网友您好, 请在下方输入框内输入要搜索的题目:

题目内容 (请给出正确答案)
单选题
Firewall–1 是一种:()
A

方病毒产品

B

扫描产品

C

入侵检测产品

D

防火墙产品


参考答案

参考解析
解析: 暂无解析
更多 “单选题Firewall–1 是一种:()A 方病毒产品B 扫描产品C 入侵检测产品D 防火墙产品” 相关考题
考题 图1中防火墙(Firewall)的主要作用是什么?

考题 Firewall-1是一种()。A. 防病毒产品B. 扫描产品C. 入侵检测产品D. 防火墙产品

考题 为了保障内部网络安全,某公司在Internet的连接处安装了PIX防火墙,其网络结构如图12-6所示。完成下列命令行,对网络接口进行地址初始化配置:Firewall(config)ip address ins.ide ______ ______Firewall(config)ip address outside ______ ______阅读以下防火墙配置命令,为命令选择正确的解释。Firewall(config)global(outside)1 61.144.51.46 ______Firewall(config)nat(inside)1 0.0.0.0 0.0.0.0Firewall(config)static(inside,outside) 192.168.0.1 61.144.51.42

考题 Giventheconfigurationshownintheexhibit,whichconfigurationobjectwouldbeusedtoassociatebothNancyandWalterwithfirewalluserauthenticationwithinasecuritypolicy?()profileftp-users{clientnancy{firewall-user{password$9$lJ8vLNdVYZUHKMi.PfzFcyrvX7;SECRET-DATA}}clientwalter{firewall-user{password$9$a1UqfTQnApB36pBREKv4aJUk.5QF;SECRET-DATA}}session-options{client-groupftp-group;}}firewall-authentication{pass-through{default-profileftp-users;ftp{banner{loginJUNOSRocks!;}}}}A.ftp-groupB.ftp-usersC.firewall-userD.nancyandwalter

考题 Click the Exhibit button. Referring to the exhibit, which statement is true about the IP packet flow through interface ge-3/0/0.0?() A. All packets set to be forwarded out interface ge-3/0/0 will be dropped by the firewall filter fire1.B. All packets set to be forwarded out interface ge-3/0/0 will NOT dropped by the firewall filter fire1.C. All packets entering the router on interface ge-3/0/0.0 will be dropped by the firewall filter fire1.D. All packets set to be forwarded out interface ge-3/0/0, except those sourced locally by the Routing Engine, will be dropped by the firewall filter fire1.

考题 A firewall is a(1)system designed to(2)an organization's network against threats.A.operatingB.programmingC.securityD.service

考题 请按照图4-1所示,完成防火墙各个网络接口的初始化配置。firewall (config) ip address inside (6) 255.255.255.0//配置网口eth0firewall (config) ipaddress outside (7) 255.255.255.252//配置网口eth2firewall (config) ip address (8) 10.0.0.1 255.255.255.0//配置网口eth1

