单选题A route-based VPN is required for which scenario?()A when the remote VPN peer is behind a NAT deviceB when multiple networks need to be reached across the tunnel and GRE cannot be usedC when the remote VPN peer is a dialup or remote access clientD when

题目
单选题
A route-based VPN is required for which scenario?()
A

when the remote VPN peer is behind a NAT device

B

when multiple networks need to be reached across the tunnel and GRE cannot be used

C

when the remote VPN peer is a dialup or remote access client

D

when a dynamic routing protocol is required across the VPN and GRE cannot be used

相似考题

1.A route-based VPN is required for which scenario? ()A. when the remote VPN peer is behind a NAT deviceB. when multiple networks need to be reached across the tunnelC. when the remote VPN peer is a dialup or remote access clientD. when a dynamic routing protocol such as OSPF is required across the VPN

2.Which site-to-site VPN solution allows Cisco routers, PIX Firewalls, and Cisco hardware clients to act as remote VPN clients in order to receive predefined security policies and configuration parameters from the VPN headend at the central site?()A、Easy VPNB、GRE tunnelingC、Virtual Tunnel InterfacesD、DynamicMultipoint VPNE、Group Encrypted Transport VPN

3.Which VPN management feature would be considered to ensure that the network had the leastdisruption of service when making topology changes?()A、 dynamic reconfigurationB、 path MTU discoveryC、 auto setupD、 remote management

4.Which VPN management feature would be considered to ensure that the network had the least disruption of service when making topology changes?()A. dynamic reconfigurationB. path MTU discoveryC. auto setupD. remote management

更多“单选题A route-based VPN is required for which scenario?()A when the remote VPN peer is behind a NAT deviceB when multiple networks need to be reached across the tunnel and GRE cannot be usedC when the remote VPN peer is a dialup or remote access clientD when”相关问题

  • 第1题:

    When designing remote access to the Enterprise Campus network for teleworkers and mobileworkers, which of the following should the designer consider?()

    • A、 It is recommended to place the VPN termination device in line with the Enterprise Edge 1
    • B、 Maintaining access rules, based on the source IP of the client, on an internal firewall drawnfrom a headend RADIUS server is the most secure deployment
    • C、 VPN Headend routing using Reverse Route Injection (RRI) with distribution is recommended when the remote user community is small and dedicated DHCP scopes are in place
    • D、 Clientless SSL VPNs provide more granular access control than SSL VPN clients (thin or thick),including at Layer 7

    正确答案:A

  • 第2题:

    The LAN-side of the Teleworker router is assigned private IP address space (RFC1918), and the VPN topology is IPSec-only (no GRE protocol). When is it required to configure NAT/pNAT on the Teleworker router?()

    • A、when all access to the Internet is through the IPSec tunnel
    • B、when there is direct Internet access via split-tunneling
    • C、when there is no Internet access configured through the Teleworker router
    • D、whenever you have IOS-Firewall (CBAC) configured

    正确答案:B

  • 第3题:

    You have a VPN server named Server1 and a file server named Server2. Both servers run Windows Server 2003 Service Pack 2 (SP2). VPN clients report that they cannot access shares on Server2 after connecting to Server1. You confirm that VPN clients receive the appropriate IP configurations and that they have permissions to the shared folders on Server2. You need to ensure that VPN clients can access the shares on Server2 when they connect to the network by using a VPN connection.  What should you do? ()

    • A、From the Routing and Remote Access snap-in on Server2, enable IP Routing.
    • B、From the Routing and Remote Access snap-in on Server2, enable Link Control Protocol (LCP) extensions.
    • C、From Utility Manager on Server1, enable the Start automatically when I log on option.
    • D、In the local security policy on Server2, configure the Network Access: Shares that can be accessed anonymously setting.

    正确答案:A

  • 第4题:

    Which command is needed to change this policy to a tunnel policy for a policy-based VPN?() [edit security policies from-zone trust to-zone untrust] user@host# show policy tunnel-traffic { match { source-address local-net; destination-address remote-net; application any; then { permit; } }

    • A、set policy tunnel-traffic then tunnel remote-vpn
    • B、set policy tunnel-traffic then permit tunnel remote-vpn
    • C、set policy tunnel-traffic then tunnel ipsec-vpn remote-vpn permit
    • D、set policy tunnel-traffic then permit tunnel ipsec-vpn remote-vpn

    正确答案:D

  • 第5题:

    Why is NTP an important component when implementing IPSec VPN in a PKI environment?()

    • A、 To ensure the router has the correct time when generating its private/public key pairs.
    • B、 To ensure the router has the correct time when checking certificate validity from the remote peers
    • C、 To ensure the router time is sync with the remote peers for encryption keys generation
    • D、 To ensure the router time is sync with the remote peers during theDH exchange
    • E、 To ensure the router time is sync with the remote peers when generating the cookies during IKE phase 1

