单选题Which is the result of enabling IP Source Guard on an untrusted switch port that does not have DHCP snooping enabled?()ADHCP requests will be switched in the software, which may result in lengthy response times.BThe switch will run out of ACL hardware resources.CAll DHCP requests will pass through the switch untested.DThe DHCP server reply will be dropped and the client will not be able to obtain an IP address.
单选题
Which is the result of enabling IP Source Guard on an untrusted switch port that does not have DHCP snooping enabled?()
A
DHCP requests will be switched in the software, which may result in lengthy response times.
B
The switch will run out of ACL hardware resources.
C
All DHCP requests will pass through the switch untested.
D
The DHCP server reply will be dropped and the client will not be able to obtain an IP address.
参考解析
解析:
暂无解析
相关考题:
Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()A. Source IP and browserB. Source IP and certificateC. Certificate and Host CheckerD. Host Checker and source IP
A system administrator detects thousands of open idle connections from the same source.Which problem can arise from this type of attack?() A. It enables an attacker to perform an IP sweep of devices.B. It enables a hacker to know which operating system the system is running.C. It can overflow the session table to its limit, which can result in rejection of legitimate traffic.D. It creates a ping of death and can cause the entire network to be infected with a virus.
In JUNOS software with enhanced services, which three packet elements are inspected to determineif a session already exists? ()(Choose three.) A. IP protocolB. IP time-to-liveC. source and destination IP addressD. source and destination MAC addressE. source and destination TCP/UDP port
Which configuration command controls the source IP address for packets sent to a RADIUS server?() A.radius override nas-ip-addrB.radius source-ip-address 10.13.7.55C.radius update-source-address 10.13.7.11D.radius authentication server 10.13.7.55
Which two of these key fields are used to identify a flow in a traditional NetFlow implementation?() A. source portB. output interfaceC. next-hop IP addressD. source MAC addressE. destination IP addressF. next-hop MAC address
What is true about IP Source Guard with port security?()A、Binding should be manually configured.B、It is not supported if IEEE 802.1x port-based authentication is enabled.C、The DHCP server must support option 82, or the client is not assigned an IP address.D、It filters based on source IP address only.
Which is the result of enabling IP Source Guard on an untrusted switch port that does not have DHCP snooping enabled?()A、DHCP requests will be switched in the software, which may result in lengthy response times.B、The switch will run out of ACL hardware resources.C、All DHCP requests will pass through the switch untested.D、The DHCP server reply will be dropped and the client will not be able to obtain an IP address.
Which of the following descriptions about IP spoofing is correct?()A、IP source address is forgedB、IP destination address is forgedC、IP TCP source port is forgedD、IP TCP destination port is forgedE、None of above
Which two of these key fields are used to identify a flow in a traditional NetFlow implementation?()A、source portB、output interfaceC、next-hop IP addressD、source MAC addressE、destination IP addressF、next-hop MAC address
The default behavior of switching to the shortest path tree as soon as a new source is detected on the shared tree can be disabled by setting the value in the ip pim spt-threshold command to "zero." ()A、loop guardB、storm controlC、storm suppressionD、broadcast suppressionE、BPDU guard
Which three attributes are carried in a source active message?()A、NLRI informationB、IP address of originating RPC、address of multicast sourceD、all active RPs in the local domainE、group address to which the source is sending
Which statement describes the behavior of source NAT with address shifting?()A、Source NAT with address shifting translates both the source IP address and the source port of a packet.B、Source NAT with address shifting defines a one-to-one mapping from an original source IP address to a translated source IP address.C、Source NAT with address shifting can translate multiple source IP addresses to the same translated IP address.D、Source NAT with address shifting allows inbound connections to be initiated to the static source pool IP addresses.
