单选题What is true about IP Source Guard with port security?()ABinding should be manually configured.BIt is not supported if IEEE 802.1x port-based authentication is enabled.CThe DHCP server must support option 82, or the client is not assigned an IP address.DIt filters based on source IP address only.
单选题
What is true about IP Source Guard with port security?()
A
Binding should be manually configured.
B
It is not supported if IEEE 802.1x port-based authentication is enabled.
C
The DHCP server must support option 82, or the client is not assigned an IP address.
D
It filters based on source IP address only.
参考解析
解析:
暂无解析
相关考题:
What does a Layer 2 switch use to decide where to forward a received frame?() A. source MAC addressB. source IP addressC. source switch portD. destination IP addressE. destination port addressF. destination MAC address
A standard IP access list is applied to an Ethernet interface of a router. What does this standard access list filter on?() A. The source and destination addressesB. The destination port numberC. The destination addressD. The source addressE. All of the above
Your boss is learning a CCNA training course,refer to the exhibit.The access list has been configured on the S0/0 interface of router RTB in the outbound direction.Which two packets,if routed to the interface,will be denied?()access-list 101 denytcp192.168.15.320.0.0.15any eq telnetaccess-list 101 permitip any anyA.source ip address:192.168.15.5;destination port: 21B.source ip address:,192.168.15.37 destination port: 21C.source ip address:,192.168.15.41 destination port: 21D.source ip address:,192.168.15.36 destination port: 23E.source ip address:192.168.15.46;destination port: 23F.source ip address:,192.168.15.49 destination port: 23
What three pieces of information can be used in an extended access list to filter traffic (Choose three.)()。 A.protocolB.VLAN numberC.TCP or UDP port numbersD.source switch port numberE.source IP address and destination IP addressF.source MAC address and destination MAC address
根据下图,该access list被配置在路由器RTB的S0/0接口上的OUT方向,哪两个数据包会被DENY,如果被路由到该接口上的话?() A.source ip address:192.168.15.5 destination port:21B.source ip address:192.168.15.37 destination port:21C.ssource ip address192.168.15.41 destination port:21D.source ip address:192.168.15.36 destination port:23E.source ip address:192.168.15.46 destination port:23F.source ip address:192.168.15.49 destination port:23
What is true about IP Source Guard with port security?()A、Binding should be manually configured.B、It is not supported if IEEE 802.1x port-based authentication is enabled.C、The DHCP server must support option 82, or the client is not assigned an IP address.D、It filters based on source IP address only.
What is the port number of an IPsec Encapsulating Security Payfoad packet?()A、UOP port 50B、IP protocol 51C、TCP port 51D、TCP port 50E、IP protocol 50F、UDP port51
Which of the following descriptions about IP spoofing is correct?()A、IP source address is forgedB、IP destination address is forgedC、IP TCP source port is forgedD、IP TCP destination port is forgedE、None of above
Switch R1 has been configured with the root guard feature. What statement is true if the spanning tree enhancement Root Guard is enabled? ()A、 If BPDUs are not received on a non-designated port, the port is moved into the STP loop- inconsistent blocked stateB、 IF BPDUs are received on a PortFast enabled port, the port is disabled.C、 If superior BPDUs are received on a designated port, the interface is placed into the root- inconsistent blocked state.D、 If inferior BPDUs are received on a root port, all blocked ports become alternate paths to the root bride.
A standard IP access list is applied to an Ethernet interface of a router. What does this standard access list filter on?()A、The source and destination addressesB、The destination port numberC、The destination addressD、The source addressE、All of the above
You work as a network technician at Company. Your boss, Mrs., is interested in LWAPP (Lightweight Access Point Protocol). What should you tell her regarding this technology? ()A、 LWAPP is a proprietary protocol, and because of its very high overhead it is not widely adopted.B、 Control traffic is encapsulated in UDP packets with a source port of 1024 and a destination port of 12223.C、 Layer 3 LWAPP is a UDP/IP Frame that requires a Cisco Aironet AP to obtain an IP address using DHCP.D、 Data traffic is encapsulated in UDP packets with a source port of 1024 and a destination port of 12223.E、 Control traffic is encapsulated in TCP packets with a source port of 1024 and a destination port of 12223.F、 Data traffic is encapsulated in TCP packets with a source port of 1024 and a destination port of 12223.
