Which two of these are advantages of placing the VPN device parallel to the firewall?()A、 high scalabilityB、 the design supports a layered security modelC、 firewall addressing does not need to changeD、 IPsec decrypted traffic is inspected by the firewallE、 there is a centralized point for logging and content inspection
Which two of these are advantages of placing the VPN device parallel to the firewall?()
- A、 high scalability
- B、 the design supports a layered security model
- C、 firewall addressing does not need to change
- D、 IPsec decrypted traffic is inspected by the firewall
- E、 there is a centralized point for logging and content inspection
相关考题:
Which two statements are true regarding firewall user authentication?() (Choose two.) A. When configured for pass-through firewall user authentication, the user must first open a connection to the Junos security remote network resource.B. When configured for Web firewall user authentication only, the user must first open a connection to the Junos security remote network resource.C. If a Junos security device is configured for pass-through firewall user authentication, new sessions are automatically intercepted .D. If a Junos security device is configured for Web firewall user authentication, new sessions are automatically intercepted.
Which two statements are correct about firewall filters in the Junos OS?() A. Firewall filters are stateless.B. Firewall filters are used to control routing information that is exchanged between devices.C. Firewall filters are used to control traffic passing through the device.D. Firewall filters can only be applied to traffic entering the device.
As an experienced technician, you are responsible for Technical Support. One of the trainees is asking your advice on VPN Termination Device and Firewall Placement. Which of the following approaches will you recommend?()A. inline with a firewallB. in a DMZ outside the firewallC. parallel with a firewallD. in a DMZ behind the firewall
Which two of these are advantages of placing the VPN device in the DMZ on the firewall?() A. fewer devices to manageB. moderate-to-high scalabilityC. stateful inspection of decrypted VPN trafficD. increased bandwidth with additional interfacesE. decreased complexity as traffic is filtered from the firewall
Which two of these are advantages of placing the VPN device parallel to the firewall?() A. high scalabilityB. the design supports a layered security modelC. firewall addressing does not need to changeD. IPsec decrypted traffic is inspected by the firewallE. there is a centralized point for logging and content inspection
Which Cisco product is a hardware component that supports content filtering and other gateway security functions for the Catalyst 6500 Series?()A、Cisco Firewall Services Module (FWSM)B、Cisco Private Internet Exchange (PIX) FirewallC、Cisco VPN/Security Management Solution (VMS)D、Cisco Internetwork Operating System (IOS) Firewall
Which two commands can be used to monitor firewall user authentication?()A、show access firewall-authenticationB、show security firewall-authentication usersC、show security audit logD、show security firewall-authentication history
Which two statements are true regarding firewall user authentication?() (Choose two.)A、When configured for pass-through firewall user authentication, the user must first open a connection to the Junos security remote network resource.B、When configured for Web firewall user authentication only, the user must first open a connection to the Junos security remote network resource.C、If a Junos security device is configured for pass-through firewall user authentication, new sessions are automatically intercepted .D、If a Junos security device is configured for Web firewall user authentication, new sessions are automatically intercepted.
Cisco ISP Routers offer which three of these security benefits? (Choose three.) ()A、 onboard VPN acceleratorB、 events correlation and proactive responseC、 high-performance AIM VPN modulesD、 virtual firewallE、 Cisco lOS Firewall and lOS IPSF、 transparent firewall
Which network management solution performs configuration, monitoring, and management of Cisco Firewall, VPN router, and IPS devices as well as maintains network device inventory and software distribution features?()A、 CiscoWorks Security Device Management Center (SD/MC)B、 Security Device Manager (SDM)C、 Adaptive Security Device Manager (ASDM)D、 CiscoWorks VMS/Management Center (VMS/MC)
Which two of these are advantages of placing the VPN device in the DMZ on the firewall?()A、fewer devices to manageB、moderate-to-high scalabilityC、stateful inspection of decrypted VPN trafficD、increased bandwidth with additional interfacesE、decreased complexity as traffic is filtered from the firewall
What is the recommended practice when considering VPN termination and firewall placement?()A、 have the firewall and VPN appliance deployed in parallelB、 place the VPN in line with the firewall, with the VPN terminating inside the firewallC、 place the public side of the VPN termination device in the DMZ behind a firewallD、 place the VPN in line with the firewall, with the VPN terminating outside the firewall
As an experienced technician, you are responsible for Technical Support. One of the trainees isasking your advice on VPN Termination Device and Firewall Placement. Which of the following approaches will you recommend?()A、 inline with a firewallB、 in a DMZ outside the firewallC、 parallel with a firewallD、 in a DMZ behind the firewall
Which two statements are true regarding firewall user authentication?()A、When configured for pass-through firewall user authentication, the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.B、When configured for Web firewall user authentication only, the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.C、If a JUNOS security device is configured for pass-through firewall user authentication, new sessions are automatically intercepted to perform authentication.D、If a JUNOS security device is configured for Web firewall user authentication, new sessions are automatically intercepted to perform authentication.
