IPsec, also known as the internet Protocol ( ) , defines the architecture for security services for IP network traffic IPsec describes the framework for providing security a the IP layer, as well as the suite of protocols designed to provide that security: through_ ( )_ and encryption of IP network packets. IPec can be used 10 protect network data, for example, by setting up circuits using IPsec ( ), in which all data being sent between two endpoints is encrypted, as with a Virtual (请作答此空) Network connection ;for encrypting application layer data ;and for providing security for routers sending routing data across the public internet. Internet traffic can also be secured from host to host without the use of IPsec, for example by encryption at the ( ) layer with HTTP Secure (TTPS)or an the transport layer wit the Transport Layer Security (TLS)protocol.A.pubic]B.private]C.personalD.proper
IPsec, also known as the internet Protocol ( ) , defines the architecture for security services for IP network traffic IPsec describes the framework for providing security a the IP layer, as well as the suite of protocols designed to provide that security: through_ ( )_ and encryption of IP network packets. IPec can be used 10 protect network data, for example, by setting up circuits using IPsec ( ), in which all data being sent between two endpoints is encrypted, as with a Virtual (请作答此空) Network connection ;for encrypting application layer data ;and for providing security for routers sending routing data across the public internet. Internet traffic can also be secured from host to host without the use of IPsec, for example by encryption at the ( ) layer with HTTP Secure (TTPS)or an the transport layer wit the Transport Layer Security (TLS)protocol.
A.pubic]
B.private]
C.personal
D.proper
B.private]
C.personal
D.proper
参考解析
解析:
相关考题:
TCP/IP(71)layer protocols provide services to the application(72)running on a computer. The application layer does not define the application itself, but rather it defines(73)that applications need--like the ability to transfer a file in the case of HTTP. In short, the application layer provides an(74)between software running on a computer and the network itself. The TCP/IP application layer includes a relatively large number of protocols, with HTTP being only one of those. The TCP/IP(75)layer consists of two main protocol options--the Transmission Control Protocol(TCP) and the User Datagram Protocol(UDP).A.applicationB.transportC.linkD.network
TCP/IP is a communication protocol, which provides many different networking services. The TCP/IP Internet protocol suite is formed from two standards: the TCP (Transmission Control Protocol) and the IP(Internet Protocol).(72) means it is on the transport layer.A.ISOB.IPC.OSID.TCP
While the Internet is inherently insecure, businesses still need to preserve the privacy of data as it travels over the network. To help do that, the Internet Engineering Task Force an international group of network designers, operators, vendors, and researchers concerned with the evolution of(71)has developed a suite of(72)called Internet Protocol Security(IPSec).IPSec creates a standard platform. to develop secure networks and electronic(73)between two machines. Secure tunneling via IPSec creates(74)connections in a network through which data packets can move. It creates these tunnels between remote users and within a local network. It also(75)each data packet in a new packet that contains the information neccessary to set up, maintain and tear down the tunnel when it's no longer needed.A.channelsB.Web browserC.Internet dataD.Internet architecture
● TCP/IP (71) layer protocols provide services to the application (72) running on a computer. The application layer does not define the application itself, but rather it defines (73) that applications need—like the ability to transfer a file in the case of HTTP. In short, the application layer provides an (74) between software running on a computer and the network itself. The TCP/IP application layer includes a relatively large number of protocols, with HTTP being only one of those. The TCP/IP (75) layer consists of two main protocol options—the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP).
A network IPS provides which of the following?() A. The layer 3 protocol on which other protocols like TCP and UDP communicate.B. Enables the IPSec protocol on internal workstations.C. Packet-based detection and prevention of network attacks.D. Single mode IP communication for a fiber line between remote sites.
