places as close as possible to the destination of traffic to be denied.
参考答案
更多 “What are some general guidelines regarding the placement of access control lists?()A、You should place standard ACLS as close as possible to the source of traffic to be denied.B、You should place extended ACLS as close as possible to the source of traffic to be denied.C、You should place standard ACLS as close as possible to the destination of traffic to be denied.D、You should place extended ACLS should be places as close as possible to the destination of traffic to be denied.” 相关考题
考题
What are some general guidelines regarding the placement of access control lists?()
A. You should place standard ACLS as close as possible to the source of traffic to be denied.B. You should place extended ACLS as close as possible to the source of traffic to be denied.C. You should place standard ACLS as close as possible to the destination of traffic to be denied.D. You should place extended ACLS should be places as close as possible to the destination of traffic to be denied.
考题
Which of the following are benefits provided with access control lists (ACLs)?()
A. ACLs monitor the number of bytes and packets.B. Virus detection.C. ACLs dentify interesting traffic for DDR.D. ACLs provide IP route filtering.E. ACLs provide high network availability.F. ACLs classify and organize network traffic.
考题
An Enterprise decides to implement Authentication Proxy for per-user authentication for home offices. Each home office also supports an IP Phone. What should you do?()A、Configure Access Control Lists to ensure Voice over IP traffic is checked by Auth Proxy.B、Configure pNAT to ensure Voice over IP packets are properly translated.C、Configure IOS firewall to permit RTP port numbers through the firewall via VPN. D、Configure Access Control Lists to allow Voice over IP traffic to bypass Auth Proxy checking.
考题
You work as a network technician at Company. Your boss, Mrs., is interested in LWAPP (Lightweight Access Point Protocol). What should you tell her regarding this technology? ()A、 LWAPP is a proprietary protocol, and because of its very high overhead it is not widely adopted.B、 Control traffic is encapsulated in UDP packets with a source port of 1024 and a destination port of 12223.C、 Layer 3 LWAPP is a UDP/IP Frame that requires a Cisco Aironet AP to obtain an IP address using DHCP.D、 Data traffic is encapsulated in UDP packets with a source port of 1024 and a destination port of 12223.E、 Control traffic is encapsulated in TCP packets with a source port of 1024 and a destination port of 12223.F、 Data traffic is encapsulated in TCP packets with a source port of 1024 and a destination port of 12223.
考题
Which location will be recommended for extended or extended named ACLs?()A、when using the established keyword,a location close to the destination point to ensure that return trafficis allowedB、an intermediate location to filter as much traffic as possible ActualTests.comC、a location as close to the source traffic as possibleD、a location as close to the destination traffic as possible
考题
What three pieces of information can be used in an extended access list to filter traffic (Choose three.)()。A、protocolB、VLAN numberC、TCP or UDP port numbersD、source switch port numberE、source IP address and destination IP addressF、source MAC address and destination MAC address
考题
What should you do to reduce spanning-tree protocol BPDU traffic during extended periods ofinstability in your VLANs?()A、Combine all the VLAN spanning trees into a single spanning treeB、Set forward delay and max-age timers to the maximum possible valuesC、None of the choicesD、Change the router VTP server modeE、Disable the root bridge
考题
Which two statements are true about trust boundaries?()A、Classifying and marking traffic should be done as close to the traffic source as possible. B、Classifying and marking traffic should be done at the distribution layer.C、Traffic is classified and marked as it travels through the network.D、If untrusted traffic enters a switch, it can be marked with a new QoS value appropriate for the policy in place.E、The trust boundary moves depending on the type of traffic entering the network.
考题
What is true about access control on bridged and routed VLAN traffic? ()A、 Router ACLs can be applied to the input and output directions of a VLAN interface.B、 Bridged ACLs can be applied to the input and output directions of a VLAN interface.C、 Only router ACLs can be applied to a VLAN interface.D、 VLAN maps and router ACLs can be used in combination.E、 VLAN maps can be applied to a VLAN interface
考题
What is true of standard access control lists when applied to an interface to control inbound or outbound traffic?()A、The best match of the ACL entries will be used for granularity of control.B、They use source IP information for matching operations.C、They use source and destination IP information for matching operations.D、They use source IP information along with protocol-type information for finer granularity of control.
考题
What is true about access control on bridged and routed VLAN traffic?()A、Router ACLs can be applied to the input and output directions of a VLAN interfaceB、Bridged ACLs can be applied to the input and output directions of a VLAN interfaceC、Only router ACLs can be applied to a VLAN interfaceD、VLAN maps and router ACLs can be used in combinationE、VLAN maps can be applied to a VLAN interfac
考题
Which two statements are true about the implementation of QoS? ()A、 Implementing DiffServ involves the configuration of RSVP.B、 Implementing IntServ allows QoS to be performed by configuring only the ingress and egress devices.C、 Implementing IntServ involves the utilization of RSVP.D、 Traffic should be classified and marked by the core network devices.E、 Traffic should be classified and marked as close to the edge of the network as possible.
