IPsec, also known as the internet Protocol ( ) , defines the architecture for security services for IP network traffic IPsec describes the framework for providing security a the IP layer, as well as the suite of protocols designed to provide that se

题目
IPsec, also known as the internet Protocol ( ) , defines the architecture for security services for IP network traffic IPsec describes the framework for providing security a the IP layer, as well as the suite of protocols designed to provide that security: through_ ( )_ and encryption of IP network packets. IPec can be used 10 protect network data, for example, by setting up circuits using IPsec ( ), in which all data being sent between two endpoints is encrypted, as with a Virtual (请作答此空) Network connection ;for encrypting application layer data ;and for providing security for routers sending routing data across the public internet. Internet traffic can also be secured from host to host without the use of IPsec, for example by encryption at the ( ) layer with HTTP Secure (TTPS)or an the transport layer wit the Transport Layer Security (TLS)protocol.

A.pubic]
B.private]
C.personal
D.proper
相似考题

1.TCP/IP(71)layer protocols provide services to the application(72)running on a computer. The application layer does not define the application itself, but rather it defines(73)that applications need--like the ability to transfer a file in the case of HTTP. In short, the application layer provides an(74)between software running on a computer and the network itself. The TCP/IP application layer includes a relatively large number of protocols, with HTTP being only one of those. The TCP/IP(75)layer consists of two main protocol options--the Transmission Control Protocol(TCP) and the User Datagram Protocol(UDP).A.applicationB.transportC.linkD.network

2.While the Internet is inherently insecure, businesses still need to preserve the privacy of data as it travels over the network. To help do that, the Internet Engineering Task Force an international group of network designers, operators, vendors, and researchers concerned with the evolution of(71)has developed a suite of(72)called Internet Protocol Security(IPSec).IPSec creates a standard platform. to develop secure networks and electronic(73)between two machines. Secure tunneling via IPSec creates(74)connections in a network through which data packets can move. It creates these tunnels between remote users and within a local network. It also(75)each data packet in a new packet that contains the information neccessary to set up, maintain and tear down the tunnel when it's no longer needed.A.channelsB.Web browserC.Internet dataD.Internet architecture

3.● TCP/IP (71) layer protocols provide services to the application (72) running on a computer. The application layer does not define the application itself, but rather it defines (73) that applications need—like the ability to transfer a file in the case of HTTP. In short, the application layer provides an (74) between software running on a computer and the network itself. The TCP/IP application layer includes a relatively large number of protocols, with HTTP being only one of those. The TCP/IP (75) layer consists of two main protocol options—the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP).

4.TCP/IP is a communication protocol, which provides many different networking services. The TCP/IP Internet protocol suite is formed from two standards: the TCP (Transmission Control Protocol) and the IP(Internet Protocol).(72) means it is on the transport layer.A.ISOB.IPC.OSID.TCP

参考答案和解析
答案:B
解析:
更多“IPsec, also known as the internet Protocol ( ) , defines the architecture for security services for IP network traffic IPsec describes the framework for providing security a the IP layer, as well”相关问题

  • 第1题:

    A network IPS provides which of the following?()

    A. The layer 3 protocol on which other protocols like TCP and UDP communicate.

    B. Enables the IPSec protocol on internal workstations.

    C. Packet-based detection and prevention of network attacks.

    D. Single mode IP communication for a fiber line between remote sites.


    参考答案:C

  • 第2题:

    The diffserv approach to providing QoS in networks employs a small,well-defined set of building blocks from which you can build a variety of( ).Its aim is to define the differentiated services(DS)byte,the Type of Service(ToS)byte from the Internet Protocol Version 4( )and the Traffic Class byte from IP Version 6,and mark the standardized DS byte of the packet such that it receives a particular forwarding treatment,or per- hop behavior(PHB),at each network node.The diffserv architecture provides a(_______)within which service providers can offer customers a range of network services,each differentiated based on performance.A customer can choose the( )level needed on a packet-by-packet basis by simply marking the packet's Differentiated Services Code Point(DSCP)field to a specific value.This ( ) specifies the PHB given to the packet within the service provider network。横线处应选( )


