单项选择题

Which feature is a potential security weakness of a traditional stateful firewall？（）

A.It cannot support UDP flows.
B.It cannot ensure each TCP connection follows a legitimate TCP three-way handshake.
C.It cannot detect application-layer attacks.
D.The status of TCP sessions is retained in the state table after the sessions terminate.

<上一题目录下一题>

热门试题

单项选择题WhichstatementbestdescribesCiscoIOSZone-BasedPolicyFirewall？（）

A.A router interface can belong to multiple zones.
B.Policy maps are used to classify traffic into different traffic classes， and class maps are used to assignaction to the traffic classes.
C.The pass action works in only one direction
D.A zone-pair is bidirectional because it specifies traffic flowing among the interfaces within the zone-pair in both directions.

单项选择题Examinethefollowingoptions，wheneditingglobalIPSsettings，whichonedeterminesiftheIOS-basedIPSfeaturewilldroporpermittrafficforaparticularIPSsignatureenginewhileanewsignatureforthatengineisbeingcompiled？（）

A.Enable Signature Default
B.Enable Engine Fail Closed
C.Enable Default IOS Signature ActualTests.com
D.Enable Fail Opened

单项选择题AsacandidateforCCNAexamination，whenyouarefamiliarwiththebasiccommands，ifyouinputthecommand enablesecretlevel5password intheglobalmode，whatdoesitindicate？（）

A.Set the enable secret command to privilege level 5
B.The enable secret password is hashed using MD5
C.The enable secret password is for accessing exec privilege level 5
D.The enable secret password is hashed using SHA
E.The enable secret password is encrypted using Cisco proprietary level 5 encryption

单项选择题Youworkasanetworkengineer，doyouknowanIPsectunnelisnegotiatedwithintheprotectionofwhichtypeoftunnel？（）

A.L2F tunnel
B.L2TP tunnel
C.GRE tunnel
D.ISAKMP tunnel

单项选择题Forthefollowingitems，whichmanagementtopologykeepsmanagementtrafficisolatedfromActualTests.comproductiontraffic？（）

A.OTP
B.OOB
C.SAFE
D.MARS