网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
A route-based VPN is required for which scenario? ()
- A、when the remote VPN peer is behind a NAT device
- B、when multiple networks need to be reached across the tunnel
- C、when the remote VPN peer is a dialup or remote access client
- D、when a dynamic routing protocol such as OSPF is required across the VPN
参考答案
更多 “A route-based VPN is required for which scenario? ()A、when the remote VPN peer is behind a NAT deviceB、when multiple networks need to be reached across the tunnelC、when the remote VPN peer is a dialup or remote access clientD、when a dynamic routing protocol such as OSPF is required across the VPN” 相关考题
考题
A route-based VPN is required for which scenario? ()
A. when the remote VPN peer is behind a NAT deviceB. when multiple networks need to be reached across the tunnelC. when the remote VPN peer is a dialup or remote access clientD. when a dynamic routing protocol such as OSPF is required across the VPN
考题
Which VPN management feature would be considered to ensure that the network had the least disruption of service when making topology changes?()
A. dynamic reconfigurationB. path MTU discoveryC. auto setupD. remote management
考题
Which VPN management feature would be considered to ensure that the network had the leastdisruption of service when making topology changes?()A、 dynamic reconfigurationB、 path MTU discoveryC、 auto setupD、 remote management
考题
When designing remote access to the Enterprise Campus network for teleworkers and mobileworkers, which of the following should the designer consider?()A、 It is recommended to place the VPN termination device in line with the Enterprise Edge 1B、 Maintaining access rules, based on the source IP of the client, on an internal firewall drawnfrom a headend RADIUS server is the most secure deploymentC、 VPN Headend routing using Reverse Route Injection (RRI) with distribution is recommended when the remote user community is small and dedicated DHCP scopes are in placeD、 Clientless SSL VPNs provide more granular access control than SSL VPN clients (thin or thick),including at Layer 7
考题
When using the Cisco SDM Quick Setup Siteto-Site VPN wizard, which three parameters do you configure?()A、Source interface where encrypted traffic originatesB、IP address for the remote peerC、Transform set for the IPsec tunnelD、Interface for the VPN connection
考题
The LAN-side of the Teleworker router is assigned private IP address space (RFC1918), and the VPN topology is IPSec-only (no GRE protocol). When is it required to configure NAT/pNAT on the Teleworker router?()A、when all access to the Internet is through the IPSec tunnelB、when there is direct Internet access via split-tunnelingC、when there is no Internet access configured through the Teleworker routerD、whenever you have IOS-Firewall (CBAC) configured
考题
You have a VPN server named Server1 and a file server named Server2. Both servers run Windows Server 2003 Service Pack 2 (SP2). VPN clients report that they cannot access shares on Server2 after connecting to Server1. You confirm that VPN clients receive the appropriate IP configurations and that they have permissions to the shared folders on Server2. You need to ensure that VPN clients can access the shares on Server2 when they connect to the network by using a VPN connection. What should you do? ()A、From the Routing and Remote Access snap-in on Server2, enable IP Routing.B、From the Routing and Remote Access snap-in on Server2, enable Link Control Protocol (LCP) extensions.C、From Utility Manager on Server1, enable the Start automatically when I log on option.D、In the local security policy on Server2, configure the Network Access: Shares that can be accessed anonymously setting.
考题
Your company has a single active directory domain. The company network is protected by a firewall. Remote users connect to your network through a VPN server by using PPTP. When the users try to connect to the VPN server, they receive the following error message: Error 721: The remote computer is not responding. You need to ensure that users can establish a VPN connection. What should you do? ()A、Open port 1423 on the firewallB、Open port 1723 on the firewallC、Open port 3389 on the firewallD、Open port 6000 on the firewall
考题
A policy-based IPsec VPN is ideal for which scenario?()A、when you want to conserve tunnel resourcesB、when the remote peer is a dialup or remote access clientC、when you want to configure a tunnel policy with an action of denyD、when a dynamic routing protocol such as OSPF must be sent across the VPN
考题
Which VPN management feature would be considered to ensure that the network had the least disruption of service when making topology changes?()A、dynamic reconfigurationB、path MTU discoveryC、auto setupD、remote management
考题
When configuring a Cisco Adaptive Security Appliance in multiple context mode, which of the follow capabilities are supported?()A、 Multicastis supportedB、 Dynamic routing protocols are supportedC、 VPN configurations are supportedD、 Static routes are supported
考题
Why is NTP an important component when implementing IPSec VPN in a PKI environment?()A、 To ensure the router has the correct time when generating its private/public key pairs.B、 To ensure the router has the correct time when checking certificate validity from the remote peersC、 To ensure the router time is sync with the remote peers for encryption keys generationD、 To ensure the router time is sync with the remote peers during theDH exchangeE、 To ensure the router time is sync with the remote peers when generating the cookies during IKE phase 1
考题
An SSL VPN can be used in conjunction with IBM Tivoli Access Manager for Enterprise Single Sign-On to provide remote access to business critical information. Which statement is true about the Mobile ActiveCode (MAC) when it is used with a VPN Solution for remote access?()A、The MAC can only be delivered to a mobile phone and is good for a single use only.B、The MAC can be delivered by mobile phone, e-mail, or fax, and it is good for one time authentication only.C、The MAC can only be delivered to a mobile phone and it is good until the expiration time is reached, as set by an administrator.D、The MAC can be delivered by mobile phone, email, or fax, and it is good until the expiration time is reached, as set by an administrator.
