多項選擇題IPSec VPN is a widely-acknowledged solution for enterprise network. Which three IPsec VPNstatements are true?()

A.IKE keepalives are unidirectional and sent every ten seconds
B.IPsec uses the Encapsulating Security Protocol (ESP) or the Authentication Header (AH)protocol for exchanging keys
C.To establish IKE SA, main mode utilizes six packets while aggressive mode utilizes only threepackets
D.IKE uses the Diffie-Hellman algorithm to generate symmetrical keys to be used by IPsec peers


您可能感興趣的試卷

你可能感興趣的試題

3.單項選擇題Which statement correctly describes IPsec VPN backup technology?()

A.The cypto isakmp keepalive command is used to configure the Stateful Switchover (SSO)protocol
B.Reverse Route Injection (RRI) is configured on at the remote site to inject the central sitenetworks
C.Each Hot Standby Routing Protocol (HSRP) standby group has two well-known MACaddresses and a virtual IP address
D.The cypto isakmp keepalive command is used to configure stateless failover

4.多項選擇題You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()

A.The crypto ACL number
B.The IPSEC mode (tunnel or transport)
C.The GRE tunnel interface IP address
D.The GRE tunnel source interface or IP address, and tunnel destination IP address
E.The MTU size of the GRE tunnel interface

5.多項選擇題

Refer to the exhibit. Which two statements about the AAA configuration are true?()

A.A good security practice is to havethe none parameter configured as the final method used toensure that no other authentication method will be used
B.If a TACACS+ server is not available, then a user connecting via the console port would not beable to gain access since no other authentication method has been defined
C.If a TACACS+ server is not available, then the user Bob could be able to enter privileged modeas long as the proper enable password is entered
D.Theaaa new-model command forces the router to override every other authentication methodpreviously configured for the router lines
E.To increase security, group radius should be used instead of group tacacs+
F.Two authentication options are prescribed by the displayedaaa authentication command

最新試題

As a network technician, do you know what is a recommended practice for secure configurationmanagement?()

題型:單項選擇題

Study the exhibit carefully.Routers A and B are customer routers. Routers 1, 2, 3 and 4 are provider routers. The routers areoperating with various IOS versions. Which frame mode MPLS configuration statement is true?()

題型:單項選擇題

Drag and drop question. The upper gives the MPLS functions, the bottom describes the planes.Drag the above items to the proper location at the below

題型:問答題

Study this exhibit carefully. What information can be derived from the SDM firewall configurationdisplayed?()

題型:單項選擇題

Which three statements accurately describe IOS Firewall configurations?()

題型:多項選擇題

Network Topology Exhibit:Configuration Exhibit:NET(config)# access-list 112 deny icmp any any echo logNET(config)# access-list 112 deny imp any any redirect logNET(config)# access-list 112 deny icmp any any mask-request logNET(config)# access-list 112 permit icmp any 10.1.1.0 0.0.0.255NET(config)# interface Fa0/1NET(config-if)# ip access-group 112 inYou work as a network administrator at networkTut.com, study the exhibit carefully. Theconfiguration has been applied to router NET to mitigate the threat of certain types of ICMPbasedattacks while allowing some ICMP traffic to the corporate LAN to work. However, the configurationis incorrect. On the basis of the information in the exhibit, which configuration option wouldcorrectly configure router NET?()

題型:單項選擇題

In computer security, AAA stands for authentication, authorization and accounting. Which optionabout the AAA authentication enable default group radius enable command is correct?()

題型:單項選擇題

This item contains several questions that you must answer. You can view these questions byclicking on the Questions button to the left. Changing questions can be accomplished by clickingthe numbers to the left of each question. In order to complete the questions, you will need to referto the SDM and the topology, neither of which is currently visible. To gain access to either thetopology or the SDK click on the button to left side of the screen that corresponds to the sectionyou wish to access. When you have finished viewing the topology the SDK you can return to yourquestions by clicking on the Questions button to the left.Which IPSec rule is used for the Olympia branch and what does it define?()

題型:多項選擇題

Drag and drop each management protocol on the above to the correct category on the below.

題型:問答題

Router NetworkTut is configured as shown below:Given the above configuration, which statement is true?()

題型:單項選擇題