Cisco Certification

hotdeng11

To help you prepare for total success on exam day, here are 10 complimentary questions on the IOS Firewall set. Answers are at the end of the article. Enjoy!
cisco training certification
is a tremendous boost to your career and your career prospects!
1. Define the term “DMZ” as it pertains to network security, and name three different common network devices that are typically found there.
2. Identify the true statements.
A. Stateless packet filtering considers the TCP connection state.
B. Stateful packet filtering considers the TCP connection state.
C. Neither stateless nor stateful packet filtering monitor the TCP connection state.
D. Both stateless and stateful packet filtering monitor the TCP connection state, and keep a state table containing that information.
3. Does the Cisco IOS Firewall feature set act as a stateful or
cisco exam answers
?
4. Which of the following are considered parts of the IOS Firewall feature set?
A. IOS Firewall
B. Intrusion Prevention System
C. RADIUS
D. Authentication Proxy
E. Password Encryption
5. Identify the true statements regarding the Authentication Proxy.
A. It’s part of the IOS Firewall Feature Set.
B. It allows creation of per-user security profiles, rather than more general profiles.
C. It allows creation of general security profiles, but not per-user profiles.
D. Profiles can be stored locally, but not remotely.
E. Profiles can be stored on a RADIUS server.
F. Profiles can be stored on a TACACS+ server.
6. Configuring ACLs is an important part of working with the
cisco testing
. What wildcard masks are replaced in ACLs by the words host and any?
7. What does the dollar sign in the following ACL line indicate?
R1(config)#$ 150 deny ip 172.50.50.0 0.0.0.255 172.50.100.0 0.0.0.255
8. Basically, how does an IOS Firewall prevent a TCP SYN attack?
9. What does the term “punch a hole in the firewall” refer to? (Logically, that is, not physically.)
10. What exactly does the router-traffic option in the following
cisco labs
?
R4(config)#ip inspect name PASSCCNASECURITY tcp router-traffic
R4(config)#ip inspect name PASSCCNASECURITY udp router-traffic
R4(config)#ip inspect name PASSCCNASECURITY icmp router-traffic
Here are the answers!
1. It’s easy to think of your network as the “inside”, and everything else as “outside”. However, we’ve got a third area when it comes to firewalls - the DMZ.
From an IT standpoint, the DMZ is the part of our network that is exposed to outside networks. It’s common to find the following devices in a
hp printer ink cartridge
:


本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u3/91511/showart_1860591.html