    正确答案:B

  • 第6题:

    Regarding a route-based versus policy-based IPsec VPN, which statement is true?()

    • A、A route-based VPN generally uses less resources than a policy-based VPN.
    • B、A route-based VPN cannot have a deny action in a policy; a policy-based VPN can have a deny action.
    • C、A route-based VPN is better suited for dialup or remote access compared to a policy-based VPN.
    • D、A route-based VPN uses a policy referencing the IPsec VPN; a policy-based VPN policy does not use apolicy referencing the IPsec VPN

    正确答案:A

  • 第7题:

    单选题
    An SSL VPN can be used in conjunction with IBM Tivoli Access Manager for Enterprise Single Sign-On to provide remote access to business critical information. Which statement is true about the Mobile ActiveCode (MAC) when it is used with a VPN Solution for remote access?()
    A

    The MAC can only be delivered to a mobile phone and is good for a single use only.

    B

    The MAC can be delivered by mobile phone, e-mail, or fax, and it is good for one time authentication only.

    C

    The MAC can only be delivered to a mobile phone and it is good until the expiration time is reached, as set by an administrator.

    D

    The MAC can be delivered by mobile phone, email, or fax, and it is good until the expiration time is reached, as set by an administrator.


    正确答案: A
    解析: 暂无解析

  • 第8题:

    单选题
    A policy-based IPsec VPN is ideal for which scenario?()
    A

    when you want to conserve tunnel resources

    B

    when the remote peer is a dialup or remote access client

    C

    when you want to configure a tunnel policy with an action of deny

    D

    when a dynamic routing protocol such as OSPF must be sent across the VPN


    正确答案: B
    解析: 暂无解析

  • 第9题:

    单选题
    Which command is needed to change this policy to a tunnel policy for a policy-based VPN?() [edit security policies from-zone trust to-zone untrust] user@host# show policy tunnel-traffic { match { source-address local-net; destination-address remote-net; application any; then { permit; } }
    A

    set policy tunnel-traffic then tunnel remote-vpn

    B

    set policy tunnel-traffic then permit tunnel remote-vpn

    C

    set policy tunnel-traffic then tunnel ipsec-vpn remote-vpn permit

    D

    set policy tunnel-traffic then permit tunnel ipsec-vpn remote-vpn


    正确答案: A
    解析: 暂无解析

  • 第10题:

    单选题
    Which VPN management feature would be considered to ensure that the network had the least disruption of service when making topology changes?()
    A

     dynamic reconfiguration

    B

     path MTU discovery

    C

     auto setup

    D

     remote management


    正确答案: C
    解析: 暂无解析

  • 第11题:

    单选题
    A route-based VPN is required for which scenario?()
    A

    when the remote VPN peer is behind a NAT device

    B

    when multiple networks need to be reached across the tunnel and GRE cannot be used

    C

    when the remote VPN peer is a dialup or remote access client

    D

    when a dynamic routing protocol is required across the VPN and GRE cannot be used


    正确答案: B
    解析: 暂无解析

  • 第12题:

    单选题
    You have a VPN server named Server1 and a file server named Server2. Both servers run Windows Server 2003 Service Pack 2 (SP2). VPN clients report that they cannot access shares on Server2 after connecting to Server1. You confirm that VPN clients receive the appropriate IP configurations and that they have permissions to the shared folders on Server2. You need to ensure that VPN clients can access the shares on Server2 when they connect to the network by using a VPN connection.  What should you do? ()
    A

    From the Routing and Remote Access snap-in on Server2, enable IP Routing.

    B

    From the Routing and Remote Access snap-in on Server2, enable Link Control Protocol (LCP) extensions.

    C

    From Utility Manager on Server1, enable the Start automatically when I log on option.

    D

    In the local security policy on Server2, configure the Network Access: Shares that can be accessed anonymously setting.


