You have a firewall filter containing two terms applied in an inbound direction on a customer interface.You would like this filter to protect your network from a spoofed denial of service attack. Which match criterion should be configured ito identify unwanted packets?()A、from source-portB、from source-addressC、from destination-addressD、from destination-port
You have a firewall filter containing two terms applied in an inbound direction on a customer interface.You would like this filter to protect your network from a spoofed denial of service attack. Which match criterion should be configured ito identify unwanted packets?()
- A、from source-port
- B、from source-address
- C、from destination-address
- D、from destination-port
相关考题:
You need to control SSH, HTTP, and Telnet access to an MX240 router through any interface.You have decided to use a firewall filter. How should you apply the firewall filter?() A. as an outbound filter on interface fxp0B. as an outbound filter on interface lo0C. as an inbound filter on interface fxp0D. as an inbound filter on interface lo0
You have a firewall enforcer receiving resource access policies from a Junos Pulse Access Control Service. You are using Network and Security Manager (NSM) for configuration management on that firewall. The firewall can also be configured using its built-in command-line interface (CLI) or Web-based user interface (WebUI).To avoid conflicting configurations, which two interfaces must you use to configure the firewall enforcer?()A. CLIB. WebUIC. NSMD. Junos Pulse Access Control Service
Which two features protect the ERX Edge Router from denial-of-service attacks? ()(Choose two.) A. rate limiting of ICMPB. RADIUS authorizationsC. source address validationD. stateful firewall on the router
You have a firewall filter applied in an inbound direction on a customer interface. You would like this filter to protect your network from a spoofed denial of service attack. Which action should be configured to accomplish your goal?()A. then rejectB. then discardC. then next filterD. then silent-drop
You have a firewall filter containing two terms applied in an inbound direction on a customer interface.You would like this filter to protect your network from a spoofed denial of service attack. Which match criterion should be configured ito identify unwanted packets?()A. from source-portB. from source-addressC. from destination-addressD. from destination-port
A firewall filter is applied as an input filter on a transit interface. What three types of traffic will this affect? () A. inbound traffic transiting the routerB. outbound traffic transiting the routerC. traffic destined to the Routing EngineD. traffic destined to the interface address on which the filter is applied
A packet is evaluated against three user-defined terms within a firewall filter and no match is found. What correctly describes the action the firewall filter will take for this packet?()A、The filter will permit the packet and take no additional actionB、The filter will reject the packet and send an ICMP message back to the senderC、The filter will discard the packet and take no additional actionD、The filter will permit the packet and write a log entry to the firewall log
You need to control SSH, HTTP, and Telnet access to an MX240 router through any interface.You have decided to use a firewall filter. How should you apply the firewall filter?()A、as an outbound filter on interface fxp0B、as an outbound filter on interface lo0C、as an inbound filter on interface fxp0D、as an inbound filter on interface lo0
You need to control SSH. HTTP, and Telnet access to an MX240 router through any interface. You have decided to use a firewall filter. How should you apply the firewall filter?()A、as an outbound filter on interface fxp0B、as an outbound filter on interface lo0C、as an inbound filter on interface fxp0D、as an inbound filter on interface lo0
Which three statements accurately describe IOS Firewall configurations?()A、The IP inspection rule can be applied in the inbound direction on the secured interfaceB、The IP inspection rule can be applied in the outbound direction on the unsecured interfaceC、The ACL applied in the inbound direction on the unsecured interface should be an extendedACL.D、For temporary openings to be created dynamically by Cisco IOS Firewall, the access-list for thereturning traffic must be a standard ACL
You have a firewall filter applied in an inbound direction on a customer interface. You would like this filter to protect your network from a spoofed denial of service attack. Which action should be configured to accomplish your goal?()A、then rejectB、then discardC、then next filterD、then silent-drop
You have a firewall filter containing two terms applied in an inbound direction on a customer interface. You would like this filter to protect your network from a spoofed denial of service attack. What match criterion should be used in the first term of the filter?()A、Source TCP portB、Source IP addressC、Destination TCP portD、Destination IP address
You need to control SSH, HTTP, and Telnet access to an MX240 router through any interface. You have decided to use a firewall filter. How should you apply the firewall filter?()A、as an outbound filter on interface fxp0B、as an outbound filter on interface lo0C、as an inbound filter on interface fxp0D、as an inbound filter on interface lo0
A firewall filter is applied as an input filter on a transit interface. What three types of traffic will this affect? ()A、inbound traffic transiting the routerB、outbound traffic transiting the routerC、traffic destined to the Routing EngineD、traffic destined to the interface address on which the filter is applied
You have a firewall enforcer receiving resource access policies from a Junos Pulse Access Control Service. You are using Network and Security Manager (NSM) for configuration management on that firewall. The firewall can also be configured using its built-in command-line interface (CLI) or Web-based user interface (WebUI). To avoid conflicting configurations, which two interfaces must you use to configure the firewall enforcer?()A、CLIB、WebUIC、NSMD、Junos Pulse Access Control Service
Which two features protect the ERX Edge Router from denial-of-service attacks? ()(Choose two.)A、rate limiting of ICMPB、RADIUS authorizationsC、source address validationD、stateful firewall on the router
You need to identify the types of inbound traffic that should pass through the perimeter firewall while maintaining the security of the network. Which inbound traffic should be allowed?()A、VPN TrafficB、DNS TrafficC、LDAP TrafficD、HTTP TrafficE、HTTPS TrafficF、Traffic from the network address of 192.168.10/24
Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 has the Routing and Remote Access service (RRAS) role service installed.You need to view all inbound VPN packets. The solution must minimize the amount of data collected.What should you do?()A、From RRAS,create an inbound packet filter.B、From Network Monitor,create a capture filter.C、From the Registry Editor,configure file tracing for RRAS.D、At the command prompt,run netsh.exe ras set tracing rasauth enabled.
