网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
IP Security Monitor可以显示IPSec激活的机器上的实时统计信息。为了修改监视器默认的刷新时间,您将使用下列哪一种选择()
- A、从IP安全监视器中的“选项”按钮进入
- B、使用命令ipsecomon、ttl<秒>
- C、从“IP安全策略”快捷方式进入
- D、以上都不对,默认刷新时间不能被改动
参考答案
更多 “IP Security Monitor可以显示IPSec激活的机器上的实时统计信息。为了修改监视器默认的刷新时间,您将使用下列哪一种选择()A、从IP安全监视器中的“选项”按钮进入B、使用命令ipsecomon、ttl秒C、从“IP安全策略”快捷方式进入D、以上都不对,默认刷新时间不能被改动” 相关考题
考题
NAT无法多路传输IPSec数据流。ESP保护的IPSec流量没有包含可见的TCP或UDP报头。 ESP报头位于IP报头和加密的TCP或UDP报头之间,并且使用IP协议号50。因此,TCP或UDP端口号就无法将流量多路传输到不同的专用网主机。ESP报头包含一个名为Security Parameters Index(安全参数索引,SPI)的字段。SPI与明文(plaintext)IP报头中的目标IP地址和IPSec安全协议(ESP或AH)结合起来用于识别IPSec安全关联(SA)。应该如何解决?
考题
IP安全性(IP Security,IPSec)提供了在局域网、广域网和因特网中安全通信能力。关于IP安全性下列说法不正确的是(28)。A.IPSec可提供同一公司各分支机构通过的安全连接B.IPSec可提供对的远程安全访问C.IPSec可提高电子商务的安全性D.IPSec能在IP的新版本IPv6下工作,但不适应IP目前的版本IPv4
考题
Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?() (Choose three.)
A. data integrityB. data confidentialityC. data authenticationD. outer IP header confidentialityE. outer IP header authentication
考题
IPsec, also known as the internet Protocol ( ) , defines the architecture for security services for IP network traffic IPsec describes the framework for providing security a the IP layer, as well as the suite of protocols designed to provide that security: through_ ( )_ and encryption of IP network packets. IPec can be used 10 protect network data, for example, by setting up circuits using IPsec ( ), in which all data being sent between two endpoints is encrypted, as with a Virtual (请作答此空) Network connection ;for encrypting application layer data ;and for providing security for routers sending routing data across the public internet. Internet traffic can also be secured from host to host without the use of IPsec, for example by encryption at the ( ) layer with HTTP Secure (TTPS)or an the transport layer wit the Transport Layer Security (TLS)protocol.A.pubic]
B.private]
C.personal
D.proper
考题
IPsec的功能可以划分三类:①认证头(Authentication Header, AH):用于数据完整性认证和数据源认证;②封装安全负荷(Encapsulating Security Payload,ESP):提供数据保密性和数据完整性认证,ESP也包括了防止重放攻击的顺序号;③Internet密钥交换协议(Internet Key Exchange,IKE):用于生成和分发在ESP和AH中使用的密钥,IKE也对远程系统进行初始认证。IPsec传输模式中,IP头没有加密,只对IP数据进行了加密;在隧道模式中,IPSec 对原来的IP数据报进行了封装和加密,加上了新的IP头。IPSec的安全头插入在标准的IP头和上层协议(例如TCP)之间,任何网络服务和网络应用可以不经修改地从标准IP转向IPSec,同时IPSec通信也可以透明地通过现有的IP路由器。A.A、B互换私钥
B.A、B互换公钥
C.I1、I2互换私钥
D.I1、I2互换公钥
考题
以下关于互联网协议安全(Internet Protocol Security,IPsec)协议说法错误的是()A、在传送模式中,保护的是IP负载B、验证头协议(Authentication Head,AH)和IP封装安全载荷协议(Encapsulating Security Payload,ESP)都能以传输模式和隧道模式工作C、在隧道模式中,保护的是整个互联网协议(Internet Protocol,IP)包,包括IP头D、IPsec仅能保证传输数据的可认证性和保密性
考题
What is the port number of an IPsec Encapsulating Security Payfoad packet?()A、UOP port 50B、IP protocol 51C、TCP port 51D、TCP port 50E、IP protocol 50F、UDP port51
考题
Which IOS security feature is configured by the ip inspect inspection-name {in | out} command?()A、IPsec site-to-site VPNB、Cisco AutoSecureC、Cisco IOS FirewallD、IPS
考题
Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?() (Choose three.)A、data integrityB、data confidentialityC、data authenticationD、outer IP header confidentialityE、outer IP header authentication
考题
两台Windows 2000计算机之间没能建立预期的IP安全会话。在您开始诊断故障原因时,您将采取的第一步措施是以下哪一个()A、检查两台计算机正在使用的验证方式中是否至少有一种是相同的B、运行IP Security Monitor,观察安全通信的统计信息C、检查IP Security是否在两台计算机上都被激活了D、检查隧道模式是否在两台计算机上都安装了
考题
What is the port number of an IPsec Encapsulating Security Payload packet?()A、IP protocol 50B、IP protocol 51C、TCP port 50D、TCP port 51E、UDP port 50F、UDP port 51
考题
Which feature would prevent guest users from gaining network access by unplugging an IP phone and connecting a laptop computer?()A、IPSec VPNB、SSL VPNC、port securityD、port security with statically configured MAC addressesE、private VLANs