    正确答案: A
    解析: 暂无解析

  • 第13题:

    When using the Cisco SDM Quick Setup Siteto-Site VPN wizard, which three parameters do you configure?()

    • A、Source interface where encrypted traffic originates
    • B、IP address for the remote peer
    • C、Transform set for the IPsec tunnel
    • D、Interface for the VPN connection

    正确答案:A,B,D

  • 第14题:

    A route-based VPN is required for which scenario? ()

    • A、when the remote VPN peer is behind a NAT device
    • B、when multiple networks need to be reached across the tunnel
    • C、when the remote VPN peer is a dialup or remote access client
    • D、when a dynamic routing protocol such as OSPF is required across the VPN

    正确答案:D

  • 第15题:

    A policy-based IPsec VPN is ideal for which scenario?()

    • A、when you want to conserve tunnel resources
    • B、when the remote peer is a dialup or remote access client
    • C、when you want to configure a tunnel policy with an action of deny
    • D、when a dynamic routing protocol such as OSPF must be sent across the VPN

    正确答案:B

  • 第16题:

    Which VPN management feature would be considered to ensure that the network had the least disruption of service when making topology changes?()

    • A、dynamic reconfiguration
    • B、path MTU discovery
    • C、auto setup
    • D、remote management

    正确答案:A

  • 第17题:

    An SSL VPN can be used in conjunction with IBM Tivoli Access Manager for Enterprise Single Sign-On to provide remote access to business critical information. Which statement is true about the Mobile ActiveCode (MAC) when it is used with a VPN Solution for remote access?()

    • A、The MAC can only be delivered to a mobile phone and is good for a single use only.
    • B、The MAC can be delivered by mobile phone, e-mail, or fax, and it is good for one time authentication only.
    • C、The MAC can only be delivered to a mobile phone and it is good until the expiration time is reached, as set by an administrator.
    • D、The MAC can be delivered by mobile phone, email, or fax, and it is good until the expiration time is reached, as set by an administrator.

    正确答案:B

  • 第18题:

    A route-based VPN is required for which scenario?()

    • A、when the remote VPN peer is behind a NAT device
    • B、when multiple networks need to be reached across the tunnel and GRE cannot be used
    • C、when the remote VPN peer is a dialup or remote access client
    • D、when a dynamic routing protocol is required across the VPN and GRE cannot be used

    正确答案:D

  • 第19题:

    单选题
    Your company has a single active directory domain. The company network is protected by a firewall. Remote users connect to your network through a VPN server by using PPTP. When the users try to connect to the VPN server, they receive the following error message: Error 721: The remote computer is not responding. You need to ensure that users can establish a VPN connection. What should you do? ()
    A

    Open port 1423 on the firewall

    B

    Open port 1723 on the firewall

    C

    Open port 3389 on the firewall

    D

    Open port 6000 on the firewall


    正确答案: C
    解析: 暂无解析

  • 第20题:

    单选题
    A route-based VPN is required for which scenario? ()
    A

    when the remote VPN peer is behind a NAT device

    B

    when multiple networks need to be reached across the tunnel

    C

    when the remote VPN peer is a dialup or remote access client

    D

    when a dynamic routing protocol such as OSPF is required across the VPN


    正确答案: A
    解析: 暂无解析

  • 第21题:

    单选题
    Why is NTP an important component when implementing IPSec VPN in a PKI environment?()
    A

     To ensure the router has the correct time when generating its private/public key pairs.

    B

     To ensure the router has the correct time when checking certificate validity from the remote peers

    C

     To ensure the router time is sync with the remote peers for encryption keys generation

    D

     To ensure the router time is sync with the remote peers during theDH exchange

    E

     To ensure the router time is sync with the remote peers when generating the cookies during IKE phase 1


    正确答案: B
    解析: 暂无解析

  • 第22题:

    单选题
    Regarding a route-based versus policy-based IPsec VPN, which statement is true?()
    A

    A route-based VPN generally uses less resources than a policy-based VPN.

    B

    A route-based VPN cannot have a deny action in a policy; a policy-based VPN can have a deny action.

    C

    A route-based VPN is better suited for dialup or remote access compared to a policy-based VPN.

    D

    A route-based VPN uses a policy referencing the IPsec VPN; a policy-based VPN policy does not use apolicy referencing the IPsec VPN


    正确答案: B
    解析: 暂无解析

  • 第23题:

    单选题
    Which VPN management feature would be considered to ensure that the network had the leastdisruption of service when making topology changes?()
    A

     dynamic reconfiguration

    B

     path MTU discovery

    C

     auto setup

    D

     remote management


    正确答案: A
    解析: 暂无解析

  • 第24题:

    单选题
    When designing remote access to the Enterprise Campus network for teleworkers and mobileworkers, which of the following should the designer consider?()
    A

     It is recommended to place the VPN termination device in line with the Enterprise Edge 1

    B

     Maintaining access rules, based on the source IP of the client, on an internal firewall drawnfrom a headend RADIUS server is the most secure deployment

    C

     VPN Headend routing using Reverse Route Injection (RRI) with distribution is recommended when the remote user community is small and dedicated DHCP scopes are in place

    D

     Clientless SSL VPNs provide more granular access control than SSL VPN clients (thin or thick),including at Layer 7


    正确答案: A
    解析: 暂无解析

相关内容