    A.information
    B. Structure
    C .means
    D.framework

    答案:D
    解析:
    在网络中提供QoS的差分服务应用了一种很小的明确定义的构建模块集合来建立各种服务。它的目的就是利用IPv4头部中的服务类型(ToS )和IPv6中的通信类型定义不同的服务字节(DS),而且在每一个网络节点用分组的标准化DS字节来表示它接收到一种特殊的转发处理规则或每跳的行为(PHB)。差分服务体系结构提供了一种框架,使得可以为用户提供一定范围的网络服务,每种服务都有不同的性能。用户只要给分组的差分服务码点(DSCP)字段赋予特殊的值,就可以按照各个分组的需要选择性能级别。这个值说明了在服务提供的网络中给予分组的PHB 。

  • 第3题:

    目前电子商务网站较常采用下列哪一种的安全机制是()。

    • A、DES(Data Encryption Standard)
    • B、IPSec(Internet Protocol Security)
    • C、SET(Secure Electronic Transaction)
    • D、SSL(Secure Socket Layer)

    正确答案:D

  • 第4题:

    IPSec VPN is a widely-acknowledged solution for enterprise network. Which three IPsec VPNstatements are true?()

    • A、IKE keepalives are unidirectional and sent every ten seconds
    • B、IPsec uses the Encapsulating Security Protocol (ESP) or the Authentication Header (AH)protocol for exchanging keys
    • C、To establish IKE SA, main mode utilizes six packets while aggressive mode utilizes only threepackets
    • D、IKE uses the Diffie-Hellman algorithm to generate symmetrical keys to be used by IPsec peers

    正确答案:A,C,D

  • 第5题:

    Which feature would prevent guest users from gaining network access by unplugging an IP phone and connecting a laptop computer?()

    • A、IPSec VPN
    • B、SSL VPN
    • C、port security
    • D、port security with statically configured MAC addresses
    • E、private VLANs

    正确答案:D

  • 第6题:

    Which of the following BEST describes the function of a DNS server?()

    • A、Secures network traffic through shared key encryption.
    • B、Provides resolution of host names to IP addresses.
    • C、Provides security for a network through the use of ACLs.
    • D、Dynamically assigns IP addresses for easy client configuration.

    正确答案:B

  • 第7题:

    Your company has a main office and one branch office. All servers run Windows Server 2003 Service Pack 2 (SP2).The main office has a third-party gateway device named Gateway1. Gateway1 is connected to the internal network and the Internet. Gateway1 supports IPSec. In the branch office, you have a server named Server1. You create an IPSec policy on Server1.You need to ensure that Server1 can establish an IPSec tunnel to Gateway1.  What should you use to configure the IPSec policy?()

    • A、an IP filter that allows only Internet Control Message Protocol (ICMP) traffic 
    • B、an IP filter that allows only TCP traffic on port 1701 
    • C、a pre-shared key for authentication 
    • D、Kerberos authentication

    正确答案:C

  • 第8题:

    Your network contains a DNS server that has a reverse lookup zone for all of your network segments. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). An IP security policy is assigned to Server1. You verify IPSec traffic and see that the current security associations display only by IP address. You need to view the fully qualified domain names for all security associations.  What should you do?()

    • A、From the DNS console, add Server1 as a name server.
    • B、From the DNS console, change dynamic updates to Secure only.
    • C、From IP Security Monitor on Server1, enable DNS name resolution.
    • D、From IP Security Monitor on Server1, create a new taskpad view.

    正确答案:C

  • 第9题:

    You need to design a method of communication between the IT and HR departments. Your solution must meet business requirements. What should you do?()

    • A、Design a custom IPSec policy to implement Encapsulating Security Payload (ESP) for all IP traffic Design the IPSec policy to use certificate-based authentication between the two departments’ computers
    • B、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computers
    • C、Design a customer IPSec policy to implement Encapsulating Payload (ESP) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computers
    • D、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use certificate-based authentication between the two departments’ computers

    正确答案:A

  • 第10题:

    多选题
    Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?()
    A

    data integrity

    B

    data confidentiality

    C

    data authentication

    D

    outer IP header confidentiality

    E

    outer IP header authentication


    正确答案: A,E
    解析: 暂无解析

  • 第11题:

    单选题
    You are the network administrator for your company. The network consists of a single Active Directory domain.  The domain contains a Windows Server 2003 computer named Server1 that is located in an organizational unit (OU) named Servers. Server1 contains confidential data, and all network communications with Server1 must be encrypted by using IPSec.   The default Client (Respond Only) IPSec policy is enabled in the Default Domain Policy Group Policy object (GPO). You create a new GPO and link it to the Servers OU. You configure the new GPO by creating and enabling a custom IPSec policy. You monitor and discover that network communications with Server1 are not being encrypted.  You need to view all IPSec policies that are being applied to Server1.   What should you do?  ()
    A

     Use Local Security Policy to view the Security Options for Server1.

    B

     Use Resultant Set of Policy (RSoP) to run an RSoP logging mode query to view the IP Security Policies on Local Computer for Server1.

    C

     Use Resultant Set of Policy (RSoP) to run an RSoP planning mode query to view the Security Options for Server1.

    D

     Use IP Security Monitor to view the Active Policy for Server1.

    E

     Use IP Security Monitor to view the IKE Policies for Server1.


    正确答案: D
    解析: 暂无解析

  • 第12题:

    单选题
    Which operational mode command displays all active IPsec phase 2 security associations?()
    A

    show ike security-associations

    B

    show ipsec security-associations

    C

    show security ike security-associations

    D

    show security ipsec security-associations


    正确答案: C
    解析: 暂无解析

  • 第13题:

    TCP/IP( )layer protocols provide services to the application( )running on a computer.The application layer does not define the application itself,but rather it defines( )that applications need--like the ability to transfer a file in the case of HTTP.In short,the application layer provides an( )between software running on a computer and the network itself.The TCP/IP application layer includes a relatively large number of protocols,with HTTP being only one of those.The TCP/IP(请作答此空)layer consists of two main protocol options--the Transmission Control Protocol(TCP)and the User Datagram Protocol(UDP).

    A.application
    B.session
    C.physical
    D.transport

    答案:D
    解析:
    TCP/IP传输层协议为运行在计算机上的应用软件提供服务。应用层没有定义应用本身,而是定义了应用需要的服务,例如采用HTTP可以传输文件。简而言之,应用层提供了运行在计算机上的软件与网络之间的接口。TCP/IP应用层包括了很多的协议,HTTP仅是其中之一。TCP/IP传输层主要由两个可选的协议组成——传输控制协议(TCP)和用户数据报协议(UDP)。

  • 第14题:

    以下关于互联网协议安全(Internet Protocol Security,IPsec)协议说法错误的是()

    • A、在传送模式中,保护的是IP负载
    • B、验证头协议(Authentication Head,AH)和IP封装安全载荷协议(Encapsulating Security Payload,ESP)都能以传输模式和隧道模式工作
    • C、在隧道模式中,保护的是整个互联网协议(Internet Protocol,IP)包,包括IP头
    • D、IPsec仅能保证传输数据的可认证性和保密性

    正确答案:D

  • 第15题:

    What is the port number of an IPsec Encapsulating Security Payfoad packet?()

    • A、UOP port 50
    • B、IP protocol 51
    • C、TCP port 51
    • D、TCP port 50
    • E、IP protocol 50
    • F、UDP port51

    正确答案:E

  • 第16题:

    What is the port number of an IPsec Encapsulating Security Payload packet?()

    • A、IP protocol 50
    • B、IP protocol 51
    • C、TCP port 50
    • D、TCP port 51
    • E、UDP port 50
    • F、UDP port 51

    正确答案:A

  • 第17题:

    A network IPS provides which of the following?()

    • A、The layer 3 protocol on which other protocols like TCP and UDP communicate.
    • B、Enables the IPSec protocol on internal workstations.
    • C、Packet-based detection and prevention of network attacks.
    • D、Single mode IP communication for a fiber line between remote sites.