Which of the following statements are true concerning the command ip sla monitor responder typetcpconnect ipaddress 10.1.1.1 port 23?(Choose all that apply.)()A、The command will initiate a probe with a destination IP address of 10.1.1.1B、The command is used on the IP SLA responder and the IP SLA sourceC、The command will allow only source address 10.1.1.1 to source probesD、The command will initiate a probe with a destination Telnet portE、The command is used to make the router a responderF、The command will initiate a probe with a source port of 23
You are responsible for increasing the security within the Company LAN. Of the following choices listed below, which is true regarding layer 2 security and mitigation techniques? ()A、 Enable root guard to mitigate ARP address spoofing attacks.B、 Configure DHCP spoofing to mitigate ARP address spoofing attacks.C、 Configure PVLANs to mitigate MAC address flooding attacks.D、 Enable root guard to mitigate DHCP spoofing attacks.E、 Configure dynamic APR inspection (DAI) to mitigate IP address spoofing on DHCP untrusted ports.F、 Configure port security to mitigate MAC address flooding G、 None of the other alternatives apply
What Cisco technology protects against Spanning-Tree Protocol manipulation?()A、 Spanning tree protectB、 Root Guard and BPDU GuardC、 Unicast Reverse Path ForwardingD、 MAC spoof guardE、 Port Security
What does a Layer 2 switch use to decide where to forward a received frame?()A、source MAC addressB、source IP addressC、source switch portD、destination IP addressE、destination port addressF、destination MAC address
What three pieces of information can be used in an extended access list to filter traffic (Choose three.)()。A、protocolB、VLAN numberC、TCP or UDP port numbersD、source switch port numberE、source IP address and destination IP addressF、source MAC address and destination MAC address
Which two statements are true about BPDU port-guard and BPDU filtering?()A、BPDU port-guard can be enabled globally, whereas BPDU filtering must be enabled on a per-interface basis.B、When globally enabled, BPDU port-guard and BPDU filtering apply only to PortFast enabled ports.C、When globally enabled, BPDU port-guard and BPDU filtering apply only to trunking-enabled ports.D、When a BPDU is received on a BPDU port-guard enabled port, the interface goes into the err-disabled state.E、When a BPDU is received on a BPDU filtering enabled port, the interface goes into the err-disabled state.F、When a BPDU is received on a BPDU filtering enabled port, the interface goes into the STP blocking state.
What is the port number of an IPsec Encapsulating Security Payload packet?()A、IP protocol 50B、IP protocol 51C、TCP port 50D、TCP port 51E、UDP port 50F、UDP port 51
When configuring port security on a Cisco Catalyst switch port, what is the default action taken by the switch if a violation occurs? ()A、protect (drop packets with unknown source addresses)B、restrict (increment SecurityViolation counter)C、shut down (access or trunk port)D、transition (the access port to a trunking port)
You need to configure port security on switch R1. Which two statements are true about this technology? ()A、 Port security can be configured for ports supporting VoIP.B、 With port security configured, four MAC addresses are allowed by default.C、 The network administrator must manually enter the MAC address for each device in order for the switch to allow connectivity.D、Withsecurity configured, only one MAC addresses is allowed by default. E、 Port security cannot be configured for ports supporting VoIP.
Which statement is true about source NAT?()A、Source NAT works only with source pools.B、Destination NAT is required to translate the reply traffic.C、Source NAT does not require a security policy to function.D、The egress interface IP address can be used for source NAT
单选题What is true about IP Source Guard with port security?()ABinding should be manually configured.BIt is not supported if IEEE 802.1x port-based authentication is enabled.CThe DHCP server must support option 82, or the client is not assigned an IP address.DIt filters based on source IP address only.
单选题Which of the following descriptions about IP spoofing is correct?()AIP source address is forgedBIP destination address is forgedCIP TCP source port is forgedDIP TCP destination port is forgedENone of above
单选题Which statement is true about source NAT?()ASource NAT works only with source pools.BDestination NAT is required to translate the reply traffic.CSource NAT does not require a security policy to function.DThe egress interface IP address can be used for source NAT
单选题A standard IP access list is applied to an Ethernet interface of a router. What does this standard access list filter on?()AThe source and destination addressesBThe destination port numberCThe destination addressDThe source addressEAll of the above
多选题Which of the following statements are true concerning the command ip sla monitor responder typetcpconnect ipaddress 10.1.1.1 port 23?(Choose all that apply.)()AThe command will initiate a probe with a destination IP address of 10.1.1.1BThe command is used on the IP SLA responder and the IP SLA sourceCThe command will allow only source address 10.1.1.1 to source probesDThe command will initiate a probe with a destination Telnet portEThe command is used to make the router a responderFThe command will initiate a probe with a source port of 23
单选题What Cisco technology protects against Spanning-Tree Protocol manipulation?()A Spanning tree protectB Root Guard and BPDU GuardC Unicast Reverse Path ForwardingD MAC spoof guardE Port Security
单选题Switch R1 has been configured with the root guard feature. What statement is true if the spanning tree enhancement Root Guard is enabled? ()A If BPDUs are not received on a non-designated port, the port is moved into the STP loop- inconsistent blocked stateB IF BPDUs are received on a PortFast enabled port, the port is disabled.C If superior BPDUs are received on a designated port, the interface is placed into the root- inconsistent blocked state.D If inferior BPDUs are received on a root port, all blocked ports become alternate paths to the root bride.