 成长值: 64615
|
题目不是很完整,答案仅供参考. P4 M6 _! r" s: A+ E+ Z( j
' l) J9 Z& x, j" U2 q9 v: x3 U
* c& _$ Q8 B. MQuestion 01 –% T' s [- u# }# E
Witch access list entry checks for an ACK within a packet header?
. f0 \$ W9 b' f4 x9 Y, KA access-list 49 permit ip any any eq 21 tcp-ack
6 Z! j0 C% |3 y' ^8 A: xB access-list 49 permit tcp any any eq 21 tcp-ack
! `# _; m! e8 V& D. y0 m0 mC access-list 149 permit tcp any any eq 21 established# G) z" o' Y6 F# j1 y
D access-list 49 permit tcp any any eq 21 established7 e. a* j) d% Q) H7 J( a8 Q( f
Answer: C; _4 r2 f; |) `
=================================================================================/ S' C& K( c2 ]% X" D
Question 02:- j9 P7 `) q% S/ N& C+ z
Which option is one way to mitigate symmetric routing on an active/active firewall setup for TCP-based connections?% Z% U9 y% R- T% ]* s
A performing packet captures
a! |! d0 Y# u. r6 y) MB disabling asr-group commands on interfaces that are likely to receive asymetric traffic
* o+ n i- v' N9 ~% YC replacing them with redundant routers and allowing load balancing$ {6 o- e2 c$ c! p4 F: D
D disabling stateful TCP checks U& ]7 j7 H* G- C- I+ x. ?
Answer: D+ |* Z. \" a; q; h+ \& N1 P
=================================================================================- m: A, i2 O% l+ L* c4 x9 U7 l
Question 03:; Q% v7 Y! B, `. `# z8 ^
A network engineer executes the show ip cache flow command. Witch two types of information are displayed in the report that is generated? Choose two:# W! D* D/ V7 m! N' s4 S
A top talkers. O4 `& V3 G! R% b; W. I
B flow export statistics
6 _8 h6 W9 _, |- \C flow sample for specific protocols) S1 Q8 K& @: f) [' A5 Q
D MLS flow traffic7 ?; }: }% N# |# h! n8 V5 ^: u
E IP packet distribution
# n! h2 F6 P) DAnswer: C & E
# N- {1 F: O8 Y) J=================================================================================. t( ]% v7 Q& M1 z
Question 04:
' p) F' |% ]% C9 YWhich DHCP option provides a TFTP server that Cisco phones can use to download a configuration?( O5 N8 y, M9 o9 N; R; C& X
A DHCP Option 66# a7 B2 [: ~% `
B DHCP Option 68( }+ V: k H7 h, B
C DHCP Option 82
. p7 a& H) b& F0 ?D DHCP Option 57
Z; Y4 I" V- I3 N2 zAs: A
0 o) P* O o1 J) y. K8 m( b! G6 _=================================================================================
9 w1 \ Y4 U/ Y6 d, m4 J" y; ^Question 05:6 W5 V+ \# N" I/ |% T
Drag and Drop( a6 N: R- Y' t' v
Authentication (two sentences) >>>
: Q" Y6 w1 G) _9 l0 k– supports a local database for device access9 ~5 v4 A' I9 E' H
– supports encryption
5 ~' H, p, d( W* E' Q# I! iAccounting (two sentences) >>>! ]5 }4 p; P Z2 q
-not supported with local AAA; _9 G1 _6 ] X* k* ?, Z8 `
-verifies network usage
5 J: a) ~! t* w6 G' G! c u- BAuthorization (two sentences) >>>
0 ?5 a+ h* W, n1 c9 ?+ O0 G– specifies a user’s specific access privileges
: L$ ~" Q$ w/ Q– enforces time periods during which a user can access the device# ~1 g2 v. B* ^1 k
=================================================================================1 z5 O% C# Y4 n" g
Question 06:
9 H! ~* x. `, U0 q4 J8 `-drag and drop
+ Z: o( w6 [6 F% QCHAP (two sentences) >>>7 D2 P9 {0 X' q* `! e$ C
– Generates a unique string for each transaction
9 D2 ?% K% [& ~8 K$ ?4 W– supports mid-session re-authentication+ f3 n8 A1 q# l/ ?9 n+ y/ P7 Y
PAP (two sentences) >>>4 b# m/ J# r$ B: D- N
– provides minimal security# p! r( K- C0 N( i7 w0 S- k' P4 ^
– requires a username and password only
! N7 a+ g/ Z% T9 y1 G3 Q=================================================================================' v2 Y1 W* j) k6 B6 Y1 F4 R$ |
Question 07:
7 F2 i* ?( h' r7 O0 o: gthere is a choice on flow…..a customer what …..i dontremind well f% m/ `) o' S" \0 U5 u9 W
A.PMTUD. M& d0 n! ]* a% {
B.MTU
4 E# w% l3 }. ?( g2 IC IP MTU
) f N( k7 p8 v: X, s; ?=================================================================================
8 r& F* X+ j7 b, uQuestion 08) W2 w q% s7 R# |5 R2 ~9 M
Radius >>>
7 t$ }; I) A( U# a8 }uses udp port 1812 (for authentication / authorization). It encrypts only the password in the access-request packet, from the client to the server. The remainder of the packet is unencrypted.
