A.The IP inspection rule can be applied in the inbound direction on the secured interface
B.The IP inspection rule can be applied in the outbound direction on the unsecured interface
C.The ACL applied in the inbound direction on the unsecured interface should be an extendedACL.
D.For temporary openings to be created dynamically by Cisco IOS Firewall, the access-list for thereturning traffic must be a standard ACL
您可能感興趣的試卷
你可能感興趣的試題
Study this exhibit carefully. What information can be derived from the SDM firewall configurationdisplayed?()
A.Access-list 101 was configured for the trusted interface, and access-list 100 was configured forthe untrusted interface
B.Access-list 100 was configured for the trusted interface, and access-list 101 was configured forthe untrusted interface
C.Access-list 100 was configured for the inbound direction, and access-list 101 was configured forthe outbound direction on the trusted interface
D.Access-list 100 was configured for the inbound direction, and access-list 101 was configured forthe outbound direction on the untrusted interface
This item contains several questions that you must answer. You can view these questions byclicking on the Questions button to the left. Changing questions can be accomplished by clickingthe numbers to the left of each question. In order to complete the questions, you will need to referto the SDM and the topology, neither of which is currently visible. To gain access to either thetopology or the SDK click on the button to left side of the screen that corresponds to the sectionyou wish to access. When you have finished viewing the topology the SDK you can return to yourquestions by clicking on the Questions button to the left.
Which IPSec rule is used for the Olympia branch and what does it define?()
A.102
B.116
C.127
D.IP traffic sourced from 10.10.10.0/24 destined to 10.5.15.0/24 will use the VPN
E.IP traffic sourced from 10.10.10.0/24 destined to 10.8.28.0/24 will use the VPN
F.IP traffic sourced from 10.10.10.0/24 destined to 10.5.33.0/24 will use the VPN
This item contains several questions that you must answer. You can view these questions byclicking on the Questions button to the left. Changing questions can be accomplished by clicking the numbers to the left of each question. In order to complete the questions, you will need to referto the SDM and the topology, neither of which is currently visible.
To gain access to either the topology or the SDK click on the button to left side of the screen thatcorresponds to the section you wish to access. When you have finished viewing the topology theSDK you can return to your questions by clicking on the Questions button to the left.
Which defined peer IP address an local subnet belong to Crete?()
A.peer address 192.168.55.159
B.peer address 192.168.89.192
C.peer address 192.168.195.23
D.subnet 10.5.15.0/24
E.subnet 10.7.23.0/24
F.subnet 10.4.38.0/24
This item contains several questions that you must answer. You can view these questions byclicking on the Questions button to the left. Changing questions can be accomplished by clickingthe numbers to the left of each question. In order to complete the questions, you will need to referto the SDM and the topology, neither of which is currently visible.
To gain access to either the topology or the SDK click on the button to left side of the screen that Cisco 642-832: Practice Exam corresponds to the section you wish to access. When you have finished viewing the topology theSDK you can return to your questions by clicking on the Questions button to the left.
Which peer authentication method and which IPSEC mode is used to connect to the branchlocations?()
A.Digital Certificate
B.Pre-Shared Key
C.Transport Mode
D.Tunnel Mode
E.GRE/IPSEC Transport Mode
F.GRE/IPSEC Tunnel Mode
最新試題
A new router was configured with the following commands:The configuration above was found on an Internet Service Provider’s (ISP) Multiprotocol LabelSwitching (MPLS) network. What is its purpose?()
Match the xDSL type on the above to the most appropriate implementation on the below.
Study the exhibit carefully. The Cisco IOS IPsec High Availability (IPsec HA) Enhancementsfeature provides an infrastructure for reliable and secure networks to provide transparent availability of the VPN gateways - that is, Cisco IOS Software-based routers. What are the twooptions that are used to provide High Availability IPsec?()
Which statement about PPPoA configuration is correct?()
Drag the protocols that are used to distribute MPLS labels from the above to the target area on thebelow.(Not all options will be used)
Drag the IOS commands from the left that would be used to implement a GRE tunnel using the10.1.1.0.30 network on interface serial 0/0 to the correct target area on the right.
Network Topology Exhibit:Configuration Exhibit:NET(config)# access-list 112 deny icmp any any echo logNET(config)# access-list 112 deny imp any any redirect logNET(config)# access-list 112 deny icmp any any mask-request logNET(config)# access-list 112 permit icmp any 10.1.1.0 0.0.0.255NET(config)# interface Fa0/1NET(config-if)# ip access-group 112 inYou work as a network administrator at networkTut.com, study the exhibit carefully. Theconfiguration has been applied to router NET to mitigate the threat of certain types of ICMPbasedattacks while allowing some ICMP traffic to the corporate LAN to work. However, the configurationis incorrect. On the basis of the information in the exhibit, which configuration option wouldcorrectly configure router NET?()
cisco ios command to interface dialer 0
In computer security, AAA stands for authentication, authorization and accounting. Which optionabout the AAA authentication enable default group radius enable command is correct?()
Drag and drop question. The upper gives the MPLS functions, the bottom describes the planes.Drag the above items to the proper location at the below