考题 某全国连锁企业的总部和分布在全国各地的30家分公司之间经常需要传输各种内部数据,因此公司决定在总部和各分公司之间建立VPN技术。具体拓扑如下:配置部分只显示了与总部与分公司1的配置。根据拓扑完成问题1-问题3。 [问题1](3分):在总部与分公司之间相连的VPN方式是(1),在IPsec工作模式中有传输模式和隧道模式,其中将源IP数据包整体封装后再进行传输的模式是(2).1备选答案:A.站点到站点 B.端到端C.端到站点[问题2](13分):请将相关配置补充完整。总部防火墙firewall1的部分配置如下。 (3)[FIREWALL1] interface(4)[FIREWALL1-GigabitEthernet1/0/2] ip address (5)[FIREWALL1-GigabitEthernet1/0/2] quit[FIREWALL1] interface GigabitEthernet 1/0/1[FIREWALL1-GigabitEthernet1/0/1] ip address 202.1.3.1 24[FIREWALL1-GigabitEthernet1/0/1] quit# 配置接口加入相应的安全区域。[FIREWALL1] firewall zone trust [FIREWALL1-zone-trust] add interface (6)[FIREWALL1-zone-trust] quit[FIREWALL1](7)[FIREWALL1-zone-untrust] add interface GigabitEthernet 1/0/1[FIREWALL1-zone-untrust] quit2. 配置安全策略,允许私网指定网段进行报文交互。# 配置Trust域与Untrust域的安全策略,允许封装前和解封后的报文能通过[FIREWALL1](8)[FIREWALL1-policy-security] rule name 1[FIREWALL1-policy-security-rule-1] source-zone (9)[FIREWALL1-policy-security-rule-1] destination-zone untrust[FIREWALL1-policy-security-rule-1] source-address (10)[FIREWALL1-policy-security-rule-1] destination-address 192.168.200.0 24[FIREWALL1-policy-security-rule-1] action (11)[FIREWALL1-policy-security-rule-1] quit…..# 配置Local域与Untrust域的安全策略,允许IKE协商报文能正常通过FIREWALL1。[FIREWALL1-policy-security] rule name 3[FIREWALL1-policy-security-rule-3] source-zone local[FIREWALL1-policy-security-rule-3] destination-zone untrust[FIREWALL1-policy-security-rule-3] source-address 202.1.3.1 32[FIREWALL1-policy-security-rule-3] destination-address 202.1.5.1 32[FIREWALL1-policy-security-rule-3] action permit[FIREWALL1-policy-security-rule-3] quit…3. 配置IPSec隧道。# 配置访问控制列表,定义需要保护的数据流。[FIREWALL1] (12)[FIREWALL1-acl-adv-3000] rule permit (13)[FIREWALL1-acl-adv-3000] quit# 配置名称为tran1的IPSec安全提议。[FIREWALL1] ipsec proposal tran1[FIREWALL1-ipsec-proposal-tran1] encapsulation-mode (14)[FIREWALL1-ipsec-proposal-tran1] transform esp[FIREWALL1-ipsec-proposal-tran1] esp authentication-algorithm sha2-256[FIREWALL1-ipsec-proposal-tran1] esp encryption-algorithm aes[FIREWALL1-ipsec-proposal-tran1] quit# 配置序号为10的IKE安全提议。[FIREWALL1] (15)[FIREWALL1-ike-proposal-10] authentication-method pre-share[FIREWALL1-ike-proposal-10] authentication-algorithm sha2-256[FIREWALL1-ike-proposal-10] quit# 配置IKE用户信息表。[FIREWALL1] ike user-table 1[FIREWALL1-ike-user-table-1] user id-type ip 202.1.5.1 pre-shared-key Admin@gkys[FIREWALL1-ike-user-table-1] quit# 配置IKE Peer。[FIREWALL1] ike peer b[FIREWALL1-ike-peer-b] ike-proposal 10[FIREWALL1-ike-peer-b] user-table 1[FIREWALL1-ike-peer-b] quit# 配置名称为map_temp序号为1的IPSec安全策略模板。[FIREWALL1] ipsec policy-template map_temp 1[FIREWALL1-ipsec-policy-template-map_temp-1] security acl 3000[FIREWALL1-ipsec-policy-template-map_temp-1] proposal tran1[FIREWALL1-ipsec-policy-template-map_temp-1] ike-peer b[FIREWALL1-ipsec-policy-template-map_temp-1] reverse-route enable[FIREWALL1-ipsec-policy-template-map_temp-1] quit# 在IPSec安全策略map1中引用安全策略模板map_temp。[FIREWALL1] ipsec policy map1 10 isakmp template map_temp# 在接口GigabitEthernet 1/0/1上应用安全策略map1。[FIREWALL1] interface GigabitEthernet 1/0/1[FIREWALL1-GigabitEthernet1/0/1] ipsec policy map1[FIREWALL1-GigabitEthernet1/0/1] quit [问题3]IPsec中,通过一些协议的处理,可以有效的保护分组安全传输。其中能够确保数据完整性,但是不能确保数据机密性的是(17),而技能报数数据传输的机密性又能保证数据完整性的是(18)