/ Z# N2 y4 E9 ]" DIt combines authorization and accounting functions.* q3 W. w1 w! b/ `" c }
Tacacs+ >>>
5 j2 w, r/ I% L/ Nusers tcp port 49 and encrypts the entire packet.
2 D" v% T$ D1 f9 j L; v WIt separates authorization and accounting functions.& ]- N, s# ~. r8 K0 f
=================================================================================6 d: O! z; Y- W* u# j
Question 09:" B- ~% N* Q" X! P6 S( y% `4 T( a& F# @
you have to “link” this 4 sentences:0 d# o! s7 y2 G, P. o
Ans:/ i# A3 T, O. O" l4 x# A
network-specific stateful NAT64 prefix: IPV6 prefix assigned by an orginzation
& q3 ~5 `6 u2 J5 cNAT64 : supports application layer gateway/ z1 P7 |- ]7 N P# S% J* T
NPTv6 : translates 2001:1::/64 to 2001:2::/64
1 N, N6 Q" [' i/ D8 f4 B0 e7 jwell-known stateful NAT64 prefix: supports IPV6 prefix 64:ff9b::/96
7 C7 v/ Y2 X4 Q2 E* m. K* o, ^" g=================================================================================
& o3 l2 Y0 T6 X+ V; DQuestion 10:
6 c5 E- o, z. ^8 T8 U) N7 PCommand in uRPF loose mode
5 G% J! `& q9 T. \a. ip verify unicast source reachable-via any
" I1 _8 l" A. d& YAns: A; ^3 ~: X' \7 _5 E+ _: Q/ X+ U
=================================================================================/ z7 h( x- \% U$ V. l
Question:11
* ^ y. ]) X7 R% C" _; ?8 z$ i/ XTwo GRE scenarios for preventing
/ L0 Q9 l! i! ?) tA) TCP MSS
( l N/ D# |3 J' ^' s9 HB) DF Bit1 ]7 P! q: b- e
Ans: A & B
+ r5 Q7 b( `( g=================================================================================
- C7 l! w! v& ?% g) V; g% \Question 12:' G# q4 j& r& B- n) m5 k# b
Which feature enables security in vty lines.”7 B M1 y x7 v1 T" @1 ?7 `
a. exec-time out
+ a& a Q- _0 B0 G( \- xb. logging) N6 B* v6 n2 ^, T( v6 d# i
c. username and password4 I4 }, z) G$ X1 z+ [& X- P4 C
d. transport out
! F9 A$ H) e1 Z/ @4 r8 S- _Answer C2 E- o" E9 ]* E2 g5 I
=================================================================================+ h! C B. P9 u3 u" O, c, N# \5 `
Question 13:2 E1 M, V: ` C+ B* o; F
Which feature enables security in vty lines.”
e Z# b. o% S7 g. H6 z; ^4 n+ @a. exec-time out
1 U% g9 I3 [% Q( \' U: D6 Jb. logging2 a# f6 ?: ^% P7 V$ Y! m
c. username and password7 y5 Z% K# s4 R1 L7 e
d. transport out
+ M, l f& c0 E5 @6 TAnswer: C
) u' ~* D5 B# O' [=================================================================================
4 l# M4 {; y1 i: v/ G! C# [0 b1 |Question 14:
5 `0 ]% o( d) @Given ((diagram with R1 SLA config)) with configuration written on Picture as
% y6 y, B( ~- }+ ]) H“R(Config)#ip sla 1) o6 \3 f. F' c1 ~3 y$ @7 o
R1(Config-ip-sla)#icmp-echo 172.20.20.2 source-interface f1/04 K. @0 g7 D! m+ `9 ^+ Z
R1(Config-ip-sla)#frequency 10
2 e1 l% r# y: Y3 j i, DR1(Config-ip-sla)#threshold 100+ k. S2 a7 l M) T+ q; i* W/ e5 J
R1(Config)#ip sla schedule 1 start-time now life forever
* w; J4 A2 I$ a3 eR1(Config)#track 10 ip sla ???-
. ], v# D% K6 CR1(Config)#ip route 0.0.0.0.0 0.0.0.0 172.20.20.2- B1 w4 D# F. `6 c- T) q7 E2 T
what make default route not removed when SLA state down or failed' c+ G. `$ v- ?2 u0 B8 r# g4 o1 t
a. the destination must be 172.30.30.2 for icmp-echo
8 m) {: V+ c: ab.the threshold value is wrong
; g3 }' Z/ G. u* |. m0 k1 z5 G$ Wc.
& P2 j& k; N/ ?d. missing of track feature on default static route command, H% z# J$ T$ u+ G* B5 G, A
Answer : D! g. |9 M6 T" A8 w- b
9 B# z6 y9 l& K; D. {8 {2 S
1 {* s! e \, g+ A0 e3 U
) _1 R, G# o9 d( L9 T, S |
|
简体中文
英语
日语
韩语
法语
西班牙语
越南语
泰语
阿拉伯语
俄语
葡萄牙语
德语
意大利语
希腊语
荷兰语
波兰语
保加利亚语
爱沙尼亚语
丹麦语
芬兰语
捷克语
罗马尼亚语
斯洛文尼亚语
瑞典语
匈牙利语
繁体中文
文言文
[复制链接]
发表于 2017-4-5 09:16:41
置顶卡
喧嚣卡
变色卡
千斤顶
发表于 2017-4-5 09:26:31
