从决定参加安全笔试到考试一共4天时间,感觉基本够用了,现在的提比较稳定:141Q+6额外题全涵盖了我这次的所有考题。感谢之前的考友提供的各种信息,我在这里做个总结造福之后的考友:
2 h8 b" e. m _9 C+ b: N% q% B
! |2 {/ o: b1 ?7 h7 r6额外题:
! ^: Y3 R. B( v$ y
4 I+ N! y. Z5 V% x+ M( a' |/ s1, CoA Under Cisco IOS Software, which three features are supported in RADIUS Change of Authorization requests? (Choose three.) | | B. session reauthentication | |
SessionIdentification 2,Which two statements about Cisco ASAauthentication using LDAP are true? (Choose two.)$ R6 g$ R+ ~8 u+ N u6 d- E3 @
0 V" H& _# L6 R$ ]& l' e9 f' b. x1 e2 E
A. It uses attribute maps to map the AD memberOf attribute to the cisco ASA Group-Poilcy attribute- O, M0 F*i" s1 j e; ~8 T. ~4 r. M' h, T* n8 Y- ?
B. It uses AD attribute maps to assign users togroup policies configured under the WebVPN context4 Z( t5 W6u% b) e- s/ W0 x* }' j
2 V6 K- x3 X/ h1 ?! XC. The Cisco ASA can use more than one AD memberOf attribute to match a user to multiple group policies* m1 a/ E Y- m9 c; X
D. It can assign a group policy to a user basedon access credentials" D' Y4 p9 k8 ^# G1 `
5 ]2 B h2 c: t; A* ME. It can combine AD attributes and LDPattributes to configure group policies on the Cisco ASA2 K. n. z:H6 T- n0 w9 p4 C* r' I! i5 y; C' @
F. It is a closed standard that managesdirectory-information services over distributed networks& W!K! t, {7 Z/ K
$ c9 V' c* a8 z r+ c4 g+ ]2 W: E) x
Answer: A, B8 b J2 R% f' v/ Y/ e* S1 K
* S+ ^9 U+ c, e; H4 {
( z, z% G7 [+ v, U! N0 o K
( V# K [# s- R8 w: a3,Whichthree statements about the keying methods used by MAC Sec are true? (Choosethree.) b) [3 Y% U3 L
% z2 v* }8 |; U R, o I6 V$ d: }A. MKA is implemented as an EAPoL packetexchange.& ]0 Y; { S" ^
B. SAP is enabled by default for Cisco TrustSecin manual configuration mode.* W E1 p4 L7y ?* s0 R
% {4 e% q/ y% D0 h R# XC. SAP is supported on SPAN destination ports.
2 a; ^) N2 a; _8 nD. Key management for host-to-switch andswitch-to-switch MACSec sessions is provided by MKA.' J6 k]w p, X] p9 F6 D
0 B8 r |0 g( s6 }/ \# R! YE. SAP is not supported on switch SVIs.- K; _]u Z7 ?, N
# h3 p% M9 P& z3 ^/ BF. A valid mode for SAP is NULL.
8 k+ G2 T$ z. K% X9 d* r, w# b% Z7 g; L" T! X, P+ a3 ~! t7 K4 M6 K0 P
Answer: A, E, F 4,其中问哪个是stream cipher的直接选RC4. 5,BGP的题目是BGP for TTL Security Check是干什么用的—单选 选含有for CPU utilization-based attacks的选项. 6, file:////Users/lexin/Library/Group%20Containers/UBF8T346G9.Office/msoclip1/01/clip_image002.png
" {+ W0 Z: h$ ~ h至于141题库的准确性:
. |4 P! E1 ]2 _/ ~! z: m
有争议的题目我有3个:
H- v3 ^! {" ]# N/ l3 k. q% B+ v%R, l j! K+ r2 X: V. m- t& k) i; V
101, AEF, 5 Ghz, WPA加密,wep加密都是错的,选剩下的。2 g% C3 t' S$ T, F( ~
+ y, f; j( R H2 R# f0 G105,有人提到过,MSE和wIPSMonitor Mode是反的。 p#g8 h# ^$ q& x5 w# F( b' V) e: b7 n
135, 选B和Da view is created.)Z1 ' Q" w0 r$ ~! i- r p; l3 l' f! O5 W
其他的我个人觉得应该没什么问题,目前题目稳定,考位也很多,有需要的考友尽快吧
/ O+ i# O6 f; }8 f3 s |