单选题Based on the configuration shown in the exhibit, what will happen to the traffic matching the security policy?()AThe traffic is permitted through the myTunnel IPSec tunnel only on Tuesdays.BThe traffic is permitted through the myTunnel IPSec tunnel dai
题目
The traffic is permitted through the myTunnel IPSec tunnel only on Tuesdays.
The traffic is permitted through the myTunnel IPSec tunnel daily, with the exception of Mondays.
The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.
The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am.
相似考题
更多“单选题Based on the configuration shown in the exhibit, what will happen to the traffic matching the security policy?()A The traffic is permitted through the myTunnel IPSec tunnel only on Tuesdays.B The traffic is permitted through the myTunnel IPSec tunnel”相关问题
-
第1题:
Router R1, a branch router, connects to the Internet using DSL. Some traffic flows through a GRE and IPsec tunnel, over the DSL connection, destined for an Enterprise network.Which of the following answers best describes the router‘s logic that tells the router, for a given packet, to apply GRE encapsulation to the packet?()
A. When the packet received on the LAN interface is permitted by the ACL listed on the tunnel greacl command under the incoming interface
B. When routing the packet, matching a route whose outgoing interface is the GRE tunnel interface
C. When routing the packet, matching a route whose outgoing interface is the IPsec tunnel interface
D. When permitted by an ACL that was referenced in the associated crypto map
参考答案:B
-
第2题:
Router R1, a branch router, connects to the Internet using DSL. Some traffic flows through a GRE and IPsec tunnel, over the DSL connection, destined for an Enterprise network. Which of the following answers best describes the router's logic that tells the router, for a given packet, to apply GRE encapsulation to the packet?()
- A、When the packet received on the LAN interface is permitted by the ACL listed on the tunnel greacl command under the incoming interface
- B、When routing the packet, matching a route whose outgoing interface is the GRE tunnel interface
- C、When routing the packet, matching a route whose outgoing interface is the IPsec tunnel interface
- D、When permitted by an ACL that was referenced in the associated crypto map
正确答案:B -
第3题:
Which command is needed to change this policy to a tunnel policy for a policy-based VPN?() [edit security policies from-zone trust to-zone untrust] user@host# show policy tunnel-traffic { match { source-address local-net; destination-address remote-net; application any; then { permit; } }
- A、set policy tunnel-traffic then tunnel remote-vpn
- B、set policy tunnel-traffic then permit tunnel remote-vpn
- C、set policy tunnel-traffic then tunnel ipsec-vpn remote-vpn permit
- D、set policy tunnel-traffic then permit tunnel ipsec-vpn remote-vpn
正确答案:D -
第4题:
Which configuration shows the correct application of a security policy scheduler?()
- A、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } scheduler-name now; } } }
- B、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }
- C、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn scheduler-name now; } } } }
- D、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; scheduler-name now; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }myTunnel;
正确答案:B -
第5题:
Which three advanced permit actions within security policies are valid?()
- A、Mark permitted traffic for firewall user authentication.
- B、Mark permitted traffic for SCREEN options.
- C、Associate permitted traffic with an IPsec tunnel.
- D、Associate permitted traffic with a NAT rule.
- E、Mark permitted traffic for IDP processing.
正确答案:A,C,E -
第6题:
Based on the configuration shown in the exhibit, what are the actions of the security policy?() [edit schedulers] user@host# show scheduler now { monday all-day; tuesday exclude; wednesday { start-time 07:00:00 stop-time 18:00:00; } thursday { start-time 07:00:00 stop-time 18:00:00; } } [edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps;} then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now;
- A、The policy will always permit transit packets and use the IPsec VPN myTunnel.
- B、The policy will permit transit packets only on Monday, and use the IPsec VPN Mytunnel.
- C、The policy will permit transit packets and use the IPsec VPN myTunnel all day Monday and Wednesday 7am to 6pm, and Thursday 7am to 6pm.
- D、The policy will always permit transit packets, but will only use the IPsec VPN myTunnel all day Monday and Wednesday 7am to 6pm, and Thursday 7am to 6pm.
