单项选择题
When is an IPSec SA built on the Teleworker Router?()
A.when the router is booted up
B.when the router administratively does a no shutdown" on the IPSec SA
C.when traffic matches a line of the access-list tied into the crypto-map in the router configuration, and that particular IPSec SA is not already up
D.when the ISAKMP SA completes negotiation of all IPSec SAs (one per access-list line in the crypto ACL), it will be brought up immediately
相关考题
-
单项选择题
AcustomerwantstodeploytheCiscoBusinessReadyTeleworkersolution,butiscurrentlyusingatraditional(non-IP)PBXforvoiceservices.Whatwouldyourecommendtothiscustomer?()
A.Deployment of Business Ready Teleworker with VoIP is not recommended.
B.The customer’s existing PBX must first be replaced with Cisco IP Telephony solution.
C.Business Ready Teleworker and Cisco IP Telephony can be deployed in parallel to the existing PBX, integrating the two with trunking.
D.Deployment is recommended only for full-time Teleworkers who have no other corporate phone. -
单项选择题
WhatisnotadifferencebetweenVPNtunnelauthenticationandper-userauthentication?()
A.VPN tunnel authentication is part of the IKE specification.
B.VPN tunnel authentication does not control which end user can use the IPSec SA (VPN tunnel).
C.User authentication is used to control access for a specific user ID, and can be used with or without a VPN tunnel for network access authorization.
D.802.1X with EAP-TLS (X.509 certificates) can be used to authenticate an IPSec tunnel. -
单项选择题
Context-BasedAccessControl(CBAC)isthealgorithmoftheCiscoIOSfirewallfeature.HowdoesCBACimproveTeleworkersecurity?()
A.Inbound packets are permitted only if they are part of a legitimate data flow initiated by a device on the Teleworker home network.
B.All packets are checked for integrity by analyzing their checksum.
C.Every packet is checked to see if it was sent through the VPN tunnel.
D.Every packet is inspected to see if any disallowed URLs are included. URLs are forwarded to the security cache engine for authorization.