TCP/IP( )layer protocols provide services to the application( )running on a computer.The application layer does not define the application itself,but rather it defines( )that applications need--like the ability to transfer a file in the case of HTTP.In short,the application layer provides an( )between software running on a computer and the network itself.The TCP/IP application layer includes a relatively large number of protocols,with HTTP being only one of those.The TCP/IP(请作答此空)layer consists of two main protocol options--the Transmission Control Protocol(TCP)and the User Datagram Protocol(UDP).A.applicationB.sessionC.physicalD.transport
The diffserv approach to providing QoS in networks employs a small,well-defined set of building blocks from which you can build a variety of( ).Its aim is to define the differentiated services(DS)byte,the Type of Service(ToS)byte from the Internet Protocol Version 4( )and the Traffic Class byte from IP Version 6,and mark the standardized DS byte of the packet such that it receives a particular forwarding treatment,or per- hop behavior(PHB),at each network node.The diffserv architecture provides a(_______)within which service providers can offer customers a range of network services,each differentiated based on performance.A customer can choose the( )level needed on a packet-by-packet basis by simply marking the packet's Differentiated Services Code Point(DSCP)field to a specific value.This ( ) specifies the PHB given to the packet within the service provider network。横线处应选( ) A.informationB. StructureC .means D.framework
以下关于互联网协议安全(Internet Protocol Security,IPsec)协议说法错误的是()A、在传送模式中,保护的是IP负载B、验证头协议(Authentication Head,AH)和IP封装安全载荷协议(Encapsulating Security Payload,ESP)都能以传输模式和隧道模式工作C、在隧道模式中,保护的是整个互联网协议(Internet Protocol,IP)包,包括IP头D、IPsec仅能保证传输数据的可认证性和保密性
目前电子商务网站较常采用下列哪一种的安全机制是()。A、DES(Data Encryption Standard)B、IPSec(Internet Protocol Security)C、SET(Secure Electronic Transaction)D、SSL(Secure Socket Layer)
What is the port number of an IPsec Encapsulating Security Payfoad packet?()A、UOP port 50B、IP protocol 51C、TCP port 51D、TCP port 50E、IP protocol 50F、UDP port51
IPSec VPN is a widely-acknowledged solution for enterprise network. Which three IPsec VPNstatements are true?()A、IKE keepalives are unidirectional and sent every ten secondsB、IPsec uses the Encapsulating Security Protocol (ESP) or the Authentication Header (AH)protocol for exchanging keysC、To establish IKE SA, main mode utilizes six packets while aggressive mode utilizes only threepacketsD、IKE uses the Diffie-Hellman algorithm to generate symmetrical keys to be used by IPsec peers
What is the port number of an IPsec Encapsulating Security Payload packet?()A、IP protocol 50B、IP protocol 51C、TCP port 50D、TCP port 51E、UDP port 50F、UDP port 51
Which feature would prevent guest users from gaining network access by unplugging an IP phone and connecting a laptop computer?()A、IPSec VPNB、SSL VPNC、port securityD、port security with statically configured MAC addressesE、private VLANs
A network IPS provides which of the following?()A、The layer 3 protocol on which other protocols like TCP and UDP communicate.B、Enables the IPSec protocol on internal workstations.C、Packet-based detection and prevention of network attacks.D、Single mode IP communication for a fiber line between remote sites.
Which of the following BEST describes the function of a DNS server?()A、Secures network traffic through shared key encryption.B、Provides resolution of host names to IP addresses.C、Provides security for a network through the use of ACLs.D、Dynamically assigns IP addresses for easy client configuration.
You are the network administrator for Humongous Insurance. The network consists of a single Active Directory domain named humongous.com. The domain contains Windows Server 2003 computers and Windows XP Professional computers. You configure several Group Policy objects (GPOs) to enforce the use of IPSec for certain types of communication between specified computers. A server named Server2 runs the Telnet service. A GPO is supposed to ensure that all Telnet connections to Server2 are encrypted by using IPSec. However, when you monitor network traffic, you notice that Telnet connections are not being encrypted.You need to view all of the IPSec settings that are applied to Server2 by GPOs. Which tool should you use?()A、the IP Security Policy Management consoleB、the IP Security Monitor consoleC、the Resultant Set of Policy consoleD、Microsoft Baseline Security Analyzer (MBSA)
Your company has a main office and one branch office. All servers run Windows Server 2003 Service Pack 2 (SP2).The main office has a third-party gateway device named Gateway1. Gateway1 is connected to the internal network and the Internet. Gateway1 supports IPSec. In the branch office, you have a server named Server1. You create an IPSec policy on Server1.You need to ensure that Server1 can establish an IPSec tunnel to Gateway1. What should you use to configure the IPSec policy?()A、an IP filter that allows only Internet Control Message Protocol (ICMP) traffic B、an IP filter that allows only TCP traffic on port 1701 C、a pre-shared key for authentication D、Kerberos authentication
You need to design a remote access strategy for the customer support users when they work from home. Your solution must meet security requirements. What should you do?()A、Deploy an L2TP/IPsec VPN server in each call center. Configure the portable computers as L2TP VPN clientsB、Create IPSec tunnel mode connections between the customer support users home and the company’s Internet-facing routersC、Create IP packet filters on the company’s Internet-facing routers to allow the Remote Desktop Protocol (RDP).Create IPSec filters on the terminal servers to allow only connections that use RDPD、Create IP packet filters on the company’s Internet-facing routers to allow the IPSec protocols. Assign the Secure Server (Require Security) IPSec policy to the terminal servers. Assign the Client (Respond only) IPSec policy to the portable computers
Your network contains a DNS server that has a reverse lookup zone for all of your network segments. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). An IP security policy is assigned to Server1. You verify IPSec traffic and see that the current security associations display only by IP address. You need to view the fully qualified domain names for all security associations. What should you do?()A、From the DNS console, add Server1 as a name server.B、From the DNS console, change dynamic updates to Secure only.C、From IP Security Monitor on Server1, enable DNS name resolution.D、From IP Security Monitor on Server1, create a new taskpad view.