考题 某公司在外地新开了一家分公司,现管理员希望在总部与分公司之间通过vpn建立连接。根据拓扑图,完成下列问题。 [问题1](3分)该公司所选用的VPn技术为IPSec。它工作在TCP/IP协议栈的(1)层,能为TCP/IP通信提供访问控制机密性、数据源验证、抗重放、数据完整性等多种安全服务。其中能够确保数据完整性,但是不确保数据机密性的协议是(2),既能报数数据传输的机密性又能保证数据完整性的是协议是(3)。 [问题2](4分):请将相关配置补充完整。总部防火墙firewall1的部分配置如下。…# 配置Trust域与Untrust域的安全策略,允许封装前和解封后的报文能通过[FIREWALL1] (5)[FIREWALL1-policy-security] rule name 1[FIREWALL1-policy-security-rule-1] source-zone trust[FIREWALL1-policy-security-rule-1] destination-zone untrust[FIREWALL1-policy-security-rule-1] source-address (6)[FIREWALL1-policy-security-rule-1] destination-address(7)[FIREWALL1-policy-security-rule-1] quit[FIREWALL1] acl 3000[FIREWALL1-acl-adv-3000] rule (8)ip source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255[FIREWALL1-acl-adv-3000] quit…

考题 Which three statements about firewall modes are correct? ()A、 A firewall in routed mode has one IP addressB、 A firewall in transparent mode has one IP addressC、 In routed mode, the firewall is considered to be a Layer 2 dewD、 In routed mode, the firewall is considered to be a Layer 3 deviceE、 In transparent mode, the firewall is considered to be a Layer 2 deviceF、 In transparent mode, the firewall is considered to be a Layer 3 device

考题 Which two statements are correct about firewall filters in the Junos OS?()A、Firewall filters are stateless.B、Firewall filters are used to control routing information that is exchanged between devices.C、Firewall filters are used to control traffic passing through the device.D、Firewall filters can only be applied to traffic entering the device.

考题 Firewall–1 是一种:()A、方病毒产品B、扫描产品C、入侵检测产品D、防火墙产品

考题 根据Firewall所采用的技术特点可将其分为三种类型:包过滤技术Firewall、代理技术Firewall和检测技术Firewall。

考题 某网络连接形如:HostA----GE0/0--MSR-1--S1/0---------S1/0--MSR-2--GE0/0----HostB 两台MSR 路由器MSR1、MSR2 通过各自的S1/0 接口背靠背互连,各自的GigabitEthernet0/0 接口分别 连接客户端主机HostA 和HostB。通过配置IP 地址和路由目前网络中HostA 可以和HostB 实现互通。 如今在MSR-2 上增加了如下配置: firewall enable acl number 3000 rule 0 deny tcp destination-port eq telnet interface Serial1/0 link-protocol ppp ip address 1.1.1.2 255.255.255.252 firewall packet-filter 3000 inbound firewall packet-filter 3000 outbound interface GigabitEthernet0/0 ip address 10.1.1.1 255.255.255.0 那么如下哪些说法是正确的?()A、后配置的firewall packet-filter 3000 outbound会取代firewall packet-filter 3000 inbound命令B、在HostB上无法成功Telnet到MSR-1上C、在HostB上可以成功Telnet到MSR-1上D、最后配置的firewall packet-filter 3000 outbound不会取代firewall packet-filter 3000 inbound命令

考题 以下配置邮件主题过滤关键字错误的是()。A、firewall smtp-filter subject add*B、firewall smtp-filter subject add*hello*C、firewall smtp-filter subject addhel loD、firewall smtp-filter subject add"hel lo"

考题 IDS与互动是()A、IDS与Firewall互相发控制信息B、Firewall向IDS发控制信息C、IDS向Firewall发控制信息D、相互独立,不发控制信息

考题 What is the recommended practice when considering VPN termination and firewall placement?()A、 have the firewall and VPN appliance deployed in parallelB、 place the VPN in line with the firewall, with the VPN terminating inside the firewallC、 place the public side of the VPN termination device in the DMZ behind a firewallD、 place the VPN in line with the firewall, with the VPN terminating outside the firewall

