多选题Which three statements about IOS Firewall configurations are true?()AThe IP inspection rule can be applied in the inbound direction on the secured interface.BThe IP inspection rule can be applied in the outbound direction on the unsecured interface.CThe ACL applied in the outbound direction on the unsecured interface should be an extended ACL.DThe ACL applied in the inbound direction on the unsecured interface should be an extended ACL.EFor temporary openings to be created dynamically by Cisco IOS Firewall,the access-list for thereturning traffic must be a standard ACL.FFor temporary openings to be created dynamically by Cisco IOS Firewall,the IP inspection rule must be applied to the secured interface.
多选题
Which three statements about IOS Firewall configurations are true?()
A
The IP inspection rule can be applied in the inbound direction on the secured interface.
B
The IP inspection rule can be applied in the outbound direction on the unsecured interface.
C
The ACL applied in the outbound direction on the unsecured interface should be an extended ACL.
D
The ACL applied in the inbound direction on the unsecured interface should be an extended ACL.
E
For temporary openings to be created dynamically by Cisco IOS Firewall,the access-list for thereturning traffic must be a standard ACL.
F
For temporary openings to be created dynamically by Cisco IOS Firewall,the IP inspection rule must be applied to the secured interface.
参考解析
解析:
暂无解析
相关考题:
Which three statements are correct about Rate Limiters? ()(Choose three.) A. one-rate rate limitersB. two-rate rate limitersC. two-rate rate limiters is the defaultD. one-rate rate limiters is the defaultE. there is no default it must be configured
Which two statements are true about firewall filter configurations?() A. Multiple action modifiers can be included in the same term.B. Only a single action modifier can be included in the same term.C. If an action modifier exists without a terminating action, matching packets will be accepted.D. If an action modifier exists without a terminating action, matching packets will be discarded.
CS-MARS works with which IOS feature to accomplish anomaly detection?()A、 IOS IPSB、 AutosecureC、 CSAD、 NetflowE、 IOS Network Foundation Protection (NFP)F、 IOS Firewall
Which three statements about firewall modes are correct? ()A、 A firewall in routed mode has one IP addressB、 A firewall in transparent mode has one IP addressC、 In routed mode, the firewall is considered to be a Layer 2 dewD、 In routed mode, the firewall is considered to be a Layer 3 deviceE、 In transparent mode, the firewall is considered to be a Layer 2 deviceF、 In transparent mode, the firewall is considered to be a Layer 3 device
Which two statements are true about firewall filter configurations?()A、Multiple action modifiers can be included in the same term.B、Only a single action modifier can be included in the same term.C、The default term within a firewall filter uses the discard action.D、The default term within a firewall filter uses the reject action.
Which two statements are correct about firewall filters in the Junos OS?()A、Firewall filters are stateless.B、Firewall filters are used to control routing information that is exchanged between devices.C、Firewall filters are used to control traffic passing through the device.D、Firewall filters can only be applied to traffic entering the device.
Which three statements are true about terms in a policy?()A、The order of the terms in a policy is irrelevantB、The action is specified in a then statementC、Ters are optional in a policyD、The match condition can be identified with a from statementE、Every policy must contain at least one term
Which three statements about IOS Firewall configurations are true?()A、The IP inspection rule can be applied in the inbound direction on the secured interface.B、The IP inspection rule can be applied in the outbound direction on the unsecured interface.C、The ACL applied in the outbound direction on the unsecured interface should be an extended ACL.D、The ACL applied in the inbound direction on the unsecured interface should be an extended ACL.E、For temporary openings to be created dynamically by Cisco IOS Firewall,the access-list for thereturning traffic must be a standard ACL.F、For temporary openings to be created dynamically by Cisco IOS Firewall,the IP inspection rule must be applied to the secured interface.
Which three statements accurately describe IOS Firewall configurations?()A、The IP inspection rule can be applied in the inbound direction on the secured interfaceB、The IP inspection rule can be applied in the outbound direction on the unsecured interfaceC、The ACL applied in the inbound direction on the unsecured interface should be an extendedACL.D、For temporary openings to be created dynamically by Cisco IOS Firewall, the access-list for thereturning traffic must be a standard ACL
XYZ LTD is concerned about the security in the perimeter of the network. Which three Cisco products can you offer to XYZ LTD?()A、Integrated Services RoutersB、Firewall AppliancesC、Cisco Unified CallManagerD、Multilayer switch with enhanced imageE、Cisco UnityF、VPN Concentrators
Which two statements are true about the Cisco Classic (CBAC) IOS Firewall set?()A、It can be used to block bulk encryption attacksB、It can be used to protect against denial of service attacksC、Traffic originating from the router is considered trusted, so it is not inspectedD、Based upon the custom firewall rules, an ACL entry is statically created and added to theexisting ACL permanentlyE、Temporary ACL entries that allow selected traffic to pass are created and persist for theduration of the communication session
The Cisco NAC Appliance is able to check which three items before allowing network access?()A、client antivirus software stateB、personal firewall settingsC、wireless cell bandwidth availabilityD、IOS versions for routers and switchesE、appropriate client patch management levelF、appropriate QoS settings for client application Answer:
Which three statements are true about Cisco IOS Firewall?()A、It can be configured to block Java traffic.B、It can be configured to detect and prevent SYN-flooding denial-of-service (DoS) network attacks.C、It can only examine network layer and transport layer information.D、It can only examine transport layer and application layer information.E、The inspection rules can be used to set timeout values for specified protocols.F、The ip inspect cbac-name command must be configured in global configuration mode.