考题
Which of the following would be used to monitor unauthorized access to data files?()A、Performance Log and AlertsB、Event ViewerC、Security Configuration and AnalysisD、IP Security Monitor
考题
Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?()A、data integrityB、data confidentialityC、data authenticationD、outer IP header confidentialityE、outer IP header authentication
考题
ou are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.Two of the servers on the network contain highly confidential documents. The company’s written security policy states that all network connections with these servers must be encrypted by using an IPSec policy.You place the two servers in an organizational unit (OU) named SecureServers. You configure a Group Policy object (GPO) that requires encryption for all connections. You assign the GPO to the SecureServers OU. You need to verify that users are connecting to the two servers by using encrypted connections. What should you do?()A、Run the net view command.B、Run the gpresult command.C、Use the IP Security Monitor console.D、Use the IPSec Policy Management console.
考题
You are the network administrator for Humongous Insurance. The network consists of a single Active Directory domain named humongous.com. The domain contains Windows Server 2003 computers and Windows XP Professional computers. You configure several Group Policy objects (GPOs) to enforce the use of IPSec for certain types of communication between specified computers. A server named Server2 runs the Telnet service. A GPO is supposed to ensure that all Telnet connections to Server2 are encrypted by using IPSec. However, when you monitor network traffic, you notice that Telnet connections are not being encrypted.You need to view all of the IPSec settings that are applied to Server2 by GPOs. Which tool should you use?()A、the IP Security Policy Management consoleB、the IP Security Monitor consoleC、the Resultant Set of Policy consoleD、Microsoft Baseline Security Analyzer (MBSA)
考题
You need to design a remote access strategy for the customer support users when they work from home. Your solution must meet security requirements. What should you do?()A、Deploy an L2TP/IPsec VPN server in each call center. Configure the portable computers as L2TP VPN clientsB、Create IPSec tunnel mode connections between the customer support users home and the company’s Internet-facing routersC、Create IP packet filters on the company’s Internet-facing routers to allow the Remote Desktop Protocol (RDP).Create IPSec filters on the terminal servers to allow only connections that use RDPD、Create IP packet filters on the company’s Internet-facing routers to allow the IPSec protocols. Assign the Secure Server (Require Security) IPSec policy to the terminal servers. Assign the Client (Respond only) IPSec policy to the portable computers
考题
Your network contains a DNS server that has a reverse lookup zone for all of your network segments. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). An IP security policy is assigned to Server1. You verify IPSec traffic and see that the current security associations display only by IP address. You need to view the fully qualified domain names for all security associations. What should you do?()A、From the DNS console, add Server1 as a name server.B、From the DNS console, change dynamic updates to Secure only.C、From IP Security Monitor on Server1, enable DNS name resolution.D、From IP Security Monitor on Server1, create a new taskpad view.
