- All Exams Instant Download
Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone.
Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone. Complete the security policy to ensure only Telnet is allowed. Security Policy: Source Zone: Internal to DMZ Zone __________services “Application defaults”, and action = AllowA . Destination IP: 192.168.1.123/24B . Application =...
What is the minimum timeframe that can be set on the firewall to check for new WildFire signatures?
What is the minimum timeframe that can be set on the firewall to check for new WildFire signatures?A . every 30 minutesB . every 5 minutesC . once every 24 hoursD . every 1 minuteView AnswerAnswer: D Explanation: Because new WildFire signatures are now available every five minutes, it is...
Based on the security policy rules shown, ssh will be allowed on which port?
Based on the security policy rules shown, ssh will be allowed on which port? A . 80B . 53C . 22D . 23View AnswerAnswer: C
In the example security policy shown, which two websites fcked? (Choose two.)
In the example security policy shown, which two websites fcked? (Choose two.) A . LinkedInB . FacebookC . YouTubeD . AmazonView AnswerAnswer: A,B
Which policy is required to enable source NAT on the firewall?
An internal host wants to connect to servers of the internet through using source NAT. Which policy is required to enable source NAT on the firewall?A . NAT policy with source zone and destination zone specifiedB . post-NAT policy with external source and any destination addressC . NAT policy with...
Your company requires positive username attribution of every IP address used by wireless devices to support a new compliance requirement. You must collect IP Cto-user mappings as soon as possible with minimal downtime and minimal configuration changes to the wireless devices themselves. The wireless devices are from various manufactures.
Your company requires positive username attribution of every IP address used by wireless devices to support a new compliance requirement. You must collect IP Cto-user mappings as soon as possible with minimal downtime and minimal configuration changes to the wireless devices themselves. The wireless devices are from various manufactures. Given...
Which two security profile components will detect and prevent this threat after the firewall’s signature database has been updated?
An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command-and-control (C2) server. Which two security profile components will detect and prevent this threat after the firewall’s signature database has been updated? (Choose two.)A ....
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?A . DoS protectionB . URL filteringC . packet bufferingD . anti-spywareView AnswerAnswer: A
Which security policy rule would be needed to match traffic that passes between the Outside zone and Inside zone, but does not match traffic that passes within the zones?
Which security policy rule would be needed to match traffic that passes between the Outside zone and Inside zone, but does not match traffic that passes within the zones?A . intrazoneB . interzoneC . universalD . globalView AnswerAnswer: B
To use Active Directory to authenticate administrators, which server profile is required in the authentication profile?
To use Active Directory to authenticate administrators, which server profile is required in the authentication profile?A . domain controllerB . TACACS+C . LDAPD . RADIUSView AnswerAnswer: C
