请先登录
您需要 登录 才可以下载或查看,没有账号?论坛注册
x
基本141Q题目覆盖90%,碰到几个新题和之前有人发过的题,一并总结如下:
' C$ u, X2 [# h8 u141Q里面的答案不一定对,但是要记住考过应该问题不大。
+ W8 J6 }% z) B1 R. H, R: M其他人考过的,提到的题目这次都碰到了。
3 e" [$ }' m6 L1. BGP TTL Security,可以查下cisco文档,http://www.cisco.com/c/en/us/td/ ... /guide/fs_btsh.html. Z, I% x7 F- Z; d/ w' H% [/ j. u" h
BGP Support for TTL Security Check
5 d! G) \5 ~7 |) N AThe BGP Support for TTL Security Check feature introduces a lightweight security mechanism to protect external Border Gateway Protocol (eBGP) peering sessions from CPU utilization-based attacks using forged IP packets. Enabling this feature prevents attempts to hijack the eBGP peering session by a host on a network segment that is not part of either BGP network or by a host on a network segment that is not between the eBGP peers. 2. CoA : 主要考session terminate,reauthentication等,看看这个文档吧 http://www.cisco.com/c/en/us/td/ ... ok/sec-rad-coa.html2 B f+ \$ F- Q6 u+ G" k; T
3. 还有一个问哪个是stream cipher?6 C8 _- U3 o- u$ @' \& w
$ l" z8 `; O f( u4 R4.
0 D! Z9 _" ?/ A$ I) {6 v9 g| Which three statements about the keying methods used by MACSec are true? (Choose three.) | + Y! _* K% u( d* K* p2 ]# R& p
| | B. A valid mode for SAP is NULL. | | C. MKA is implemented as an EAPoL packet exchange. |
1 p7 \" L3 b. X# e3 \2 Y | | E. SAP is not supported on switch SVIs. | 5 |