考题
Click the Exhibit button.Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a in the HR zone to host_b in the trust zone are true? ()(Choose two.)A. DNS traffic is denied.B. HTTP traffic is denied.C. FTP traffic is permitted.D. SMTP traffic is permitted.
考题
Which two statements are true with regard to policy ordering? ()(Choose two.)
A. The last policy is the default policy, which allows all traffic.B. The order of policies is not important.C. New policies are placed at the end of the policy list.D. The insert command can be used to change the order.
考题
Which two statements are true about the command ip route 172.16.3.0 255.255.255.0 192.168.2.4 (Choose two.)()。
A.It establishes a static route to the 172.16.3.0 networkB.It establishes a static route to the 192.168.2.0 networkC.It configures the router to send any traffic for an unknown destination to the 172.16.3.0 networkD.It configures the router to send any traffic for an unknown destination out the interface with the address 192.168.2.4E.It uses the default administrative distanceF.It is a route that would be used last if other routes to the same destination exist
考题
Which two statements are true about the command ip route 172.16.3.0 255.255.255.0 192.168.2.4 (Choose two.)()。A、It establishes a static route to the 172.16.3.0 networkB、It establishes a static route to the 192.168.2.0 networkC、It configures the router to send any traffic for an unknown destination to the 172.16.3.0 networkD、It configures the router to send any traffic for an unknown destination out the interface with the address 192.168.2.4E、It uses the default administrative distanceF、It is a route that would be used last if other routes to the same destination exist
考题
Which two of these are differences between traffic policing and traffic shaping?()A、with traffic shaping,a router stores excess traffic in packet buffers until bandwidth is available againB、with policing you can tune the buffer usage for traffic exceeding the specified CIRC、with shaping you can tune the buffer usage for traffic exceeding the specified CIRD、shaping should only be applied for ingress traffic,policing only for egressE、policing uses a token bucket algorithm,shaping uses an SPD algorithm
考题
Which two statements are true about traffic shaping and traffic policing?()A、both traffic shaping and traffic policing cause retransmissions of connection-oriented protocols such as TCPB、both traffic shaping and traffic policing support the marking and re-marking of trafficC、the effects of traffic shaping and traffic policing when configured on a router are applied to outgoing trafficD、traffic shaping queues excess traffic whereas traffic policing discards excess trafficE、traffic shaping allows the traffic to exceed the bit rate whereas traffic policing prevents the traffic from exceeding the bit rate
考题
Which two statements are true about the protocols that are used for transmitting voice traffic?()A、RTP multiplexing is used to keep multiple phone conversations separateB、RTP provides end-to-end delivery services for voice trafficC、UDP is used to ensure a reliable transmission from sender to receiverD、RTP is used to provide resource reservation for the voice streamE、UDP provides multiplexing
考题
Which two statements about an IDS are true?()A、The IDS is in the traffic path.B、The IDS can send TCP resets to the source device.C、The IDS can send TCP resets to the destination device.D、The IDS listens promiscuously to all traffic on the network.E、Default operation is for the IDS to discard malicious traffic.
考题
Which two statements are true about L2TP tunnels?() (Choose two.)A、Traffic is clear textB、Traffic is encryptedC、They are initiated by the LNSD、They are initiated by the LAC
考题
Which two statements are true about the relationship between static NAT and proxy ARP? ()(Choose two.)A、It is necessary to forward ARP requests to remote hosts.B、It is necessary when translated traffic belongs to the same subnet as the ingress interface.C、It is not automatic and you must configure it.D、It is enabled by default and you do not need to configure it.
考题
Which two statements are true about traffic shaping?()A、Out-of-profile packets are queued.B、It causes TCP retransmits.C、Marking/remarking is not supported.D、It does not respond to BECN and ForeSight Messages.E、It uses a single/two-bucket mechanism for metering.
考题
Which Cisco IOS traffic-shaping mechanism statement is true? ()A、class-based policing is configured using the Modular QoS command-line (MQC)B、only the Frame Relay traffic-shaping (FRTS) mechanism can interact with a Frame Relay network, adapting to indications of Layer2 congestion in the WAN linksC、Distributed Traffic Shaping (DTS) is configured with the police command under the policy map configurationD、both Frame Relay traffic shaping (FRTS) and virtual IP (VIP)-based Distributed Traffic Shaping (DTS) have the ability to mark traffic
考题
Which two statements are true about trust boundaries?()A、Classifying and marking traffic should be done as close to the traffic source as possible. B、Classifying and marking traffic should be done at the distribution layer.C、Traffic is classified and marked as it travels through the network.D、If untrusted traffic enters a switch, it can be marked with a new QoS value appropriate for the policy in place.E、The trust boundary moves depending on the type of traffic entering the network.
