网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
单选题
What is true about IP Source Guard with port security?()
A
Binding should be manually configured.
B
It is not supported if IEEE 802.1x port-based authentication is enabled.
C
The DHCP server must support option 82, or the client is not assigned an IP address.
D
It filters based on source IP address only.
参考答案
参考解析
解析:
暂无解析
更多 “单选题What is true about IP Source Guard with port security?()A Binding should be manually configured.B It is not supported if IEEE 802.1x port-based authentication is enabled.C The DHCP server must support option 82, or the client is not assigned an IP address.D It filters based on source IP address only.” 相关考题
考题
What does a Layer 2 switch use to decide where to forward a received frame?()
A. source MAC addressB. source IP addressC. source switch portD. destination IP addressE. destination port addressF. destination MAC address
考题
A standard IP access list is applied to an Ethernet interface of a router. What does this standard access list filter on?()
A. The source and destination addressesB. The destination port numberC. The destination addressD. The source addressE. All of the above
考题
Your boss is learning a CCNA training course,refer to the exhibit.The access list has been configured on the S0/0 interface of router RTB in the outbound direction.Which two packets,if routed to the interface,will be denied?()access-list 101 denytcp192.168.15.320.0.0.15any eq telnetaccess-list 101 permitip any anyA.source ip address:192.168.15.5;destination port: 21B.source ip address:,192.168.15.37 destination port: 21C.source ip address:,192.168.15.41 destination port: 21D.source ip address:,192.168.15.36 destination port: 23E.source ip address:192.168.15.46;destination port: 23F.source ip address:,192.168.15.49 destination port: 23
考题
What three pieces of information can be used in an extended access list to filter traffic (Choose three.)()。
A.protocolB.VLAN numberC.TCP or UDP port numbersD.source switch port numberE.source IP address and destination IP addressF.source MAC address and destination MAC address
考题
根据下图,该access list被配置在路由器RTB的S0/0接口上的OUT方向,哪两个数据包会被DENY,如果被路由到该接口上的话?()
A.source ip address:192.168.15.5 destination port:21B.source ip address:192.168.15.37 destination port:21C.ssource ip address192.168.15.41 destination port:21D.source ip address:192.168.15.36 destination port:23E.source ip address:192.168.15.46 destination port:23F.source ip address:192.168.15.49 destination port:23
考题
What is true about IP Source Guard with port security?()A、Binding should be manually configured.B、It is not supported if IEEE 802.1x port-based authentication is enabled.C、The DHCP server must support option 82, or the client is not assigned an IP address.D、It filters based on source IP address only.
考题
What is the port number of an IPsec Encapsulating Security Payfoad packet?()A、UOP port 50B、IP protocol 51C、TCP port 51D、TCP port 50E、IP protocol 50F、UDP port51
考题
Which of the following descriptions about IP spoofing is correct?()A、IP source address is forgedB、IP destination address is forgedC、IP TCP source port is forgedD、IP TCP destination port is forgedE、None of above
考题
Switch R1 has been configured with the root guard feature. What statement is true if the spanning tree enhancement Root Guard is enabled? ()A、 If BPDUs are not received on a non-designated port, the port is moved into the STP loop- inconsistent blocked stateB、 IF BPDUs are received on a PortFast enabled port, the port is disabled.C、 If superior BPDUs are received on a designated port, the interface is placed into the root- inconsistent blocked state.D、 If inferior BPDUs are received on a root port, all blocked ports become alternate paths to the root bride.
考题
A standard IP access list is applied to an Ethernet interface of a router. What does this standard access list filter on?()A、The source and destination addressesB、The destination port numberC、The destination addressD、The source addressE、All of the above
考题
You work as a network technician at Company. Your boss, Mrs., is interested in LWAPP (Lightweight Access Point Protocol). What should you tell her regarding this technology? ()A、 LWAPP is a proprietary protocol, and because of its very high overhead it is not widely adopted.B、 Control traffic is encapsulated in UDP packets with a source port of 1024 and a destination port of 12223.C、 Layer 3 LWAPP is a UDP/IP Frame that requires a Cisco Aironet AP to obtain an IP address using DHCP.D、 Data traffic is encapsulated in UDP packets with a source port of 1024 and a destination port of 12223.E、 Control traffic is encapsulated in TCP packets with a source port of 1024 and a destination port of 12223.F、 Data traffic is encapsulated in TCP packets with a source port of 1024 and a destination port of 12223.
