Which statement describes the Authentication Proxy feature?()A、All traffic is permitted from the inbound to the outbound interface upon successful authentication of the user.B、A specific access profile is retrieved from a TACACS+ or RADIUS server and applied to an IOS Firewall based on user provided credentials.C、Prior to responding to a proxy ARP,the router will prompt the user for a login and password which are authenticated based on the configured AAA policy.D、The proxy server capabilities of the IOS Firewall are enabled upon successful authentication of the user.

Which statement describes the Authentication Proxy feature?()

  • A、All traffic is permitted from the inbound to the outbound interface upon successful authentication of the user.
  • B、A specific access profile is retrieved from a TACACS+ or RADIUS server and applied to an IOS Firewall based on user provided credentials.
  • C、Prior to responding to a proxy ARP,the router will prompt the user for a login and password which are authenticated based on the configured AAA policy.
  • D、The proxy server capabilities of the IOS Firewall are enabled upon successful authentication of the user.

相关考题:

When using RADIUS as an external authentication method for 802.1X authentication for the Junos Pulse Access Control Service, what must you do to ensure that the RADIUS authentication works properly?() A. Configure IP helper to forward the authentication requests from the clients to the external RADIUS serverB. Configure the supplicant as anexternal authentication serverC. Configure RADIUS proxy on the realmD. Specify the correct RADIUS port 389 on the Junos Pulse Access Control Service

Click the Exhibit button.What is the cause of the error shown in the exhibit?() A. A RADIUS request is being received from a device that is not configured on the RADIUS Client page.B. A user entered an incorrect password during RADIUS authentication.C. A RADIUS proxy attempt failed to reach the configured proxy server.D. The RADIUS shared secret is incorrect.

Which CLI command ensures that RADIUS packets are being sent to and received from the RADIUS server?() A. show radiusB. show aaa domain-mapC. show aaa statisticsD. show radius authentication server

The following access list below was applied outbound on the E0 interface connected to the 192.169.1.8/29 LAN:How will the above access lists affect traffic?() A. FTP traffic from 192.169.1.22 will be denied.B. No traffic, except for FTP traffic will be allowed to exit E0.C. FTP traffic from 192.169.1.9 to any host will be denied.D. All traffic exiting E0 will be denied.E. All FTP traffic to network 192.169.1.9/29 will be denied.

On the serial interface of a router, an inbound access list is configured to deny all traffic from UDP and TCP ports 21, 23, and 25. All other traffic is permitted. Based on this information, which types of traffic will be allowed through this interface?()A.SMTPB.DNSC.FTPD.TelnetE.HTTPF.POP3

pany has implemented 802.1X authentication as a security enhancement.  Which statement is  true about 802.1x port-based authentication?()A、 TACACS+ is the only supported authentication server type.B、 If a host initiates the authentication process and does not receive a response, it assumes it is  not authorized.C、 RADIUS is the only supported authentication server type.D、 Before transmitting data, an 802.1x host must determine the authorization state of the switch.E、 Hosts are required to havea 802.1x authentication client or utilize PPPoE.F、 None of the other alternatives apply.

What are two characteristics of the SLB One-arm mode? ()A、 It is not as common as bridge modeB、 The MSFC is not directly connected to the CSMC、 Outbound traffic from servers may need to be directed by PBR or CSNAT to the CSMD、 The SLB is moved to a position where selected inbound and outbound server traffic goesthrough the SLBE、 The CSM statically routes inbound server traffic to the aggregation switch FWSM, then to the connected server subnet

A new employee needs access to a SQL Server 2005 database that is located on a server named SQL1. You create a login named ajones by using the following Transact-SQL statement. CREATE LOGIN ajones WITH PASSWORD = ’SQLServer$1’ The new employee reports that when he logs in, he receives the following error message: "Login failed. The user is not associated with a trusted SQL Server connection." You need to resolve the error and allow the new employee to gain access to SQL1. What should you do?()A、Change the SQL Server security mode from Windows Authentication mode to SQL Server and Windows authentication mode.B、Change the SQL Server security mode from SQL Server and Windows Authentication mode to Windows authentication mode.C、Ensure that the login name is created with square brackets ([]).D、Give the login access to a specific database by using the CREATE USER Transact-SQL statement.

