A.Access attacks can consist of password attacks,trust exploitation,port redirection,and man-in-the-middle attacks.
B.Access attacks can consist of UDP and TCP SYN flooding,ICMP echo-request floods,and ICMP directed broadcasts.
C.DoS attacks can be reduced through the use of access control configuration,encryption,and RFC 2827 filtering.
D.DoS attacks can consist of IP spoofing and DDoS attacks.
E.IP spoofing can be reduced through the use of policy-based routing.
F.IP spoofing exploits known vulnerabilities in authentication services, FTP services,and web services to gain entry to web accounts,confidential databases,and other sensitive information.
您可能感興趣的試卷
你可能感興趣的試題
Refer to the exhibit. What statement is true about the interface S1/0 on router R1?()
A.Labeled packets can be sent over an interface.
B.MPLS Layer 2 negotiations have occurred.
C.IP label switching has been disabled on this interface.
D.None of the MPLS protocols have been configured on the interface.
A.A network administrator entering a wrong password would generate a true-negative alarm.
B.A false positive alarm is generated when an IDS/IPS signature is correctly identified.
C.An IDS is significantly more advanced over IPS because of its ability to prevent network attacks.
D.Cisco IDS works inline and stops attacks before they enter the network.
E.Cisco IPS taps the network traffic and responds after an attack.
F.Profile-based intrusion detection is also known as "anomaly detection".
A.Access attacks can consist of password attacks,trust exploitation,port redirection,and man-in-the-middle attacks.
B.Access attacks can consist of password attacks,ping sweeps,port scans,and man-in-the-middle attacks.
C.Access attacks can consist of packet sniffers,ping sweeps,port scans,and man-in-the-middle attacks.
D.Reconnaissance attacks can consist of password attacks,trust exploitation,port redirection and Internet information queries.
E.Reconnaissance attacks can consist of packet sniffers,port scans,ping sweeps,and Internet information queries.
F.Reconnaissance attacks can consist of ping sweeps,port scans,man-in-middle attacks and Internet information queries.
A.It can be configured to block Java traffic.
B.It can be configured to detect and prevent SYN-flooding denial-of-service (DoS) network attacks.
C.It can only examine network layer and transport layer information.
D.It can only examine transport layer and application layer information.
E.The inspection rules can be used to set timeout values for specified protocols.
F.The ip inspect cbac-name command must be configured in global configuration mode.
A.allows dynamic routing over the tunnel
B.supports multi-protocol (non-IP) traffic over the tunnel
C.reduces IPsec headers overhead since tunnel mode is used
D.simplifies the ACL used in the crypto map
E.uses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configuration
最新試題
During the Easy VPN Remote connection process,which phase involves pushing the IP address, Domain Name System (DNS),and split tunnel attributes to the client?()
Which three categories of signatures can a Cisco IPS microengine identify?()
What are three features of the Cisco IOS Firewall feature set?()
Which three techniques should be used to secure management protocols?()
Which two mechanisms can be used to detect IPsec GRE tunnel failures?()
Refer to the exhibit. The show mpls interfaces detail command has been used to display information about the interfaces on router R1 that have been configured for label switching. Which statement is true about the MPLS edge router R1?()
Which form of DSL technology is typically used as a replacement for T1 lines?()
What are the four fields in an MPLS label?()
Refer to the exhibit.What does the "26" in the first two hop outputs indicate?()
What is a reason for implementing MPLS in a network?()