最新Cisco CCNP
I Passed CCV
Jun
6
CCNP 642-825-Update(June-2009) New Questions 
1. Which two features can be implemented using the Cisco SDM Advanced Firewall wizard? (Choose two.)
A. DMZ support
B. custom rules
C. firewall signatures
D. application security
E. IP unicast reverse path forwarding
Answer: AB
2. What three classifications reflect the different approaches used to identify malicious traffic? (Choose three.)
A. platform based
B. signature based
C. policy based
D. regular-expression based
E. symbol based
F. anomaly based
Answer: BCF
3. Which action can be taken by Cisco IOS IPS when a packet matches a signature pattern?
A. drop the packet
B. reset the UDP connection
C. block all traffic from the destination address for a specified amount of time
D. perform a reverse path verification to determine if the source of the malicious packet was spoofed
E. forward the malicious packet to a centralized NMS where further analysis can be taken
Answer: A
4. A router interface is configured with an inbound access control list and an inspection rule. How will an inbound packet on this interface be processed?
A. It will be processed by the inbound ACL. If the packet is dropped by the ACL, then it will be processed by the inspection rule.
B. It will be processed by the inbound ACL. If the packet is not dropped by the ACL, then it will be processed by the inspection rule.
C. It will be processed by the inspection rule. If the packet matches the inspection rule, the inbound ACL will be invoked.
D. It will be processed by the inspection rule. If the packet does not match the inspection rule, the inbound ACL will be invoked.
Answer: B
5. Which statement is true about an IPsec/GRE tunnel?
A. The GRE tunnel source and destination addresses are specified within the IPsec transform set.
B. An IPsec/GRE tunnel must use IPsec tunnel mode.
C. GRE encapsulation occurs before the IPsec encryption process.
D. Crypto map ACL is not needed to match which traffic will be protected.
Answer: C
作者:Tony Liu(admin#myccie.net)
地址:http://myccie.net/read.php?160
版权所有。转载时必须链接形式注明作者和原始出处及本声明!
A. DMZ support
B. custom rules
C. firewall signatures
D. application security
E. IP unicast reverse path forwarding
Answer: AB
2. What three classifications reflect the different approaches used to identify malicious traffic? (Choose three.)
A. platform based
B. signature based
C. policy based
D. regular-expression based
E. symbol based
F. anomaly based
Answer: BCF
3. Which action can be taken by Cisco IOS IPS when a packet matches a signature pattern?
A. drop the packet
B. reset the UDP connection
C. block all traffic from the destination address for a specified amount of time
D. perform a reverse path verification to determine if the source of the malicious packet was spoofed
E. forward the malicious packet to a centralized NMS where further analysis can be taken
Answer: A
4. A router interface is configured with an inbound access control list and an inspection rule. How will an inbound packet on this interface be processed?
A. It will be processed by the inbound ACL. If the packet is dropped by the ACL, then it will be processed by the inspection rule.
B. It will be processed by the inbound ACL. If the packet is not dropped by the ACL, then it will be processed by the inspection rule.
C. It will be processed by the inspection rule. If the packet matches the inspection rule, the inbound ACL will be invoked.
D. It will be processed by the inspection rule. If the packet does not match the inspection rule, the inbound ACL will be invoked.
Answer: B
5. Which statement is true about an IPsec/GRE tunnel?
A. The GRE tunnel source and destination addresses are specified within the IPsec transform set.
B. An IPsec/GRE tunnel must use IPsec tunnel mode.
C. GRE encapsulation occurs before the IPsec encryption process.
D. Crypto map ACL is not needed to match which traffic will be protected.
Answer: C
相关日志
新版CCNP®思科认证资深网络工程师开考
新版CCNP认证手册及资料
顺应CCIEv4.0,CCNP将在2009年末重大改版
CCNP Exam Pass4sure 题库
Cisco New Certification – CCNP®Wireless
新版CCNP®思科认证资深网络工程师开考
新版CCNP认证手册及资料
顺应CCIEv4.0,CCNP将在2009年末重大改版
CCNP Exam Pass4sure 题库
Cisco New Certification – CCNP®Wireless
作者:Tony Liu(admin#myccie.net)
地址:http://myccie.net/read.php?160
版权所有。转载时必须链接形式注明作者和原始出处及本声明!
2009/06/28 13:57 wodixiaolin
准备考NP的,谢谢版主了
分页: 1/1 
1 
1
, Skin by