考题
Which of the following statements are true concerning the command ip sla monitor responder typetcpconnect ipaddress 10.1.1.1 port 23?(Choose all that apply.)()A、The command will initiate a probe with a destination IP address of 10.1.1.1B、The command is used on the IP SLA responder and the IP SLA sourceC、The command will allow only source address 10.1.1.1 to source probesD、The command will initiate a probe with a destination Telnet portE、The command is used to make the router a responderF、The command will initiate a probe with a source port of 23
考题
You are responsible for increasing the security within the Company LAN. Of the following choices listed below, which is true regarding layer 2 security and mitigation techniques? ()A、 Enable root guard to mitigate ARP address spoofing attacks.B、 Configure DHCP spoofing to mitigate ARP address spoofing attacks.C、 Configure PVLANs to mitigate MAC address flooding attacks.D、 Enable root guard to mitigate DHCP spoofing attacks.E、 Configure dynamic APR inspection (DAI) to mitigate IP address spoofing on DHCP untrusted ports.F、 Configure port security to mitigate MAC address flooding G、 None of the other alternatives apply
考题
What Cisco technology protects against Spanning-Tree Protocol manipulation?()A、 Spanning tree protectB、 Root Guard and BPDU GuardC、 Unicast Reverse Path ForwardingD、 MAC spoof guardE、 Port Security
考题
What does a Layer 2 switch use to decide where to forward a received frame?()A、source MAC addressB、source IP addressC、source switch portD、destination IP addressE、destination port addressF、destination MAC address
考题
What three pieces of information can be used in an extended access list to filter traffic (Choose three.)()。A、protocolB、VLAN numberC、TCP or UDP port numbersD、source switch port numberE、source IP address and destination IP addressF、source MAC address and destination MAC address
考题
Which two statements are true about BPDU port-guard and BPDU filtering?()A、BPDU port-guard can be enabled globally, whereas BPDU filtering must be enabled on a per-interface basis.B、When globally enabled, BPDU port-guard and BPDU filtering apply only to PortFast enabled ports.C、When globally enabled, BPDU port-guard and BPDU filtering apply only to trunking-enabled ports.D、When a BPDU is received on a BPDU port-guard enabled port, the interface goes into the err-disabled state.E、When a BPDU is received on a BPDU filtering enabled port, the interface goes into the err-disabled state.F、When a BPDU is received on a BPDU filtering enabled port, the interface goes into the STP blocking state.
考题
What is the port number of an IPsec Encapsulating Security Payload packet?()A、IP protocol 50B、IP protocol 51C、TCP port 50D、TCP port 51E、UDP port 50F、UDP port 51
考题
When configuring port security on a Cisco Catalyst switch port, what is the default action taken by the switch if a violation occurs? ()A、protect (drop packets with unknown source addresses)B、restrict (increment SecurityViolation counter)C、shut down (access or trunk port)D、transition (the access port to a trunking port)
考题
You need to configure port security on switch R1. Which two statements are true about this technology? ()A、 Port security can be configured for ports supporting VoIP.B、 With port security configured, four MAC addresses are allowed by default.C、 The network administrator must manually enter the MAC address for each device in order for the switch to allow connectivity.D、Withsecurity configured, only one MAC addresses is allowed by default. E、 Port security cannot be configured for ports supporting VoIP.
考题
Which statement is true about source NAT?()A、Source NAT works only with source pools.B、Destination NAT is required to translate the reply traffic.C、Source NAT does not require a security policy to function.D、The egress interface IP address can be used for source NAT
考题
单选题Which of the following descriptions about IP spoofing is correct?()A
IP source address is forgedB
IP destination address is forgedC
IP TCP source port is forgedD
IP TCP destination port is forgedE
None of above
考题
单选题Which statement is true about source NAT?()A
Source NAT works only with source pools.B
Destination NAT is required to translate the reply traffic.C
Source NAT does not require a security policy to function.D
The egress interface IP address can be used for source NAT
考题
单选题A standard IP access list is applied to an Ethernet interface of a router. What does this standard access list filter on?()A
The source and destination addressesB
The destination port numberC
The destination addressD
The source addressE
All of the above
考题
多选题Which of the following statements are true concerning the command ip sla monitor responder typetcpconnect ipaddress 10.1.1.1 port 23?(Choose all that apply.)()AThe command will initiate a probe with a destination IP address of 10.1.1.1BThe command is used on the IP SLA responder and the IP SLA sourceCThe command will allow only source address 10.1.1.1 to source probesDThe command will initiate a probe with a destination Telnet portEThe command is used to make the router a responderFThe command will initiate a probe with a source port of 23
考题
单选题What Cisco technology protects against Spanning-Tree Protocol manipulation?()A
Spanning tree protectB
Root Guard and BPDU GuardC
Unicast Reverse Path ForwardingD
MAC spoof guardE
Port Security
考题
单选题Switch R1 has been configured with the root guard feature. What statement is true if the spanning tree enhancement Root Guard is enabled? ()A
If BPDUs are not received on a non-designated port, the port is moved into the STP loop- inconsistent blocked stateB
IF BPDUs are received on a PortFast enabled port, the port is disabled.C
If superior BPDUs are received on a designated port, the interface is placed into the root- inconsistent blocked state.D
If inferior BPDUs are received on a root port, all blocked ports become alternate paths to the root bride.
热门标签
最新试卷