考题 What is a virtual firewall?()A、another name for a firewall deployed in routed modeB、another name for a firewall deployed in transparent modeC、a separation of multiple firewall security contexts on a single firewallD、a firewall that, when deployed in routed mode, can support up to 1000 VLANs per contextE、a firewall that has multiple contexts, all of which share the same policies (such as NAT and ACLs)

考题 Given the configuration shown in the exhibit, which configuration object would be used to associate bothNancy and Walter with firewall user authentication within a security policy?() profile ftp-users { client nancy { firewall-user { password "$9$lJ8vLNdVYZUHKMi.PfzFcyrvX7"; ## SECRET-DATA } } client walter { firewall-user { password "$9$a1UqfTQnApB36pBREKv4aJUk.5QF"; ## SECRET-DATA } } session-options { client-group ftp-group; } } firewall-authentication { pass-through { default-profile ftp-users;ftp { banner { login "JUNOS Rocks!"; } } } }A、ftp-groupB、ftp-usersC、firewall-userD、nancy and walter

考题 单选题What is a virtual firewall?()A another name for a firewall deployed in routed modeB another name for a firewall deployed in transparent modeC a separation of multiple firewall security contexts on a single firewallD a firewall that, when deployed in routed mode, can support up to 1000 VLANs per contextE a firewall that has multiple contexts, all of which share the same policies (such as NAT and ACLs)

考题 多选题Which three statements about firewall modes are correct? ()AA firewall in routed mode has one IP addressBA firewall in transparent mode has one IP addressCIn routed mode, the firewall is considered to be a Layer 2 dewDIn routed mode, the firewall is considered to be a Layer 3 deviceEIn transparent mode, the firewall is considered to be a Layer 2 deviceFIn transparent mode, the firewall is considered to be a Layer 3 device

考题 单选题Your network contains an Active Directory domain.The domain contains a member server named Server1. Server1 has a single network connection.You need to log every attempt to connect to Server1 on a restricted port.What should you do?()A Change the settings of the private firewall profile.B Change the settings of the domain firewall profile.C Modify the properties of the inbound firewall rules.D Modify the properties of the outbound firewall rules.

考题 单选题The Cisco network-based virtual firewall service solution helps service providers to deliver cost-effective, scalable, integrated security services for enterprise customers using Cisco platforms.What is a virtual firewall?()A  another name for a firewall deployed in routed modeB  another name for a firewall deployed in transparent modeC  a separation of multiple firewall security contexts on a single firewallD  a firewall that, when deployed in routed mode, can support up to 1000 VLANs per context

考题 单选题What is the recommended practice when considering VPN termination and firewall placement?()A  have the firewall and VPN appliance deployed in parallelB  place the VPN in line with the firewall, with the VPN terminating inside the firewallC  place the public side of the VPN termination device in the DMZ behind a firewallD  place the VPN in line with the firewall, with the VPN terminating outside the firewall

考题 多选题Which two commands can be used to monitor firewall user authentication?()Ashow access firewall-authenticationBshow security firewall-authentication usersCshow security audit logDshow security firewall-authentication history

考题 单选题Your network contains two servers named Server1 and Server2 that run Windows Server 2008 R2.Server1 has several custom inbound rules and connection security rules.You need to duplicate the Windows Firewall rules from Server1 to Server2.What should you do on Server1?()A At the Command Prompt, run netsh.exe firewall dump.B At the Command Prompt, run netsh.exe firewall show firewall.txt.C From the Windows Firewall with Advanced Security console, click Export policy.D From the Windows Firewall with Advanced Security console, click the Connection Security Rules node, and then click Export List.

考题 单选题The Cisco network-based virtual firewall service solution helps service providers to deliver costeffective, scalable, integrated security services for enterprise customers using Cisco platforms .What is a virtual firewall?()A another name for a firewall deployed in routed modeB another name for a firewall deployed in transparent modeC a separation of multiple firewall security contexts on a single firewallD a firewall that, when deployed in routed mode, can support up to 1000 VLANs per context