Which type of access list entry is dynamic and becomes active only when a Telnet session is authenticated? It can be used for inbound or outbound traffic.

Question 1. (TCO 4) Which type of access list entry is dynamic and becomes active only when a Telnet session is authenticated? It can be used for inbound or outbound traffic. (Points: 3)

 

Established

 

Lock and key

 

Reflexive

 

CBAC

 

Question 2. (TCO 4) What function CBAC does on a Cisco IOS firewall? (Points: 3)

 

Creates specific security policies for each user.

 

Provides secure, per-application access control across network perimeters.

 

Provides additional visibility at intranet, extranet, and Internet perimeters.

 

Protects the network from internal attacks and threats.

 

Question 3. (TCO 4) Given the configuration shown below, the idle timeout for TCP and UDP sessions is _____.

 

ip inspect audit-trail

 

ip inspect name FWRULE tcp timeout 180

 

ip inspect name FWRULE udp timeout 180

 

interface FastEthernet0/0

 

ip access-group 100 in

 

ip inspect FWRULE in

 

interface FastEthernet0/1

 

ip access-group 101 in

 

logging on

 

logging 192.168.100.100

 

access-list 100 permit ip any any

 

access-list 101 deny ip any any log (Points : 3)

 

180 minutes

 

180 seconds

 

180 days

 

180 milliseconds

 

Question 4. (TCO 4) Given the configuration shown below, the host at IP address 192.168.100.100 is a _____.

 

ip inspect audit-trail

 

ip inspect name FWRULE tcp timeout 180

 

ip inspect name FWRULE udp timeout 180

 

interface FastEthernet0/0

 

ip access-group 100 in

 

ip inspect FWRULE in

 

interface FastEthernet0/1

 

ip access-group 101 in

 

logging on

 

logging 192.168.100.100

 

access-list 100 permit ip any any

 

access-list 101 deny ip any any log (Points : 3)

 

TACACS+ server

 

syslog server

 

Radius server

 

TACACS server

 

Question 5. (TCO 4) Which of the following is not a policy action that can be specified for zone-based firewall traffic? (Points: 3)

 

Pass

 

Drop

 

Hold

 

Inspect

 

Question 6. (TCO 4) With zone-based firewalls, which of the following is used to define interfaces on routers that have the same security level? (Points: 3)

 

Zones

 

Class maps

 

Policy maps

 

Zone pairs

 

Question 7. (TCO 4) What is the range of ACL numbers for a standard access list? (Points: 3)

 

100–199 and 1700–1999

 

1–99 and 1300–1999

 

0–99

 

100–199

 

Question 8. (TCO 4) In CLI, the zone-pair command is used to associate together which of the following? (Points: 3)

 

Zones and service-policy

 

Class maps and interface

 

Policy maps and interface

 

Class-type and interface

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.