正确答案:C -
第7题:
单选题Based on the configuration shown in the exhibit, what will happen to the traffic matching the security policy?()AThe traffic is permitted through the myTunnel IPSec tunnel only on Tuesdays.
BThe traffic is permitted through the myTunnel IPSec tunnel daily, with the exception of Mondays.
CThe traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.
DThe traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am.
正确答案: D解析: 暂无解析 -
第8题:
单选题Which command is needed to change this policy to a tunnel policy for a policy-based VPN?() [edit security policies from-zone trust to-zone untrust] user@host# show policy tunnel-traffic { match { source-address local-net; destination-address remote-net; application any; then { permit; } }Aset policy tunnel-traffic then tunnel remote-vpn
Bset policy tunnel-traffic then permit tunnel remote-vpn
Cset policy tunnel-traffic then tunnel ipsec-vpn remote-vpn permit
Dset policy tunnel-traffic then permit tunnel ipsec-vpn remote-vpn
正确答案: B解析: 暂无解析 -
第9题:
单选题Which command is needed to change this policy to a tunnel policy for a policy-based VPN?() [edit security policies from-zone trust to-zone untrust] user@host# show policy tunnel-traffic { match { source-address local-net; destination-address remote-net; application any; then { permit; } }Aset policy tunnel-traffic then tunnel remote-vpn
Bset policy tunnel-traffic then permit tunnel remote-vpn
Cset policy tunnel-traffic then tunnel ipsec-vpn remote-vpn permit
Dset policy tunnel-traffic then permit tunnel ipsec-vpn remote-vpn
正确答案: A解析: 暂无解析 -
第10题:
单选题Given the configuration shown in the exhibit, what will happen to traffic from source 10.10.10.25 destined to 200.200.200.1?()AThe traffic will be rejected
BThe traffic will be dropped
CThe traffic will be forwarded
DThe traffic will be policed
正确答案: C解析: 暂无解析 -
第11题:
多选题Which two configuration elements are required for a route-based VPN?()Asecure tunnel interface
Bsecurity policy to permit the IKE traffic
Ca route for the tunneled transit traffic
Dtunnel policy for transit traffic referencing the IPsec VPN
正确答案: B,A解析: 暂无解析 -
第12题:
单选题Based on the configuration shown in the exhibit, what will happen to the traffic matching thesecurity policy?() [edit schedulers] user@host# showscheduler now { monday all-day; tuesday exclude; wednesday { start-time 07:00:00 stop-time 18:00:00; } thursday { start-time 07:00:00 stop-time 18:00:00; } } [edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }AThe traffic is permitted through the myTunnel IPsec tunnel only on Tuesdays.
BThe traffic is permitted through the myTunnel IPsec tunnel daily, with the exception of Mondays.
CThe traffic is permitted through the myTunnel IPsec tunnel all day on Mondays and Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.
DThe traffic is permitted through the myTunnel IPsec tunnel all day on Mondays and Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am
正确答案: A解析: 暂无解析 -
第13题:
To securely transport EIGRP traffic, a network administrator will build VPNs between sites. What is the best method to accomplish the transport of EIGRP traffic?()A. IPSec in tunnel mode
B. IPSec in transport mode
C. GRE with IPSec in transport mode
D. GRE with IPSec in tunnel mode
参考答案:C
-
第14题:
Based on the configuration shown in the exhibit, what will happen to the traffic matching thesecurity policy?() [edit schedulers] user@host# showscheduler now { monday all-day; tuesday exclude; wednesday { start-time 07:00:00 stop-time 18:00:00; } thursday { start-time 07:00:00 stop-time 18:00:00; } } [edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }
- A、The traffic is permitted through the myTunnel IPsec tunnel only on Tuesdays.
- B、The traffic is permitted through the myTunnel IPsec tunnel daily, with the exception of Mondays.
- C、The traffic is permitted through the myTunnel IPsec tunnel all day on Mondays and Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.
