JN0-130

单选题Click the Exhibit button. Referring to the exhibit, which statement contains the correct gateway parameters?()A[edit security ike] user@host# show gateway ike-phase1-gateway { policy ike-policy1; address 10.10.10.1; dead-peer-detection { interval 20;

题目
单选题
Click the Exhibit button. Referring to the exhibit, which statement contains the correct gateway parameters?()
A

[edit security ike] user@host# show gateway ike-phase1-gateway { policy ike-policy1; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }

B

[edit security ike] user@host# show gateway ike-phase1-gateway { ike-policy ike-policy1; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }

C

[edit security ike] user@host# show gateway ike-phase1-gateway { policy ike1-policy; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }

D

[edit security ike] user@host# show gateway ike-phase1-gateway { ike-policy ike1-policy; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }

如果没有搜索结果,请直接 联系老师 获取答案。
如果没有搜索结果,请直接 联系老师 获取答案。
相似问题和答案

第1题:

Click the Exhibit button.A network administrator receives complaints that the application voicecube is timing out after being idle for 30 minutes.Referring to the exhibit, what is a resolution?()

A. [edit] user@host# set applications application voicecube inactivity-timeout never

B. [edit] user@host# set applications application voicecube inactivity-timeout 2

C. [edit] user@host# set applications application voicecube destination-port 5060

D. [edit] user@host# set security policies from-zone trust to-zone trust policy intrazone then timeout never


参考答案:A

第2题:

You want to test a configured screen value prior to deploying.Which statement will allow you to accomplish this?()

A. [edit security screen] user@host# show ids-option untrust-screen { alarm-test-only; }

B. [edit security screen] user@host# show ids-option untrust-screen { alarm-without-drop; }

C. [edit security screen] user@host# show ids-option untrust-screen { alarm-no-drop; }

D. [edit security screen] user@host# show ids-option untrust-screen { test-without-drop; }


参考答案:B

第3题:

Your network contains a server named Server1 that runs Windows Server 2008 R2. The network contains multiple subnets.An administrator reports that Server1 fails to communicate with computers on remote subnets.You run route.exe print on Server1 as shown in the exhibit. (Click the Exhibit button.)You need to ensure that Server1 can communicate with all computers on the network.What should you do?()

A. Disable IPv6.

B. Change the subnet mask.

C. Add a default gateway address.

D. Change the default metric to 100.


参考答案:C

第4题:

Refer to the above exhibit. Why is the 140.140.0.0 network not used as the gateway of last resort even though it is configured first?()

A.The last default - network statement will always be preferred.

B.A route to the 140.140.0.0 network does not exist in the routing table.

C.Default - network selection will always prefer the statement with the lowest IP address.

D.A router will load balance across multiple default - networks; repeatedly issuing the show ip route command would show the gateway of last resort changing between the two networks.


参考答案:B

第5题:

Which statement contains the correct parameters for a route-based IPsec VPN?()

A. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface ge-0/0/1.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

B. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; } policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

C. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200;} policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { bind-interface ge-0/0/1.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

D. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { bind-interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }


参考答案:D

第6题:

Click the Exhibit button.[A] establishes an IPsec tunnel with [B]. The NAT device translates the IP address 1.1.1.1 to 2.1.1.1.On which port is the IKE SA established?()

A.TCP 500

B.UDP 500

C.TCP 4500

D.UDP 4500


参考答案:D

第7题:

Click the Exhibit button.Referring to the exhibit, you are not able to telnet to 192.168.10.1 from client PC 192.168.10.10.What is causing the problem?()

A. Telnet is not being permitted by self policy.

B. Telnet is not being permitted by security policy.

C. Telnet is not allowed because it is not considered secure.

D. Telnet is not enabled as a host-inbound service on the zone


参考答案:D

第8题:

Click the Exhibit button.Referring to the exhibit, which statement contains the correct gateway parameters?()

A. [edit security ike] user@host# show gateway ike-phase1-gateway { policy ike-policy1; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }

B. [edit security ike] user@host# show gateway ike-phase1-gateway { ike-policy ike-policy1; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }

C. [edit security ike] user@host# show gateway ike-phase1-gateway { policy ike1-policy; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }

D. [edit security ike] user@host# show gateway ike-phase1-gateway { ike-policy ike1-policy; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }


参考答案:B

第9题:

Click the Exhibit button.In the exhibit, two physical routers are configured for VRRP in the network with WXC devices.How should you define the default gateway address on each WXC device?()

A. Define the virtual router IP address on both WXC devices.

B. Add a static route for the virtual router IP address on both WXC devices.

C. Define the physical IP address of each router on each respective WXC device.

D. Leave the default gateway field in the WXC device blank; it will automatically detect the active gateway address.


参考答案:C

第10题:

You want to test a configured screen value prior to deploying.Which statement will allow you to accomplish this?()

  • A、[edit security screen] user@host# show ids-option untrust-screen { alarm-test-only; }
  • B、[edit security screen] user@host# show ids-option untrust-screen { alarm-without-drop; }
  • C、[edit security screen] user@host# show ids-option untrust-screen { alarm-no-drop; }
  • D、[edit security screen] user@host# show ids-option untrust-screen { test-without-drop; }

正确答案:B

更多相关问题
相关内容