Which statement describes the behavior of a security policy?()A、The implicit default security policy permits all traffic.B、Traffic destined to the device itself always requires a security policy.C、Traffic destined to the device’s incoming interface does not require a security policy.D、The factory-default configuration permits all traffic from all interfaces.

Which CLI command ensures that RADIUS packets are being sent to and received from the RADIUS server?()A、show radiusB、show aaa domain-mapC、show aaa statisticsD、show radius authentication server

Authentication for user data traffic is important, but so is authentication for IP voice traffic. The Cisco 830 802.1 feature provides an easier method for allowing IP voice traffic through the VPN, because it().A、requires access lists to identify the voice traffic B、can allow traffic from a device without 802.1X authentication, by MAC addressC、can allow traffic from Cisco IP phones by listening to their CDP advertisementsD、allows all packets marked with a ToS of 5 to bypass authenticationE、allows all IP voice packets to bypass authentication via stateful inspection

You are installing a new deployment of the Junos Pulse Access Control Service. You have an existing RADIUS server that has a populated user file. You are considering using the RADIUS proxy feature.Which consideration must you take into account?()A、Your RADIUS server database must be replicated onto another device for redundancy.B、Inner proxy creates a tunnel between the supplicant and the external server.C、RADIUS proxy causes the role assignment process to be skipped.D、Outer proxy configuration passes authentication data to the external RADIUS server in clear text.

When using RADIUS as an external authentication method for 802.1X authentication for the Junos Pulse Access Control Service, what must you do to ensure that the RADIUS authentication works properly?()A、Configure IP helper to forward the authentication requests from the clients to the external RADIUS serverB、Configure the supplicant as anexternal authentication serverC、Configure RADIUS proxy on the realmD、Specify the correct RADIUS port 389 on the Junos Pulse Access Control Service

A successful authentication attempt by a RADIUS server does not supply a username to the JUNOS software. Which username is used by default?()A、rootB、localC、radiusD、remote

A successful authentication attempt by a RADIUS server does not supply a username to the JUNOSsoftware. Which username is used by default?()A、rootB、localC、radiusD、remote

Your company has deployed Network Access Protection (NAP).You configure secure wireless access to the network by using 802.1X authentication from any access point.You need to ensure that all client computers that access the network are evaluated by NAP. What should you do?()A、Configure all access points as RADIUS clients to the Remediation Servers.B、Configure all access points as RADIUS clients to the Network Policy Server (NPS).C、Create a Network Policy that defines Remote Access Server as a network connection method.D、Create a Network Policy that specifies EAP-TLS as the only available authentication method.

You have a server that runs Windows Server 2003 Service Pack 2 (SP2). Routing and Remote Access is enabled and the server is configured as a remote access server.  You need to configure the server to support only the MS-CHAP v2 authentication protocol for remote access authentication. What should you do from the Routing and Remote Access snap-in?()A、Configure the port properties.B、Create and configure a new demand-dial interface.C、From the server’s properties, modify the security options.D、From the Connections to Microsoft Routing and Remote Access Server policy, add a new condition.

Your company has deployed Network Access Protection (NAP). You configure secure wireless access to the network by using 802.1x authentication from any access point. You need to ensure that all client computers that access the network are evaluated by NAP.  what should you do()? A、Configure all access points as RADIUS clients to the Remediation ServersB、Configure all access points as RADIUS clients to the Network Policy Server (NPS)C、Create a Network Policy that defines Remote Access Server as a network connection methodD、Create a Network Policy that specifies EAP-TLS as the only availible authentication method.

Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2).You have a VPN server named Server1. You have an Internet Authentication Service (IAS) server named Server2. You need to ensure that all VPN connections to Server1 are authenticated by Server2.Which two actions should you perform?()A、From the Internet Authentication Service snap-in on Server2, create a new RADIUS client. B、From the Internet Authentication Service snap-in on Server2, create a new remote access policy. C、From the Routing and Remote Access snap-in, configure Server1 to use RADIUS accounting. D、From the Routing and Remote Access snap-in, configure Server1 to use RADIUS authentication.

