单项选择题
Which feature is a potential security weakness of a traditional stateful firewall?()
A.It cannot support UDP flows.
B.It cannot ensure each TCP connection follows a legitimate TCP three-way handshake.
C.It cannot detect application-layer attacks.
D.The status of TCP sessions is retained in the state table after the sessions terminate.
相关考题
-
单项选择题
WhichstatementbestdescribesCiscoIOSZone-BasedPolicyFirewall?()
A.A router interface can belong to multiple zones.
B.Policy maps are used to classify traffic into different traffic classes, and class maps are used to assignaction to the traffic classes.
C.The pass action works in only one direction
D.A zone-pair is bidirectional because it specifies traffic flowing among the interfaces within the zone-pair in both directions. -
单项选择题
Examinethefollowingoptions,wheneditingglobalIPSsettings,whichonedeterminesiftheIOS-basedIPSfeaturewilldroporpermittrafficforaparticularIPSsignatureenginewhileanewsignatureforthatengineisbeingcompiled?()
A.Enable Signature Default
B.Enable Engine Fail Closed
C.Enable Default IOS Signature ActualTests.com
D.Enable Fail Opened -
单项选择题
AsacandidateforCCNAexamination,whenyouarefamiliarwiththebasiccommands,ifyouinputthecommand"enablesecretlevel5password"intheglobalmode,whatdoesitindicate?()
A.Set the enable secret command to privilege level 5
B.The enable secret password is hashed using MD5
C.The enable secret password is for accessing exec privilege level 5
D.The enable secret password is hashed using SHA
E.The enable secret password is encrypted using Cisco proprietary level 5 encryption
