单选题Which statement contains the correct parameters for a route-based IPsec VPN?（）A [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }po

题目

单选题

Which statement contains the correct parameters for a route-based IPsec VPN?（）

[edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface ge-0/0/1.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

[edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; } policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

[edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200;} policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { bind-interface ge-0/0/1.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

[edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { bind-interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

如果没有搜索结果，请直接联系老师获取答案。

相似问题和答案

第1题：

Which statement contains the correct parameters for a route－based IPsec VPN?()

A. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface ge-0/0/1.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

B. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; } policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

C. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200;} policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { bind-interface ge-0/0/1.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

D. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { bind-interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

参考答案：D

第2题：

Which of the following commands will display a router’s crypto map IPsec security associationsettings？（）

A、show crypto map ipsec sa
B、show crypto map
C、show crypto engine connections active
D、show ipsec crypto map
E、show crypto map sa
F、show ipsec crypto map sa

正确答案:A

第3题：

Click the Exhibit button.Referring to the exhibit, which statement contains the correct gateway parameters?()

A. [edit security ike] user@host# show gateway ike-phase1-gateway { policy ike-policy1; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }

B. [edit security ike] user@host# show gateway ike-phase1-gateway { ike-policy ike-policy1; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }

C. [edit security ike] user@host# show gateway ike-phase1-gateway { policy ike1-policy; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }

D. [edit security ike] user@host# show gateway ike-phase1-gateway { ike-policy ike1-policy; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }

参考答案：B

第4题：

在配置IPSec的安全提议proposal时，以下命令属于缺省配置的是（）。

A、encapsulation-mode tunnel
B、transform esp
C、esp encryption-algorithm des
D、esp encryption-algorithm 3des
E、esp authentication-algorithm md5

正确答案:A,B,C,E

第5题：

IPSec VPN is a widely-acknowledged solution for enterprise network. Which three IPsec VPNstatements are true？（）

A、IKE keepalives are unidirectional and sent every ten seconds
B、IPsec uses the Encapsulating Security Protocol （ESP） or the Authentication Header （AH）protocol for exchanging keys
C、To establish IKE SA, main mode utilizes six packets while aggressive mode utilizes only threepackets
D、IKE uses the Diffie-Hellman algorithm to generate symmetrical keys to be used by IPsec peers

正确答案:A,C,D

第6题：

Which IPsec security protocol should be used when confidentiality is required?()

A. AH

B. MD5

C. PSK

D. ESP

参考答案：D

第7题：

You want to test a configured screen value prior to deploying.Which statement will allow you to accomplish this?（）

A、[edit security screen] user@host# show ids-option untrust-screen { alarm-test-only; }
B、[edit security screen] user@host# show ids-option untrust-screen { alarm-without-drop; }
C、[edit security screen] user@host# show ids-option untrust-screen { alarm-no-drop; }
D、[edit security screen] user@host# show ids-option untrust-screen { test-without-drop; }

正确答案:B

第8题：

You want to test a configured screen value prior to deploying.Which statement will allow you to accomplish this?()

A. [edit security screen] user@host# show ids-option untrust-screen { alarm-test-only; }

B. [edit security screen] user@host# show ids-option untrust-screen { alarm-without-drop; }

C. [edit security screen] user@host# show ids-option untrust-screen { alarm-no-drop; }

D. [edit security screen] user@host# show ids-option untrust-screen { test-without-drop; }

参考答案：B

第9题：

Which operational mode command displays all active IPsec phase 2 security associations？（）

A、show ike security-associations
B、show ipsec security-associations
C、show security ike security-associations
D、show security ipsec security-associations

正确答案:D

第10题：

Which IPsec security protocol should be used when confidentiality is required?（）

A、AH
B、MD5
C、PSK
D、ESP

正确答案:D

JN0-332

单选题Which statement contains the correct parameters for a route-based IPsec VPN?（）A [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }po

题目

相似问题和答案

更多相关问题

相关内容