Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Which of the following states indicates that a BFD session has been successfully established?

A.

down

B.

init

C.

up

D.

AdminUp

As shown in the figure, the firewall is dual-system hot standby. In this networking environment, all service interfaces of the firewall work in routing mode, and OSPF is configured on the upper and lower routers. Assume that the convergence time of OSPF is 30s after the fault is rectified. What is the best configuration for HRP preemption management?

A.

hrp preempt delay 20

B.

hrp preempt delay 40

C.

hrp preempt delay 30

D.

undo hrp preempt delay

The firewall device defends against the SYN Flood attack by using the technology of source legality verification. The device receives the SYN packet and sends the SYN-ACK probe packet to the source IP address host in the SYN packet. If the host exists, it will Which message is sent?

A.

RST message

B.

FIN message

C.

ACK message

D.

SYN message

What is the correct statement about the binding of local users to VPN instances?

A.

local user can be bound to a VPN instance by using the local-user user-name vpn-instance vpn-instance-name command.

B.

By default, the binding between a local user and a VPN instance is implemented.

C.

. After a local user is bound to a VPN instance, the local user can manage the entire firewall.

D.

Local users cannot be bound to VPN instances.

According to the capture of the victim host, what kind of attack is this attack?

A.

ARP Flood attack

B.

HTTP Flood attack

C.

ARP spoofing attack

D.

SYN Flood attack

The PC A in the Trust zone is 192.168.3.1. You cannot access the Internet server in the Untrust zone. The configuration between the Trust zone and the Untrust zone is as follows. What are the most likely causes of the following faults?

A.

security policy application direction configuration error, should be outbound

B.

Since the firewall default packet-filter is deny is executed first, the subsequent policies are not executed.

C.

policy source 192.168.3.0 0.0.0.255 configuration error, need to be modified to policy source 192.168.3.0 0.0.255.255

D.

policy destination any configuration error, a clear destination IP address must be established

L2TP is a tunneling protocol set up for transparent transmission of PPP packets between users and enterprise servers. Which of the following features are included?

A.

L2TP protocol uses the TCP protocol

B.

supports private address allocation and does not occupy public IP addresses.

C.

and PPP configurations support authentication and work with Radius to support flexible local and remote AAA After combining with IPSec,

D.

supports encryption of packets.

The following are traffic-type attacks.

A.

IP Flood attack

B.

HTTP Flood attack

C.

IP address scanning attack

D.

ICMP redirect packet attack

The ip-link sends a probe packet to the specified IP address. By default, after 3 probe failures, the link to this IP address is considered faulty.

A.

TRUE

B.

FALSE

Run the display ike sa command to check the IKE SA information. The following statement is correct?

A.

phase 1 and phase 2 have been established

B.

negotiates through the IKE V2 protocol

C.

VPN instance name is public

D.

IPSec SA status is Ready