不定项选择题8. Which of the following parts of SAFE defines security mechanisms that secure thenetwork infrastructure itself? SAFE架构在哪一部分定义了保护网络基础设施自身的安全机制?
填空题22. An ______ is a piece of information that binds a PKI member's name to its public key and puts it into a standard format. ______是一种遵循标准格式的信息块,它绑定了PKI成员的公钥与名字。
填空题8. A VPN technology that supports ______ must be chosen if the transport network does not route internal VPN address spaces. 如果传输网络不支持内部地址路由,则必须选择支持______的VPN技术。
填空题9. In the case of redundant DMVPNs with multiple GRE tunnels establishing between the same spokes, it is necessary to use ______ for IPsec SAs to establish properly. 在冗余的DMVPN解决方案中,由于分支之间可能建立多条GRE隧道,因此你应当使用______来优化IPSec SA的数量。
填空题12. A good disaster recovery plan must include contingencies for both ______ and ______ security breaches. 一份完备的灾难恢复计划必须同时考虑______与______两个方面的安全突发事件。
填空题 Verify the operational status of the 802
填空题 When terminating a clientless VPN
填空题11. Hosts behind the remote VPN router are not reachable for a session initiated from the central site in ______ mode. 在______模式下,如果中心站点作为会话的发起方,那么它将无法与远程VPN路由器身后的主机进行通信。
填空题13. The Cisco Easy VPN Server can ______ IPsec tunnels that are initiated by remote users running VPN client software on their systems. Cisco EZVPN服务器能够______那些由运行VPN客户端软件的远程用户发起的IPSec隧道。
填空题2. Configuring ______ causes a period verification to take place, thus ensuring that the client is still connected and the port should remain in the authenticated state. 交换机每隔一段时间对客户进行______,以确保客户仍然与端口相连,且端口仍然处于授权状态。
填空题7. The ______ receives all control plane IP traffic that is directed at one of the device's interfaces. ______接收所有被引导到设备某个接口的控制面IP流量。
填空题16. The ______ and ______ versions of SNMP utilize community name-based security. 在3种SNMP版本中,______与______采用基于团体名的安全机制。
填空题9. The ______ command Can be used to choose a preferred authentication method overanother. 命令______用于设置认证方式的优先级。
填空题5. DMVPN greatly simplifies the configuration requirements on the ______ router. DMVPN极大地简化了在______路由器上的配置需求。
填空题 When using EAPOL
填空题 When using the enable secret command
填空题15. The ______ and ______ protocols are not supported by 802.1X natively without externaltunneling support. 除非采用外部隧道协议,否则802.1X架构本身不支持______与______协议。
填空题8. The ______ switchport security classification includes dynamically learned addresses that are automatically added to the running configuration. 在端口安全中,______地址由交换机端口动态学习并自动添加到运行配置中。
填空题15. XAUTH takes place ______ IKE phase 1 completes and ______ the IKE phase 2 (IPsec SA) negotiations begin. XAUTH特性作用于IKE阶段1协商完成______和IKE阶段2(IPSec SA)协商开始______。
填空题7. ______ populates each spoke's routing table so that each spoke knows about the subnets behind the other spokes. 由于______的运行和参与,使得分支路由器能够学习到位于其他分支内部的子网。