Your network contains a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 has IPSec enabled. Several users report that they cannot connect to Server1. You need to see how many IPSec connection attempts failed due to authentication failures. What should you do?()A、From IP Security Monitor, view the Main Mode Statistics.B、From Microsoft Baseline Security Analyzer, scan Server1.C、From the Security event log, view the events from the IPSec source.D、From System Monitor, add the IPSec V4 Driver : Active Security Associations counter.
You need to design a method of communication between the IT and HR departments. Your solution must meet business requirements. What should you do?()A、Design a custom IPSec policy to implement Encapsulating Security Payload (ESP) for all IP traffic Design the IPSec policy to use certificate-based authentication between the two departments’ computersB、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersC、Design a customer IPSec policy to implement Encapsulating Payload (ESP) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersD、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use certificate-based authentication between the two departments’ computers
多选题Which three JUNOS software features allow for increased security on your network?()Afirewall filtersBdata encryptionCrouting protocol authenticationDsupport for BGP path mtu discoveryEautomatic discovery for IPSEC neighbors
多选题Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?()Adata integrityBdata confidentialityCdata authenticationDouter IP header confidentialityEouter IP header authentication
单选题You are a security administrator for your company. The network consists of a single Active Directory domain. All client computers run Windows XP Professional. All servers run Windows Server 2003. All computers on the network are members of the domain. Traffic on the network is encrypted by IPSec. The domain contains a custom IPSec policy named Lan Security that applies to all computers in the domain. The Lan Security policy does not allow unsecured communication with non-lPSec-aware computers. The company’s written security policy states that the configuration of the domain and the configuration of the Lan Security policy must not be changed. The domain contains a multihomed server named Server1. Server1 isconnected to the company network, and Server1 is also connected to a test network. Currently, the Lan Security IPSec policy applies to network traffic on both network adapters in Server1. You need to configure Server1 so that it communicates on the test network without IPSec security. Server1 must still use the Lan Security policy when it communicates on the company network. How should you configure Server1?()A Configure a packet filter for the network adapter on the test network to block the Internet Key Exchange (IKE) port.B Configure the network adapter on the test network to disable IEEE 802.1x authentication.C Configure the network adapter on the test network to enable TCP/IP filtering, and then permit all traffic.D Use the netsh command to assign a persistent IPSec policy that permits all traffic on the network adapter on the test.E Assign an IPSec policy in the local computer policy that permits all traffic on the network adapter on the test.
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. The domain contains a Windows Server 2003 computer named Server1 that is located in an organizational unit (OU) named Servers. Server1 contains confidential data, and all network communications with Server1 must be encrypted by using IPSec. The default Client (Respond Only) IPSec policy is enabled in the Default Domain Policy Group Policy object (GPO). You create a new GPO and link it to the Servers OU. You configure the new GPO by creating and enabling a custom IPSec policy. You monitor and discover that network communications with Server1 are not being encrypted. You need to view all IPSec policies that are being applied to Server1. What should you do? ()A Use Local Security Policy to view the Security Options for Server1.B Use Resultant Set of Policy (RSoP) to run an RSoP logging mode query to view the IP Security Policies on Local Computer for Server1.C Use Resultant Set of Policy (RSoP) to run an RSoP planning mode query to view the Security Options for Server1.D Use IP Security Monitor to view the Active Policy for Server1.E Use IP Security Monitor to view the IKE Policies for Server1.
单选题以下关于互联网协议安全(Internet Protocol Security,IPsec)协议说法错误的是()A在传送模式中,保护的是IP负载B验证头协议(Authentication Head,AH)和IP封装安全载荷协议(Encapsulating Security Payload,ESP)都能以传输模式和隧道模式工作C在隧道模式中,保护的是整个互联网协议(Internet Protocol,IP)包,包括IP头DIPsec仅能保证传输数据的可认证性和保密性
单选题Which operational mode command displays all active IPsec phase 2 security associations?()Ashow ike security-associationsBshow ipsec security-associationsCshow security ike security-associationsDshow security ipsec security-associations