You have a server that runs Windows Server 2003 Service Pack 2 (SP2). The server is configured as a network address translation (NAT) router. The server has two network adapters and provides Internet access for the network.You need to prevent traffic on port 21 from being sent to the Internet. All other outbound traffic must be allowed.What should you do?() A、On the network adapter that is connected to the LAN, enable TCP/IP filtering. B、On the network adapter that is connected to the Internet, enable TCP/IP filtering. C、From the Routing and Remote Access snap-in, open the properties of the interface connected to the Internet, select the Services and Ports tab, and define a new service. D、From the Routing and Remote Access snap-in, open the properties of the interface connected to the Internet, select the NAT/Basic Firewall tab, and define a new static packet filter.
A Windows Communication Foundation (WCF) solution uses two services to manage a shopping cart. Service A processes messages containing line items that total between $0 and $500. Service B processes messages containing line items that total more than $500. All messages are of equal importance to the business logic. You need to route incoming messages to the appropriate services by using WCF routing. Which two message filters should you add to the router? (Each correct answer presents part of the solution. Choose two.)()A、a message filter with a priority of 100 that will forward messages that total between $0 and $500 to Service AB、a message filter with a priority of 0 that will forward messages that total between $0 and $500 to Service AC、a message filter with a priority of 0 that will forward all messages to Service BD、a message filter with a priority of 100 that will forward all messages to Service B
You work as the Exchange administrator at Company.com.The Company.com network contains an Exchange Server 2010 Organization.Company.com has its headquarters in Paris where you are located.you are responsible for managing two exchange servers named -ex01 and -ex02.both exchange servers are configured to host the client access server role, the hub transport server role as well as the mailbox server role.terstkingex01 and -ex02 are members of a database availability group.during the course of the week you receive an instruction from management to ensure that users are able to make a connection to the client access server in the event of a single server failure. What should you do?()A、Your best option would be to have the Network Load Balancing feature installed on every server.Thereafter a second IP address should be assigned to every network adapter.B、Your best option would be to have two new records created for the Client Access server from the DNS manager.C、Your best option would be to have a hardware load balancer deployed. Then a DNS record should be created for the virtual IP address. Thereafter a Client Access server array should be configured.D、Your best option would e to have a new service named Client Access Server created and a new IP address allocated from the Failover Cluster Manager.
多选题Click the Exhibit button. In the exhibit,the protect-re filter is applied as an input filter on the lo0.0 interface and all possible services are enabled under [edit system services]. Which two methods can you use to access the router?()AFTPBSSHCTelnetDJ-Web
单选题You have a firewall filter containing two terms applied in an inbound direction on a customer interface.You would like this filter to protect your network from a spoofed denial of service attack. Which match criterion should be configured ito identify unwanted packets?()Afrom source-portBfrom source-addressCfrom destination-addressDfrom destination-port
单选题You need to control SSH. HTTP, and Telnet access to an MX240 router through any interface. You have decided to use a firewall filter. How should you apply the firewall filter?()Aas an outbound filter on interface fxp0Bas an outbound filter on interface lo0Cas an inbound filter on interface fxp0Das an inbound filter on interface lo0
多选题You need to identify the types of inbound traffic that should pass through the perimeter firewall while maintaining the security of the network. Which inbound traffic should be allowed?()AVPN TrafficBDNS TrafficCLDAP TrafficDHTTP TrafficEHTTPS TrafficFTraffic from the network address of 192.168.10/24
单选题A packet is evaluated against three user-defined terms within a firewall filter and no match is found. What correctly describes the action the firewall filter will take for this packet?()AThe filter will permit the packet and take no additional actionBThe filter will reject the packet and send an ICMP message back to the senderCThe filter will discard the packet and take no additional actionDThe filter will permit the packet and write a log entry to the firewall log
多选题Which three statements accurately describe IOS Firewall configurations?()AThe IP inspection rule can be applied in the inbound direction on the secured interfaceBThe IP inspection rule can be applied in the outbound direction on the unsecured interfaceCThe ACL applied in the inbound direction on the unsecured interface should be an extendedACL.DFor temporary openings to be created dynamically by Cisco IOS Firewall, the access-list for thereturning traffic must be a standard ACL