    正确答案:C

  • 第18题:

    You are the network administrator for Humongous Insurance. The network consists of a single Active Directory domain named humongous.com. The domain contains Windows Server 2003 computers and Windows XP Professional computers. You configure several Group Policy objects (GPOs) to enforce the use of IPSec for certain types of communication between specified computers.   A server named Server2 runs the Telnet service. A GPO is supposed to ensure that all Telnet connections to Server2 are encrypted by using IPSec. However, when you monitor network traffic, you notice that Telnet connections are not being encrypted.You need to view all of the IPSec settings that are applied to Server2 by GPOs. Which tool should you use?()

    • A、the IP Security Policy Management console
    • B、the IP Security Monitor console
    • C、the Resultant Set of Policy console
    • D、Microsoft Baseline Security Analyzer (MBSA)

    正确答案:C

  • 第19题:

    You need to design a remote access strategy for the customer support users when they work from home. Your solution must meet security requirements. What should you do?()

    • A、Deploy an L2TP/IPsec VPN server in each call center. Configure the portable computers as L2TP VPN clients
    • B、Create IPSec tunnel mode connections between the customer support users home and the company’s Internet-facing routers
    • C、Create IP packet filters on the company’s Internet-facing routers to allow the Remote Desktop Protocol (RDP).Create IPSec filters on the terminal servers to allow only connections that use RDP
    • D、Create IP packet filters on the company’s Internet-facing routers to allow the IPSec protocols. Assign the Secure Server (Require Security) IPSec policy to the terminal servers. Assign the Client (Respond only) IPSec policy to the portable computers

    正确答案:A

  • 第20题:

    Your network contains a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 has IPSec enabled.  Several users report that they cannot connect to Server1. You need to see how many IPSec connection attempts failed due to authentication failures.  What should you do?()

    • A、From IP Security Monitor, view the Main Mode Statistics.
    • B、From Microsoft Baseline Security Analyzer, scan Server1.
    • C、From the Security event log, view the events from the IPSec source.
    • D、From System Monitor, add the IPSec V4 Driver : Active Security Associations counter.

    正确答案:A

  • 第21题:

    多选题
    Which three JUNOS software features allow for increased security on your network?()
    A

    firewall filters

    B

    data encryption

    C

    routing protocol authentication

    D

    support for BGP path mtu discovery

    E

    automatic discovery for IPSEC neighbors


    正确答案: A,D
    解析: 暂无解析

  • 第22题:

    单选题
    You are a security administrator for your company. The network consists of a single Active Directory domain. All client computers run Windows XP Professional. All servers run Windows Server 2003. All computers on the network are members of the domain.    Traffic on the network is encrypted by IPSec. The domain contains a custom IPSec policy named Lan Security that applies to all computers in the domain. The Lan Security policy does not allow unsecured communication with non-lPSec-aware computers. The company’s written security policy states that the configuration of the domain and the configuration of the Lan Security policy must not be changed. The domain contains a multihomed server named Server1. Server1 isconnected to the company network, and Server1 is also connected to a test network. Currently, the Lan Security IPSec policy applies to network traffic on both network adapters in Server1. You need to configure Server1 so that it communicates on the test network without IPSec security. Server1 must still use the Lan Security policy when it communicates on the company network.  How should you configure Server1?()
    A

     Configure a packet filter for the network adapter on the test network to block the Internet Key Exchange (IKE) port.

    B

     Configure the network adapter on the test network to disable IEEE 802.1x authentication.

    C

     Configure the network adapter on the test network to enable TCP/IP filtering, and then permit all traffic.

    D

     Use the netsh command to assign a persistent IPSec policy that permits all traffic on the network adapter on the test.

    E

     Assign an IPSec policy in the local computer policy that permits all traffic on the network adapter on the test.


    正确答案: A
    解析: 暂无解析

  • 第23题:

    单选题
    以下关于互联网协议安全(Internet Protocol Security,IPsec)协议说法错误的是()
    A

    在传送模式中,保护的是IP负载

    B

    验证头协议(Authentication Head,AH)和IP封装安全载荷协议(Encapsulating Security Payload,ESP)都能以传输模式和隧道模式工作

    C

    在隧道模式中,保护的是整个互联网协议(Internet Protocol,IP)包,包括IP头

    D

    IPsec仅能保证传输数据的可认证性和保密性


    正确答案: C
    解析: 暂无解析

相关内容