考题
You are the administrator of an Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. A server named Filesrv1 contains confidential data that is only available to users in the human resources (HR) department. You want all computers in the HR department to connect to Filesrv1 by using an IPSec policy. You assign the Server (Request Security) IPSec policy to Filesrv1. Using Network Monitor, you notice that some computers in the HR department connect to Filesrv1 without using the IPSec policy. You need to configure Filesrv1 to ensure that all computers connect to it by using the IPSec policy. What should you do?()A、Assign the Secure Server(Require Security) IPSec policy.B、Assign the Client (Respond Only)IPSec policy.C、Unassign the Server(Request Security IPSec policy.D、Restart the IPSec Services service.
考题
你是Humongous Insurance公司网络管理员。网络是一单活动目录域环境,域名humongous.com。域中有Windows server 2003 和Windows XP Pro计算机。你配置了几个组策略对象(GPOs)使用IPSec来加强那些特定计算机间的可靠通信安全。在Server2上运行着Telnet服务(远程登录)。一个GPO使用IPSec策略来确保对所有到Server2上的Telnet通信加密。但是,你监视网络通信发现这些Telnet连接并未被加密。 你要察看由GPO规定并应用在Server2上的所有IPSec设置。你将使用哪个工具()?A、IP Security Policy Management concoleB、IP Security Monitor ConsoleC、Result Set of Policy consoleD、Microsoft Baseline Security Analyzer(MBSA)
考题
Your network contains a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 has IPSec enabled. Several users report that they cannot connect to Server1. You need to see how many IPSec connection attempts failed due to authentication failures. What should you do?()A、From IP Security Monitor, view the Main Mode Statistics.B、From Microsoft Baseline Security Analyzer, scan Server1.C、From the Security event log, view the events from the IPSec source.D、From System Monitor, add the IPSec V4 Driver : Active Security Associations counter.
考题
You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2).You open the IP Security Monitor snap-in and see the information shown in the exhibit. (Click the Exhibit button.) You need to ensure that all communications to Server1 are encrypted. What should you do?()A、/Modify the Local Security Policy on Server1. B、Modify the Research IPSec Policy Group Policy object. C、Enable Windows Firewall and do not allow exceptions. D、From the Properties of the Local Area Connection, modify the Authentication settings.
考题
You need to design a method of communication between the IT and HR departments. Your solution must meet business requirements. What should you do?()A、Design a custom IPSec policy to implement Encapsulating Security Payload (ESP) for all IP traffic Design the IPSec policy to use certificate-based authentication between the two departments’ computersB、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersC、Design a customer IPSec policy to implement Encapsulating Payload (ESP) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersD、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use certificate-based authentication between the two departments’ computers
考题
多选题Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH?() (Choose three.)Adata integrityBdata confidentialityCdata authenticationDouter IP header confidentialityEouter IP header authentication
考题
多选题Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?()Adata integrityBdata confidentialityCdata authenticationDouter IP header confidentialityEouter IP header authentication
考题
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. The domain contains a Windows Server 2003 computer named Server1 that is located in an organizational unit (OU) named Servers. Server1 contains confidential data, and all network communications with Server1 must be encrypted by using IPSec. The default Client (Respond Only) IPSec policy is enabled in the Default Domain Policy Group Policy object (GPO). You create a new GPO and link it to the Servers OU. You configure the new GPO by creating and enabling a custom IPSec policy. You monitor and discover that network communications with Server1 are not being encrypted. You need to view all IPSec policies that are being applied to Server1. What should you do? ()A
Use Local Security Policy to view the Security Options for Server1.B
Use Resultant Set of Policy (RSoP) to run an RSoP logging mode query to view the IP Security Policies on Local Computer for Server1.C
Use Resultant Set of Policy (RSoP) to run an RSoP planning mode query to view the Security Options for Server1.D
Use IP Security Monitor to view the Active Policy for Server1.E
Use IP Security Monitor to view the IKE Policies for Server1.
考题
单选题Which operational mode command displays all active IPsec phase 2 security associations?()A
show ike security-associationsB
show ipsec security-associationsC
show security ike security-associationsD
show security ipsec security-associations
热门标签
最新试卷