考题
Your Cisco network currently runs OSPF and you have a need to policy-route some specific traffic,regardless of what the routing table shows. Which one of these options would enable you to policy-route the traffic?()A、source IP address and the protocol (such as SSL,HTTPS,SSH)B、the packet Time to Live and the source IP addressC、type of service header and DSCP valueD、destination IP address
考题
You need to design a PKI that meets business requirements. What should you do?()A、Move ATLCA1 offline and create an enterprise subordinate CA to issue certificatesB、Create a stand-alone subordinate CA to issue certificatesC、Use a qualified subordinate CAD、Configure certificate template access control lists (ACLs) on ATLCA1
考题
You need to provide users in the research department access to different functions of the Web-based research application based on individual user roles. What should you do?()A、Use Windows directory service mapper and enable Microsoft .NET Passport authenticationB、Create authorization rules and scopes by using Authorization ManagerC、Use one-to-many client certificate mappingD、Define permissions by using access control lists (ACLs)
考题
Cer-tech .com has a server named Server01.Server01 runs Windows Server 2008.A web server(IIS) roleis also installed on Server01.A public website is hosted on Server01.While monitoring the traffic on thepublic site,you notice an unusual high volume of traffic on the website. You need to find the source of thetraffic. What should you do to achieve this objective?()A、Open the IIS server manager and enable website logging to filter the logs for the source IP addressB、Install a third-party traffic analysis software to view the source IP address of the trafficC、Execute net session - at command on the serverD、Execute net stat/all command to view the traffic statisticsE、None of the above
考题
You are designing a strategy to allow users to gain VPN access to the internal network. What should you do?()A、 Allow all inbound VPN traffic to pass through the internal firewall and the perimeter firewall.B、 Allow all inbound VPN traffic to pass through the perimeter firewall only.C、 Allow all VPN traffic from the source IP address of 131.107.1.14 to pass through the internal firewall.D、 Allow all VPN traffic from the source IP address of 191.168.1.0/24 to pass through the perimeter firewall.
考题
You are designing the placement of the PDC emulator operations master role. In which location or locations should you place the role?()A、 SydneyB、 MelbourneC、 PerthD、 BerlinE、 Paris
考题
多选题You work as a network technician at Company. Your boss, Mrs., is interested in LWAPP (Lightweight Access Point Protocol). What should you tell her regarding this technology? ()ALWAPP is a proprietary protocol, and because of its very high overhead it is not widely adopted.BControl traffic is encapsulated in UDP packets with a source port of 1024 and a destination port of 12223.CLayer 3 LWAPP is a UDP/IP Frame that requires a Cisco Aironet AP to obtain an IP address using DHCP.DData traffic is encapsulated in UDP packets with a source port of 1024 and a destination port of 12223.EControl traffic is encapsulated in TCP packets with a source port of 1024 and a destination port of 12223.FData traffic is encapsulated in TCP packets with a source port of 1024 and a destination port of 12223.
考题
单选题Cer-tech .com has a server named Server01.Server01 runs Windows Server 2008.A web server(IIS) roleis also installed on Server01.A public website is hosted on Server01.While monitoring the traffic on thepublic site,you notice an unusual high volume of traffic on the website. You need to find the source of thetraffic. What should you do to achieve this objective?()A
Open the IIS server manager and enable website logging to filter the logs for the source IP addressB
Install a third-party traffic analysis software to view the source IP address of the trafficC
Execute net session - at command on the serverD
Execute net stat/all command to view the traffic statisticsE
None of the above
考题
多选题Which two statements are true about trust boundaries?()AClassifying and marking traffic should be done as close to the traffic source as possible.BClassifying and marking traffic should be done at the distribution layer.CTraffic is classified and marked as it travels through the network.DIf untrusted traffic enters a switch, it can be marked with a new QoS value appropriate for the policy in place.EThe trust boundary moves depending on the type of traffic entering the network.
考题
多选题What are some general guidelines regarding the placement of access control lists?()AYou should place standard ACLS as close as possible to the source of traffic to be denied.BYou should place extended ACLS as close as possible to the source of traffic to be denied.CYou should place standard ACLS as close as possible to the destination of traffic to be denied.DYou should place extended ACLS should be places as close as possible to the destination of traffic to be denied.
考题
单选题You are designing the placement of the PDC emulator operations master role. In which location or locations should you place the role?()A
SydneyB
MelbourneC
PerthD
BerlinE
Paris
考题
单选题What is true of standard access control lists when applied to an interface to control inbound or outbound traffic?()A
The best match of the ACL entries will be used for granularity of control.B
They use source IP information for matching operations.C
They use source and destination IP information for matching operations.D
They use source IP information along with protocol-type information for finer granularity of control.
考题
单选题Which location will be recommended for extended or extended named ACLs?()A
when using the established keyword,a location close to the destination point to ensure that return trafficis allowedB
an intermediate location to filter as much traffic as possible ActualTests.comC
a location as close to the source traffic as possibleD
a location as close to the destination traffic as possible
考题
单选题You are designing a strategy to allow users to gain VPN access to the internal network. What should you do?()A
Allow all inbound VPN traffic to pass through the internal firewall and the perimeter firewall.B
Allow all inbound VPN traffic to pass through the perimeter firewall only.C
Allow all VPN traffic from the source IP address of 131.107.1.14 to pass through the internal firewall.D
Allow all VPN traffic from the source IP address of 191.168.1.0/24 to pass through the perimeter firewall.
考题
多选题Which of the following are benefits provided with access control lists (ACLs)?()AACLs monitor the number of bytes and packets.BVirus detection.CACLs dentify interesting traffic for DDR.DACLs provide IP route filtering.EACLs provide high network availability.FACLs classify and organize network traffic.
热门标签
最新试卷