- D、The traffic is permitted through the myTunnel IPsec tunnel all day on Mondays and Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am
正确答案:C -
第15题:
To securely transport EIGRP traffic, a network administrator will build VPNs between sites. What is the best method to accomplish the transport of EIGRP traffic?()
- A、IPSec in tunnel mode
- B、IPSec in transport mode
- C、GRE with IPSec in transport mode
- D、GRE with IPSec in tunnel mode
正确答案:C -
第16题:
Which three advanced permit actions within security policies are valid?() (Choose three.)
- A、Mark permitted traffic for firewall user authentication.
- B、Mark permitted traffic for SCREEN options.
- C、Associate permitted traffic with an IPsec tunnel.
- D、Associate permitted traffic with a NAT rule.
- E、Mark permitted traffic for IDP processing.
正确答案:A,C,E -
第17题:
Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)
- A、Traffic is permitted from the trust zone to the untrust zone.
- B、Intrazone traffic in the trust zone is permitted.
- C、All traffic through the device is denied.
- D、The policy is matched only when no other matching policies are found.
正确答案:C,D -
第18题:
Which two configuration elements are required for a route-based VPN?()
- A、secure tunnel interface
- B、security policy to permit the IKE traffic
- C、a route for the tunneled transit traffic
- D、tunnel policy for transit traffic referencing the IPsec VPN
正确答案:A,C -
第19题:
多选题Which three advanced permit actions within security policies are valid?()AMark permitted traffic for firewall user authentication.
BMark permitted traffic for SCREEN options.
CAssociate permitted traffic with an IPsec tunnel.
DAssociate permitted traffic with a NAT rule.
EMark permitted traffic for IDP processing.
正确答案: C,E解析: 暂无解析 -
第20题:
单选题Which configuration shows the correct application of a security policy scheduler?()A[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } scheduler-name now; } } }
B[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }
C[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn scheduler-name now; } } } }
D[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; scheduler-name now; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }myTunnel;
正确答案: C解析: 暂无解析 -
第21题:
单选题To securely transport EIGRP traffic, a network administrator will build VPNs between sites. What is the best method to accomplish the transport of EIGRP traffic?()AIPSec in tunnel mode
BIPSec in transport mode
CGRE with IPSec in transport mode
DGRE with IPSec in tunnel mode
正确答案: A解析: 暂无解析 -
第22题:
单选题Router R1, a branch router, connects to the Internet using DSL. Some traffic flows through a GRE and IPsec tunnel, over the DSL connection, destined for an Enterprise network. Which of the following answers best describes the router's logic that tells the router, for a given packet, to apply GRE encapsulation to the packet?()AWhen the packet received on the LAN interface is permitted by the ACL listed on the tunnel greacl command under the incoming interface
BWhen routing the packet, matching a route whose outgoing interface is the GRE tunnel interface
CWhen routing the packet, matching a route whose outgoing interface is the IPsec tunnel interface
DWhen permitted by an ACL that was referenced in the associated crypto map
正确答案: D解析: 暂无解析 -
第23题:
单选题Based on the configuration shown in the exhibit, what are the actions of the security policy?() [edit schedulers] user@host# show scheduler now { monday all-day; tuesday exclude; wednesday { start-time 07:00:00 stop-time 18:00:00; } thursday { start-time 07:00:00 stop-time 18:00:00; } } [edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps;} then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now;AThe policy will always permit transit packets and use the IPsec VPN myTunnel.
BThe policy will permit transit packets only on Monday, and use the IPsec VPN Mytunnel.
CThe policy will permit transit packets and use the IPsec VPN myTunnel all day Monday and Wednesday 7am to 6pm, and Thursday 7am to 6pm.
DThe policy will always permit transit packets, but will only use the IPsec VPN myTunnel all day Monday and Wednesday 7am to 6pm, and Thursday 7am to 6pm.
正确答案: A解析: 暂无解析 -
第24题:
多选题Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)ATraffic is permitted from the trust zone to the untrust zone.
BIntrazone traffic in the trust zone is permitted.
CAll traffic through the device is denied.
DThe policy is matched only when no other matching policies are found.
正确答案: C,A解析: 暂无解析