Which three parameters are configured in the IKE policy?()A、modeB、preshared keyC、external interfaceD、security proposalsE、dead peer detection settings
Which three parameters are configured in the IKE policy?()
- A、mode
- B、preshared key
- C、external interface
- D、security proposals
- E、dead peer detection settings
相关考题:
Click the Exhibit button.Referring to the exhibit, which statement contains the correct gateway parameters?() A. [edit security ike] user@host# show gateway ike-phase1-gateway { policy ike-policy1; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }B. [edit security ike] user@host# show gateway ike-phase1-gateway { ike-policy ike-policy1; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }C. [edit security ike] user@host# show gateway ike-phase1-gateway { policy ike1-policy; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }D. [edit security ike] user@host# show gateway ike-phase1-gateway { ike-policy ike1-policy; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }
You are configuring an SRX210 as a firewall enforcer that will tunnel IPsec traffic from several Junos Pulse users.Which two parameters must you configure on the SRX210?() A. access profileB. IKE parametersC. tunneled interfaceD. redirect policy
Which three parameters are configured in the IKE policy? ()(Choose three.) A. modeB. preshared keyC. external interfaceD. security proposalsE. dead peer detection settings
Which two parameters are configured in IPsec policy? ()(Choose two.) A. modeB. IKE gatewayC. security proposalD. Perfect Forward Secrecy
Which three firewall user authentication objects can be referenced in a security policy? ()(Choose three.) A. access profileB. client groupC. clientD. default profileE. external
Which statement contains the correct parameters for a route-based IPsec VPN?() A. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface ge-0/0/1.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }B. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; } policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }C. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200;} policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { bind-interface ge-0/0/1.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }D. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { bind-interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }
Which three statements are true when configuring Cisco IOS Firewall features using the SDM? ()A、A custom application security policy can be configured in the Advanced Firewall Security Configuration dialog box.B、An optional DMZ interface can be specified in the Advanced Firewall Interface Configuration dialog box.C、Custom application policies for e-mail, instant messaging, HTTP, and peer-to-peer services can be created using the Intermediate Firewall wizard.D、Only the outside (untrusted) interface is specified in the Basic Firewall Interface Configuration dialog box.E、The outside interface that SDM can be launched from is configured in the Configuring Firewall for Remote Access dialog box.F、The SDM provides a basic, intermediate, and advanced firewall wizard.
Which two mechanisms can be used to detect IPsec GRE tunnel failures?()A、Dead Peer Detection (DPD)B、CDPC、isakmp keepalivesD、GRE keepalive mechanismE、The hello mechanism of the routing protocol across the IPsec tunnel
Which two parameters are configured in IPsec policy?()A、modeB、IKE gatewayC、security proposalD、Perfect Forward Secrecy
Which two configuration elements are required for a policy-based VPN?()A、IKE gatewayB、secure tunnel interfaceC、security policy to permit the IKE trafficD、security policy referencing the IPsec VPN tunnel
It is considered a best practice to use the Dead Peer Detection (DPD) feature with which VPN topologies?()A、IPSecB、IPSec with GREC、DMVPND、EZVPNE、all of the choices
You are configuring an SRX210 as a firewall enforcer that will tunnel IPsec traffic from several Junos Pulse users.Which two parameters must you configure on the SRX210?()A、access profileB、IKE parametersC、tunneled interfaceD、redirect policy
Which three parameters are configured in the IKE policy? ()(Choose three.)A、modeB、preshared keyC、external interfaceD、security proposalsE、dead peer detection settings
Which two parameters are configured in IPsec policy? ()(Choose two.)A、modeB、IKE gatewayC、security proposalD、Perfect Forward Secrecy
Which attribute is required for all IKE phase 2 negotiations?()A、proxy-IDB、preshared keyC、Diffie-Hellman group keyD、main or aggressive mode
Which three firewall user authentication objects can be referenced in a security policy? ()(Choose three.)A、access profileB、client groupC、clientD、default profileE、external
Under which Junos hierarchy level are security policies configured?()A、[edit security]B、[edit protocols]C、[edit firewall]D、[edit policy-options]
