Based on the following ISP routing configuration information on a firewall, which of the following options are correct? (Multiple choices)
A. Configure a total of 2 csv files.
B. The two outgoing interfaces of china-unicom.csv are all routed in the routing table.
C. There are two files that have been issued by the ISP.
D. The china-unicom.csv file has two outgoing interfaces bound to the firewall.
正解:C,D
質問 2:
Which of the following statement about IKE is the correct? (Multiple choice)
A. IPSec has two negotiation modes to establish security associations. One is manual and the other is automatic IKE negotiation (isakmp).
B. The NA7 traversal function deletes the UDP port number verification process during IKE negotiation and implements the discovery function of the NAT gateway device in the VPN tunnel. If the NAT gateway device is found, UDP encapsulation will be used in the subsequent IPSec data transmission.
C. The aggressive mode of IKE v1 can choose to find the corresponding authentication key and finally complete the negotiation according to the IP address or Name of the negotiation initiator.
D. IKE security mechanisms include DH Diffie-Hellman exchange and key distribution, Perfect Forward Secrecy PFS, and SHA1 encryption algorithms.
正解:A,B,C
質問 3:
Which of the following commands are not commonly used when troubleshooting IPSec faults?
A. display ipsec sa
B. display ipsec statistics
C. display ipsec session
D. display ike sa
正解:C
質問 4:
The action no-qos in the bandwidth policy indicates that the traffic is not limited.
A. False
B. True
正解:B
質問 5:
In the path selection method based on the link priority master/backup, if overload protection is not enabled, what happens when the link on the primary link is congested?
A. The standby link is not enabled and the primary link continues to forward traffic.
B. The traffic is distributed to the backup link according to the default overload protection threshold.
C. Automatically enable the standby link to share the traffic.
D. The active and standby links share the traffic according to the priority ratio of the link.
正解:A
大信** -
受かりました!この問題集の内容を一通りし、模擬問題を繰り返し、間違えたところを集中的に補習するだけで合格間違いないです。お薦めします。