考题
Regarding a route-based versus policy-based IPsec VPN, which statement is true?()A、A route-based VPN generally uses less resources than a policy-based VPN.B、A route-based VPN cannot have a deny action in a policy; a policy-based VPN can have a deny action.C、A route-based VPN is better suited for dialup or remote access compared to a policy-based VPN.D、A route-based VPN uses a policy referencing the IPsec VPN; a policy-based VPN policy does not use apolicy referencing the IPsec VPN
考题
A route-based VPN is required for which scenario?()A、when the remote VPN peer is behind a NAT deviceB、when multiple networks need to be reached across the tunnel and GRE cannot be usedC、when the remote VPN peer is a dialup or remote access clientD、when a dynamic routing protocol is required across the VPN and GRE cannot be used
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains Windows Server 2003 file servers. The network also contains a Windows Server 2003 computer named Server1 that runs Routing and Remote Access and Internet Authentication Service (IAS). Server1 provides VPN access to the network for users’ home computers. You suspect that an external unauthorized user is attempting to access the network through Server1. You want to log the details of access attempts by VPN users when they attempt to access the network. You want to compare the IP addresses of users’ home computers with the IP addresses used in the access attempts to verify that the users are authorized. You need to configure Server1 to log the details of access attempts by VPN users. What should you do? ()A、 Configure the system event log to Do not overwrite.B、 In IAS, in Remote Access Logging, enable the Authentication requests setting.C、 Configure the Remote Access server to Log all events.D、 Create a custom remote access policy and configure it for Authentication-Type.
考题
You are designing a remote access strategy to meet the business and technical Requirement. What should you do?()A、 Configure each server running Routing and Remote Access as a RADIUS Client.B、 Add a Remote Access policy to each server running Routing and Remote Access. Configure the Access method as VPN access.C、 Add a Remote Access policy to each server running Routing and Remote Access. Configure the Access method as dialup access.D、 Add a Remote Access policy to each server running Routing and Remote Access. Configure the Access method as wireless access.
考题
单选题You are designing a remote access strategy to meet the business and technical Requirement. What should you do?()A
Configure each server running Routing and Remote Access as a RADIUS Client.B
Add a Remote Access policy to each server running Routing and Remote Access. Configure the Access method as VPN access.C
Add a Remote Access policy to each server running Routing and Remote Access. Configure the Access method as dialup access.D
Add a Remote Access policy to each server running Routing and Remote Access. Configure the Access method as wireless access.
考题
单选题A policy-based IPsec VPN is ideal for which scenario?()A
when you want to conserve tunnel resourcesB
when the remote peer is a dialup or remote access clientC
when you want to configure a tunnel policy with an action of denyD
when a dynamic routing protocol such as OSPF must be sent across the VPN
考题
单选题A route-based VPN is required for which scenario? ()A
when the remote VPN peer is behind a NAT deviceB
when multiple networks need to be reached across the tunnelC
when the remote VPN peer is a dialup or remote access clientD
when a dynamic routing protocol such as OSPF is required across the VPN
考题
单选题Why is NTP an important component when implementing IPSec VPN in a PKI environment?()A
To ensure the router has the correct time when generating its private/public key pairs.B
To ensure the router has the correct time when checking certificate validity from the remote peersC
To ensure the router time is sync with the remote peers for encryption keys generationD
To ensure the router time is sync with the remote peers during theDH exchangeE
To ensure the router time is sync with the remote peers when generating the cookies during IKE phase 1
考题
单选题Which VPN management feature would be considered to ensure that the network had the least disruption of service when making topology changes?()A
dynamic reconfigurationB
path MTU discoveryC
auto setupD
remote management
考题
单选题Regarding a route-based versus policy-based IPsec VPN, which statement is true?()A
A route-based VPN generally uses less resources than a policy-based VPN.B
A route-based VPN cannot have a deny action in a policy; a policy-based VPN can have a deny action.C
A route-based VPN is better suited for dialup or remote access compared to a policy-based VPN.D
A route-based VPN uses a policy referencing the IPsec VPN; a policy-based VPN policy does not use apolicy referencing the IPsec VPN
考题
单选题A route-based VPN is required for which scenario?()A
when the remote VPN peer is behind a NAT deviceB
when multiple networks need to be reached across the tunnel and GRE cannot be usedC
when the remote VPN peer is a dialup or remote access clientD
when a dynamic routing protocol is required across the VPN and GRE cannot be used
考题
单选题Which VPN management feature would be considered to ensure that the network had the leastdisruption of service when making topology changes?()A
dynamic reconfigurationB
path MTU discoveryC
auto setupD
remote management
考题
单选题When designing remote access to the Enterprise Campus network for teleworkers and mobileworkers, which of the following should the designer consider?()A
It is recommended to place the VPN termination device in line with the Enterprise Edge 1B
Maintaining access rules, based on the source IP of the client, on an internal firewall drawnfrom a headend RADIUS server is the most secure deploymentC
VPN Headend routing using Reverse Route Injection (RRI) with distribution is recommended when the remote user community is small and dedicated DHCP scopes are in placeD
Clientless SSL VPNs provide more granular access control than SSL VPN clients (thin or thick),including at Layer 7
考题
单选题When configuring a Cisco Adaptive Security Appliance in multiple context mode, which of the follow capabilities are supported?()A
Multicastis supportedB
Dynamic routing protocols are supportedC
VPN configurations are supportedD
Static routes are supported
热门标签
最新试卷