A.Cisco IOS IPsec/SSL VPN client
B.Cisco VPN Clinet
C.ISDN terminal adapter
D.Cisco Adaptive Security Appliance
第1题:
Which are three reasons that an organization with multiple branch offices and roaming users might implement a Cisco VPN solution instead of point-to-point WAN links?()
第2题:
You are the network consultant from Cisco.com.Your customer has eight sites and will add in thefuture. Branch site to branch site traffic is approaching 30 percent. The customer’s goals are to make iteasier to add branch sites in the future and to reduce traffic through the hub. Which VPN topology should you recommend?()
第3题:
Which security-enabled device is recommended to provide a site-to-site IPsec VPN solution, but not SSL?()
第4题:
Which two of these are advantages of placing the VPN device parallel to the firewall?()
第5题:
Your company has a main office and a branch office.The branch office administrators are the only members of a custom management role group.The role group is configured to allow members to manage recipients. You notice that the branch office administrators can manage recipients in both offices.You need to ensure that the branch office administrators can manage recipients in the branch office only. What should you do?()
第6题:
You are the systems engineer for your company. The company has a main office in Los Angeles and two branch offices, one in Chicago and one in New York. The offices are connected to one another by dedicated T1 lines. Each office has its own local IT department and administrative staff. The company network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. All servers support firmware-based console redirection by means of the serial port. The server hardware does not support any other method of console redirection and cannot be upgraded to do so. The company is currently being reorganized. The IT departments from each branch office are being relocated to a new central data center in the Los Angeles office. Several servers from each branch office are also being relocated to the Los Angeles data center. Each branch office will retain 10 servers. A new written security policy includes the following requirements: • All servers must be remotely administered for all administrative tasks. • All servers must be administered from the Los Angeles office. • All remote administration connections must be authenticated and encrypted. Your current network configuration already adheres to the new written security policy for day-to-day server administration tasks performed on the servers. You need to plan a configuration for out-of-band management tasks for each office that meets the new security requirements. Which three actions should you take?()
第7题:
Cisco Integrated Service Routers
Cisco ASA 5500 Series Security Appliance
CiscoWebVPN Services Module
CiscoIPsec VPN Module
第8题:
DMVPN
MPLS VPN
Virtual Tunnel Interface (VTI)
SSL VPN
PPPoE
第9题:
an IP filter that allows only Internet Control Message Protocol (ICMP) traffic
an IP filter that allows only TCP traffic on port 1701
a pre-shared key for authentication
Kerberos authentication
第10题:
Add two more demand-dial interfaces on Server1.
Install a computer certificate on Server1, Server2, and Server3.
Upgrade Server1 to Windows Server 2003 Standard Edition SP2.
Add an additional demand-dial interface on Server2 and Server3.
第11题:
In the Active Directory domain, add the branch office administrators to the Server Operators built-in local group.
In the Active Directory domain,add the branch office administrators to the NetworkConfiguration Operators built-in local group.
In each branch office, migrate the DHCP Server server role to the file server. On each fileserver, add the branch office administrator to the DHCP Administrators local group.
n each branch office, migrate the DHCP Server server role to the file server. In the Active Directory domain, add the branch office administrators to the DHCP Administrators domain local group.
第12题:
reduced cost
better throughput
increased security
scalability
reduced latency
broadband incompatibility
第13题:
our company has a main office and one branch office. All servers run Windows Server 2003 Service Pack 2 (SP2). The main office has a third-party gateway device named Gateway1. Gateway1 is connected to the internal network and the Internet. Gateway1 supports IPSec. In the branch office, you have a server named Server1. You create an IPSec policy on Server1. You need to ensure that Server1 can establish an IPSec tunnel to Gateway1. What should you use to configure the IPSec policy?()
第14题:
Which device might be installed at a branch office to enable and manage an IPsec site-to-site VPN?()
第15题:
Which factor is least likely to affect the scalability of a VPN design?()
第16题:
You are the systems engineer for your company. The network consists of a single Active Directory domain. The company has a main office and two branch offices. All servers run Windows Server 2003. All client computers run either Windows XP Professional or Windows 2000 Professional. Each branch office maintains a dedicated 256-Kbps connection to the main office. Each office also maintains a T1 connection to the Internet. Each office has a Microsoft Internet Security and Acceleration (ISA) Server 2000 computer, which provides firewall and proxy services on the Internet connection. Each branch office contains one domain controller and five servers that are not domain controllers. There is minimal administrative staff at the branch offices. A new company policy states that all servers must now be remotely administered by administrators in the main office. The policy states that all remote administration connections must be authenticated by the domain and that all traffic must be encrypted. The policy also states that the remote administration traffic must never be carried in clear text across the Internet. You choose to implement remote administration by enabling Remote Desktop connections on all servers on the network. You decide to use the Internet-connected T1 lines for remote administration connectivity between offices. Because administrative tasks might require simultaneous connections to multiple servers across the network, you need to ensure that administrators do not lose connections to servers in one office when they attempt to connect to servers in another office. What should you do? ()
第17题:
You are a network administrator for your company. The company has a main office and a branch office. The branch office has a cable modem connection to the Internet and uses a virtual private network (VPN) connection to access resources on the main office network. The cable modem is connected to a Windows XP Professional computer named Pro1. You configure Internet Connection Sharing (ICS) on Pro1 to allow users in the branch office to use the VPN connection. ICS sets the network adapter to use the IP address 192.168.0.1. Several sales representatives in the branch office use wireless network adapters to share files between their client computers. They need access to the VPN connection to upload sales reports to the main office. You install a wireless network adapter in Pro1 and configure it with the appropriate settings for the wireless LAN. The sales representatives who use the wireless LAN report that they cannot access the VPN connection. However, they are able to connect to resources in the branch office. Users on the wired network do not report any connectivity problems. The sales representatives need to be able to access the VPN. What should you do?()
第18题:
Your company has a main office and a branch office. All branch office administrators are members of a custom management role group.The role group is configured to allow members to manage recipients.The branch office administrators are also members of The Domain Admins security group. The organization contains one Exchange Server 2010 server. You discover that the branch office administrators can manage recipients in both offices. You need to ensure that the branch office administrators can manage recipients in their assigned branch office only.What should you do?()
第19题:
allows dynamic routing over the tunnel
supports multi-protocol (non-IP) traffic over the tunnel
reduces IPsec headers overhead since tunnel mode is used
simplifies the ACL used in the crypto map
uses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configuration
第20题:
Connect each server’s serial port to a terminal concentrator. Connect the terminal concentrator to the network.
Connect a second network adapter to each server. Connect the second network adapter in each server to a separate network switch. Connect the management port on the switch to a WAN port on the office router. Enable IPSec on the router.
Enable Routing and Remote Access on a server in each branch office, and configure it as an L2TP/IPSec VPN server. Configure a remote access policy to allow only authorized administrative staff to make a VPN connection.
On each server, enable the Telnet service with a startup parameter of Automatic. Configure Telnet on each server to use only NTLM authentication. Apply the Server (Request Security) IPSec policy to all servers.
On each server, enable Emergency Management Services console redirection and the Emergency Management Services Special Administration Console (SAC).
第21题:
BranchCache - Content Retrieval (Uses HTTP)
BranchCache - Hosted Cache Server (Uses HTTPS)
BranchCache - Peer Discovery (Uses WSD)
File and Printer Sharing
第22题:
number of branch offices
number of IGP routing peers
remote Office and home worker throughput bandwidth requirements
high availability requirements
Supported applications
第23题:
Easy VPN
IPsec GRE tunneling
Virtual Tunnel Interfaces
Dynamic Multipoint VPN