What is the result of issuing the frame-relay map ip 192.168.1.2 202 broadcast command?()A、defines the source IP address that is used in all broadcast packets on DLCI 202B、defines the DLCI that is used for all packets that are sent to the 192.168.1.2 IP addressC、defines the destination IP address that is used in all broadcast packets on DLCI 202D、defines the DLCI on which packets from the 192.168.1.2 IP address are received
What is the result of issuing the frame-relay map ip 192.168.1.2 202 broadcast command?()A、defines the source IP address that i s used in all broadcast packets on DLCI 202B、defines the DLCI that is used for all packets that are sent to the 192.168.1.2 IP addressC、defines the destination IP address that is used in all broadcast packets on DLCI 202D、defines the DLCI on which packets from the 192.168.1.2 IP address are received
In JUNOS Software, which three packet elements can be inspected to determine if asession already exists?()A、IP protocolB、IP time-to-liveC、source and destination IP addressD、source and destination MAC addressE、source and destination TCP/UDP port
Which two are uses of NAT?()A、enabling network migrationsB、conserving public IP addressesC、allowing stateful packet inspectionD、preventing unauthorized connections from outside the network
Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()A、Source IP and browserB、Source IP and certificateC、Certificate and Host CheckerD、Host Checker and source IP
Which statement is true about source NAT?()A、Source NAT works only with source pools.B、Destination NAT is required to translate the reply traffic.C、Source NAT does not require a security policy to function.D、The egress interface IP address can be used for source NAT
In JUNOS software with enhanced services, which three packet elements are inspected to determineif a session already exists? ()(Choose three.)A、IP protocolB、IP time-to-liveC、source and destination IP addressD、source and destination MAC addressE、source and destination TCP/UDP port
单选题Which configuration command controls the source IP address for packets sent to a RADIUS server?()Aradius override nas-ip-addrBradius source-ip-address 10.13.7.55Cradius update-source-address 10.13.7.11Dradius authentication server 10.13.7.55
单选题What is true about IP Source Guard with port security?()ABinding should be manually configured.BIt is not supported if IEEE 802.1x port-based authentication is enabled.CThe DHCP server must support option 82, or the client is not assigned an IP address.DIt filters based on source IP address only.
单选题Which of the following descriptions about IP spoofing is correct?()AIP source address is forgedBIP destination address is forgedCIP TCP source port is forgedDIP TCP destination port is forgedENone of above
单选题Which statement correctly describes enabling BPDU guard on an access port that is also enabled for PortFast?()AUpon startup, the port transmits 10 BPDUs. If the port receives a BPDU, PortFast and BPDU guard are disabled on that port and it assumes normal STP operation.BThe access port ignores any received BPDU.CIf the port receives a BPDU, it is placed into the error-disable state.DBPDU guard is only configured globally and the BPDU filter is required for port-level configuration.
单选题A system administrator detects thousands of open idle connections from the same source.Which problem can arise from this type of attack?()AIt enables an attacker to perform an IP sweep of devices.BIt enables a hacker to know which operating system the system is running.CIt can overflow the session table to its limit, which can result in rejection of legitimate traffic.DIt creates a ping of death and can cause the entire network to be infected with a virus.
单选题What is the result of entering the command port-channel load-balance src-dst-ip on an EtherChannel link? ()APackets are distributed across the ports in the channel based on both the source and destination MAC addresses.BPackets are distributed across the ports in the channel based on both the source and destination IP addresses.CPackets are balanced across the ports in the channel based first on the source MAC address, then on the destination MAC address, then on the IP address.DPackets are distributed across the access ports in the channel based first on the source IP address and then the destination IP addresses.
单选题Which statement describes the behavior of source NAT with address shifting?()ASource NAT with address shifting translates both the source IP address and the source port of a packet.BSource NAT with address shifting defines a one-to-one mapping from an original source IP address to a translated source IP address.CSource NAT with address shifting can translate multiple source IP addresses to the same translated IP address.DSource NAT with address shifting allows inbound connections to be initiated to the static source pool IP addresses.
多选题The default behavior of switching to the shortest path tree as soon as a new source is detected on the shared tree can be disabled by setting the value in the ip pim spt-threshold command to "zero." ()Aloop guardBstorm controlCstorm suppressionDbroadcast suppressionEBPDU guard