Which two configuration elements are required for a route-based VPN?()A、secure tunnel interfaceB、security policy to permit the IKE trafficC、a route for the tunneled transit trafficD、tunnel policy for transit traffic referencing the IPsec VPN
You are the network administrator for Test King. The network consists of a single Active Directory domain named The domain contains Windows Server 2003 computers and Windows XP Professional computers. The Default Domain Policy has been modified by importing a security template file, which contain several security settings. A server named TestKing1 cannot run a program that us functioning on other similarly configured servers. You need to find out whether additional security settings have been added to the local security policy on TestKing1. To troubleshoot, you want to use a tool to compare the current security settings on TestKing1 against the security template file in order to automatically identify any settings that might have been added to the local security policy. Which tool should you run on TestKing1?()A、Microsoft Baseline Security Analyzer (MBSA)B、Security Configuration and Analysis consoleC、gpresult.exeD、Resultant Set of Policy console in planning mode
You are the network administrator in the New York office of TestKing. The company network consists of a single Active Directory domain The New York office currently contains one Windows Server 2003 file server named TestKingA. All file servers in the New York office are in an organizational unit (OU) named New York Servers. You have been assigned the Allow - Change permission for a Group Policy object (GPO) named NYServersGPO, which is linked to the New York Servers OU. The written company security policy states that all new servers must be configured with specified predefined security settings when the servers join the domain. These settings differ slightly for the various company offices. You plan to install Windows Sever 2003, on 15 new computers, which all functions as file servers. You will need to configure the specified security settings on the new file servers. TestKingA currently has the specified security settings configured in its local security policy. You need to ensure that the security configuration of the new file servers is identical to that of TestKingA. You export a copy of TestKingA's local security policy settings to a template file. You need to configure the security settings of the new servers, and you want to use the minimum amount of administrative effort. What should you do?()A、Use the Security Configuration and Analysis tool on one of the new servers to import the template file.B、Use the default Domain Security Policy console on one of the new servers to import the template file.C、Use the Group Policy Editor console to open NYServersGPO and import the template file.D、Use the default Local Security Policy console on one of the new servers to import the template file.
多选题Which three firewall user authentication objects can be referenced in a security policy? ()(Choose three.)Aaccess profileBclient groupCclientDdefault profileEexternal
单选题You are the network administrator for Test King. The network consists of a single Active Directory domain named The domain contains Windows Server 2003 computers and Windows XP Professional computers. The Default Domain Policy has been modified by importing a security template file, which contain several security settings. A server named TestKing1 cannot run a program that us functioning on other similarly configured servers. You need to find out whether additional security settings have been added to the local security policy on TestKing1. To troubleshoot, you want to use a tool to compare the current security settings on TestKing1 against the security template file in order to automatically identify any settings that might have been added to the local security policy. Which tool should you run on TestKing1?()AMicrosoft Baseline Security Analyzer (MBSA)BSecurity Configuration and Analysis consoleCgpresult.exeDResultant Set of Policy console in planning mode
多选题Which three parameters are configured in the IKE policy?()AmodeBpreshared keyCexternal interfaceDsecurity proposalsEdead peer detection settings
多选题Which two parameters are configured in IPsec policy? ()(Choose two.)AmodeBIKE gatewayCsecurity proposalDPerfect Forward Secrecy
多选题Which three parameters are configured in the IKE policy? ()(Choose three.)AmodeBpreshared keyCexternal interfaceDsecurity proposalsEdead peer detection settings
多选题Which two parameters are configured in IPsec policy?()AmodeBIKE gatewayCsecurity proposalDPerfect Forward Secrecy
单选题It is considered a best practice to use the Dead Peer Detection (DPD) feature with which VPN topologies?()AIPSecBIPSec with GRECDMVPNDEZVPNEall of the choices