The Cisco NAC Appliance is able to check which three items before allowing network access?()A、 client antivirus software stateB、 personal firewall settingsC、 wireless cell bandwidth availabilityD、 IOS versions for routers and switchesE、 appropriate client patch management levelF、 appropriate QoS settings for client application
Which three statements about subqueries are true? ()A、Asinglerowsubquerycanretrieveonlyonecolumnandonerow.B、Asinglerowsubquerycanretrieveonlyonerowbutmanycolumns.C、Amultiplerowsubquerycanretrievemultiplerowsandmultiplecolumns.D、Amultiplerowsubquerycanbecomparedusingthe";;";operator.E、AsinglerowsubquerycanusetheINoperator.F、Amultiplerowsubquerycanusethe";=";operator.
多选题Which two statements are true about firewall filter configurations?()AMultiple action modifiers can be included in the same term.BOnly a single action modifier can be included in the same term.CThe default term within a firewall filter uses the discard action.DThe default term within a firewall filter uses the reject action.
多选题Which three statements are true about Cisco IOS Firewall?()AIt can be configured to block Java traffic.BIt can be configured to detect and prevent SYN-flooding denial-of-service (DoS) network attacks.CIt can only examine network layer and transport layer information.DIt can only examine transport layer and application layer information.EThe inspection rules can be used to set timeout values for specified protocols.FThe ip inspect cbac-name command must be configured in global configuration mode.
多选题Which three statements are true when configuring Cisco IOS Firewall features using the SDM? ()AA custom application security policy can be configured in the Advanced Firewall Security Configuration dialog box.BAn optional DMZ interface can be specified in the Advanced Firewall Interface Configuration dialog box.CCustom application policies for e-mail, instant messaging, HTTP, and peer-to-peer services can be created using the Intermediate Firewall wizard.DOnly the outside (untrusted) interface is specified in the Basic Firewall Interface Configuration dialog box.EThe outside interface that SDM can be launched from is configured in the Configuring Firewall for Remote Access dialog box.FThe SDM provides a basic, intermediate, and advanced firewall wizard.
多选题Refer to the exhibit. Which three statements are true about trust boundaries in the campus network? (Choose three.)()AA device is trusted if it correctly classifies packets.BA device is trusted if it correctly declassifies packets.CThe outermost trusted devices represent the trust boundary.DClassification and marking occur using 802.1ab QoS bits before reaching the trust boundary.ENetwork trust boundaries are automatically configured in IOS version 12.3 and later.FFor scalability, classification should be done as close to the edge as possible.
多选题Which three statements about firewall modes are correct? ()AA firewall in routed mode has one IP addressBA firewall in transparent mode has one IP addressCIn routed mode, the firewall is considered to be a Layer 2 dewDIn routed mode, the firewall is considered to be a Layer 3 deviceEIn transparent mode, the firewall is considered to be a Layer 2 deviceFIn transparent mode, the firewall is considered to be a Layer 3 device
多选题Which three statements are correct about Rate Limiters? ()(Choose three.)Aone-rate rate limitersBtwo-rate rate limitersCtwo-rate rate limiters is the defaultDone-rate rate limiters is the defaultEthere is no default it must be configured
单选题CS-MARS works with which IOS feature to accomplish anomaly detection?()A IOS IPSB AutosecureC CSAD NetflowE IOS Network Foundation Protection (NFP)F IOS Firewall
多选题The Cisco AutoQoS feature is being used throughout the Company VOIP network. Which three statements about this feature are true?()AThe mls qos global configuration command must be entered before configuring AutoQoS.BCEF must be enabled.CThe no auto qos voip command is used to disable Cisco AutoQos and revoke all configurations generated by Cisco AutoQos.DCDP must be enabled.ESNMP must be enabled.
多选题Which two statements are true about firewall filter configurations?()AMultiple action modifiers can be included in the same term.BOnly a single action modifier can be included in the same term.CIf an action modifier exists without a terminating action, matching packets will be accepted.DIf an action modifier exists without a terminating action, matching packets will be discarded.
多选题Which three statements about subqueries are true? ()AAsinglerowsubquerycanretrieveonlyonecolumnandonerow.BAsinglerowsubquerycanretrieveonlyonerowbutmanycolumns.CAmultiplerowsubquerycanretrievemultiplerowsandmultiplecolumns.DAmultiplerowsubquerycanbecomparedusingthe;;;operator.EAsinglerowsubquerycanusetheINoperator.FAmultiplerowsubquerycanusethe;=;operator.
多选题Which three of the following descriptions are true about the firewall modes? ()ATransparent mode is layer 2.BRouted mode is layer 3.CRouted mode has 1 IP address.DTransparent mode has 1 IP address.
多选题Which three statements accurately describe IOS Firewall configurations?()AThe IP inspection rule can be applied in the inbound direction on the secured interfaceBThe IP inspection rule can be applied in the outbound direction on the unsecured interfaceCThe ACL applied in the inbound direction on the unsecured interface should be an extendedACL.DFor temporary openings to be created dynamically by Cisco IOS Firewall, the access-list for thereturning traffic must be a standard ACL