Your network contains an Active Directory domain. All client computers run Windows XP Service Pack 3 (SP3). The domain contains a member server named Server1 that runs Windows Server 2008 R2. On Server1, you create a connection security rule that requires authentication for inbound and outbound connections. You configure the connection security rule to use Kerberos authentication. You need to ensure that the client computers can connect to Server1. The solution must ensure that all connections to Server1 are encrypted. What should you do?()A、From the Windows Firewall with Advanced Security console, create an inbound rule on Server1.B、From the Windows Firewall with Advanced Security console, create an outbound rule on Server1.C、From a Group Policy object (GPO), enable the Client (Respond Only) IPSec policy on all client computers.D、From a Group Policy object (GPO), configure the Network Security: LDAP client signing requirements policy setting for all client computers.

You have a server that runs Windows Server 2003 Service Pack 2 (SP2). Routing and Remote Access is enabled and the server is configured as a remote access server. You need to configure the server to support only the MS-CHAP v2 authentication protocol for remote access authentication. What should you do from the Routing and Remote Access snap-in? () A、Configure the port properties.  B、Create and configure a new demand-dial interface.  C、From the servers properties, modify the security options.  D、From the Connections to Microsoft Routing and Remote Access Server policy, add a new condition.

单选题Click the Exhibit button. What is the cause of the error shown in the exhibit?()A A RADIUS request is being received from a device that is not configured on the RADIUS Client page.B A user entered an incorrect password during RADIUS authentication.C A RADIUS proxy attempt failed to reach the configured proxy server.D The RADIUS shared secret is incorrect.

多选题On the serial interface of a router, an inbound access list is configured to deny all traffic from UDP and TCP ports 21, 23, and 25. All other traffic is permitted. Based on this information, which types of traffic will be allowed through this interface?()ASMTPBDNSCFTPDTelnetEHTTPFPOP3

单选题You are installing a new deployment of the Junos Pulse Access Control Service. You have an existing RADIUS server that has a populated user file. You are considering using the RADIUS proxy feature.Which consideration must you take into account?()AYour RADIUS server database must be replicated onto another device for redundancy.BInner proxy creates a tunnel between the supplicant and the external server.CRADIUS proxy causes the role assignment process to be skipped.DOuter proxy configuration passes authentication data to the external RADIUS server in clear text.

单选题Which statement describes the Authentication Proxy feature?()AAll traffic is permitted from the inbound to the outbound interface upon successful authentication of the user.BA specific access profile is retrieved from a TACACS+ or RADIUS server and applied to an IOS Firewall based on user provided credentials.CPrior to responding to a proxy ARP,the router will prompt the user for a login and password which are authenticated based on the configured AAA policy.DThe proxy server capabilities of the IOS Firewall are enabled upon successful authentication of the user.

多选题Authentication for user data traffic is important, but so is authentication for IP voice traffic. The Cisco 830 802.1 feature provides an easier method for allowing IP voice traffic through the VPN, because it().Arequires access lists to identify the voice trafficBcan allow traffic from a device without 802.1X authentication, by MAC addressCcan allow traffic from Cisco IP phones by listening to their CDP advertisementsDallows all packets marked with a ToS of 5 to bypass authenticationEallows all IP voice packets to bypass authentication via stateful inspection

多选题Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2).You have a VPN server named Server1. You have an Internet Authentication Service (IAS) server named Server2. You need to ensure that all VPN connections to Server1 are authenticated by Server2.Which two actions should you perform?()AFrom the Internet Authentication Service snap-in on Server2, create a new RADIUS client.BFrom the Internet Authentication Service snap-in on Server2, create a new remote access policy.CFrom the Routing and Remote Access snap-in, configure Server1 to use RADIUS accounting.DFrom the Routing and Remote Access snap-in, configure Server1 to use RADIUS authentication.