考题
Which two statements are true about network voice traffic? (Choose two.)()A、 Voice traffic is affected more by link speed than FTP traffic is.B、 Voice traffic is affected more by packet delays than FTP traffic is.C、 Voice streams involve larger packet sizes than most TCP network traffic involves.D、 Voice traffic is more sensitive to packet loss than TCP network traffic is.E、 Voice traffic requires QOS mechanisms only in heavily loaded network segments.
考题
Which two statements are true about the implementation of QoS? ()A、 Implementing DiffServ involves the configuration of RSVP.B、 Implementing IntServ allows QoS to be performed by configuring only the ingress and egress devices.C、 Implementing IntServ involves the utilization of RSVP.D、 Traffic should be classified and marked by the core network devices.E、 Traffic should be classified and marked as close to the edge of the network as possible.
考题
Which two statements are true about the protocols that are used for transmitting voice traffic?()A、RTP multiplexing is used to keep multiple phone conversations separateB、RTP provides end-to-end delivery services for voice traffic.C、UDP is used to ensure a reliable transmission from sender to receiver.D、RTP is used to provide resource reservation for the voice stream.E、UDP provides multiplexing of multiple phone conversations.
考题
Which two statements are true for a security policy? ()(Choose two.)A、It controls inter-zone traffic.B、It controls intra-zone traffic.C、It is named with a system-defined name.D、It controls traffic destined to the device's ingress interface.
考题
Which two statements are true about precedence values in policy?() (Choose two.)A、1 is the default precedence.B、A lower number is preferred.C、A higher number is preferred.D、100 is the default precedence.
考题
多选题Which two statements are true about L2TP tunnels?() (Choose two.)ATraffic is clear textBTraffic is encryptedCThey are initiated by the LNSDThey are initiated by the LAC
考题
多选题Which two statements are true about the command ip route 172.16.3.0 255.255.255.0 192.168.2.4 (Choose two.)()。AIt establishes a static route to the 172.16.3.0 networkBIt establishes a static route to the 192.168.2.0 networkCIt configures the router to send any traffic for an unknown destination to the 172.16.3.0 networkDIt configures the router to send any traffic for an unknown destination out the interface with the address 192.168.2.4EIt uses the default administrative distanceFIt is a route that would be used last if other routes to the same destination exist
考题
多选题Which two statements are true for a security policy? ()(Choose two.)AIt controls inter-zone traffic.BIt controls intra-zone traffic.CIt is named with a system-defined name.DIt controls traffic destined to the device's ingress interface.
考题
多选题Which two statements are true about trust boundaries?()AClassifying and marking traffic should be done as close to the traffic source as possible.BClassifying and marking traffic should be done at the distribution layer.CTraffic is classified and marked as it travels through the network.DIf untrusted traffic enters a switch, it can be marked with a new QoS value appropriate for the policy in place.EThe trust boundary moves depending on the type of traffic entering the network.
考题
多选题Which two of these are differences between traffic policing and traffic shaping?()Awith traffic shaping,a router stores excess traffic in packet buffers until bandwidth is available againBwith policing you can tune the buffer usage for traffic exceeding the specified CIRCwith shaping you can tune the buffer usage for traffic exceeding the specified CIRDshaping should only be applied for ingress traffic,policing only for egressEpolicing uses a token bucket algorithm,shaping uses an SPD algorithm
考题
多选题Which two statements are true about the relationship between static NAT and proxy ARP? ()(Choose two.)AIt is necessary to forward ARP requests to remote hosts.BIt is necessary when translated traffic belongs to the same subnet as the ingress interface.CIt is not automatic and you must configure it.DIt is enabled by default and you do not need to configure it.
考题
多选题Which two statements are true when source/destination filters are enabled? ()(Choose two.)AExcluded traffic is not accelerated.BExcluded traffic is only compressed.CSource/destination filter applies to all traffic sent from LAN to WAN.DSource/destination filters work in packet interception mode using RIPv2.
考题
多选题Which two statements are true about traffic shaping?()AOut-of-profile packets are queued.BIt causes TCP retransmits.CMarking/remarking is not supported.DIt does not respond to BECN and ForeSight Messages.EIt uses a single/two-bucket mechanism for metering.
考题
多选题Which two statements about an IDS are true?()AThe IDS is in the traffic path.BThe IDS can send TCP resets to the source device.CThe IDS can send TCP resets to the destination device.DThe IDS listens promiscuously to all traffic on the network.EDefault operation is for the IDS to discard malicious traffic.