Which statement accurately describes firewall user authentication?()A、Firewall user authentication provides another layer of security in a network.B、Firewall user authentication provides a means for accessing a JUNOS Software-based security device.C、Firewall user authentication enables session-based forwarding.D、Firewall user authentication is used as a last resort security method in a network.
You have a firewall enforcer protecting sensitive internal resources in a data center. The network traversed by endpoint traffic is semi-trusted, so you need to encrypt the traffic between the endpoints accessing the resources and the firewall enforcer.Which type of policies provide this level of protection?()A、resource access policiesB、Host Enforcer policiesC、source IP enforcement policiesD、IPsec enforcement policies
Which two configuration elements are required for a route-based VPN?()A、secure tunnel interfaceB、security policy to permit the IKE trafficC、a route for the tunneled transit trafficD、tunnel policy for transit traffic referencing the IPsec VPN
You need to identify the types of inbound traffic that should pass through the perimeter firewall while maintaining the security of the network. Which inbound traffic should be allowed?()A、VPN TrafficB、DNS TrafficC、LDAP TrafficD、HTTP TrafficE、HTTPS TrafficF、Traffic from the network address of 192.168.10/24
You are designing a strategy to allow users to gain VPN access to the internal network. What should you do?()A、 Allow all inbound VPN traffic to pass through the internal firewall and the perimeter firewall.B、 Allow all inbound VPN traffic to pass through the perimeter firewall only.C、 Allow all VPN traffic from the source IP address of 131.107.1.14 to pass through the internal firewall.D、 Allow all VPN traffic from the source IP address of 191.168.1.0/24 to pass through the perimeter firewall.
You need to design a method of communication between the IT and HR departments. Your solution must meet business requirements. What should you do?()A、Design a custom IPSec policy to implement Encapsulating Security Payload (ESP) for all IP traffic Design the IPSec policy to use certificate-based authentication between the two departments’ computersB、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersC、Design a customer IPSec policy to implement Encapsulating Payload (ESP) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersD、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use certificate-based authentication between the two departments’ computers
多选题Which three advanced permit actions within security policies are valid?()AMark permitted traffic for firewall user authentication.BMark permitted traffic for SCREEN options.CAssociate permitted traffic with an IPsec tunnel.DAssociate permitted traffic with a NAT rule.EMark permitted traffic for IDP processing.
单选题What is the recommended practice when considering VPN termination and firewall placement?()A have the firewall and VPN appliance deployed in parallelB place the VPN in line with the firewall, with the VPN terminating inside the firewallC place the public side of the VPN termination device in the DMZ behind a firewallD place the VPN in line with the firewall, with the VPN terminating outside the firewall
多选题Which two statements are true regarding firewall user authentication?()AWhen configured for pass-through firewall user authentication, the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.BWhen configured for Web firewall user authentication only, the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.CIf a JUNOS security device is configured for pass-through firewall user authentication, new sessions are automatically intercepted to perform authentication.DIf a JUNOS security device is configured for Web firewall user authentication, new sessions are automatically intercepted to perform authentication.
单选题As an experienced technician, you are responsible for Technical Support. One of the trainees isasking your advice on VPN Termination Device and Firewall Placement. Which of the following approaches will you recommend?()A inline with a firewallB in a DMZ outside the firewallC parallel with a firewallD in a DMZ behind the firewall
多选题Which two of these are advantages of placing the VPN device parallel to the firewall?()Ahigh scalabilityBthe design supports a layered security modelCfirewall addressing does not need to changeDIPsec decrypted traffic is inspected by the firewallEthere is a centralized point for logging and content inspection
多选题Which two of these are advantages of placing the VPN device in the DMZ on the firewall?()Afewer devices to manageBmoderate-to-high scalabilityCstateful inspection of decrypted VPN trafficDincreased bandwidth with additional interfacesEdecreased complexity as traffic is filtered from the firewall
单选题Which network management solution performs configuration, monitoring, and management of Cisco Firewall, VPN router, and IPS devices as well as maintains network device inventory and software distribution features?()A CiscoWorks Security Device Management Center (SD/MC)B Security Device Manager (SDM)C Adaptive Security Device Manager (ASDM)D CiscoWorks VMS/Management Center (VMS/MC)