Which security mechanism is employed only on the server-side

第1题：

第2题：

Which two statements about queuing mechanisms are true？ （）

• A、FIFO queuing is only appropriate for slower serial interfaces
• B、weighted fair queuing is the default queuing mechanism used for all but slower than E1 rate interfaces
• C、only one queuing mechanism type can be applied to an interface
• D、weighted fair queuing does not require the configuration of access lists to classify traffic  
• E、flow-based weighted fair queuing provides for queues to be serviced in a round-robin fashion

第3题：

正确答案：D

第4题：

Which statement is true about the components of a queuing mechanism？（）

• A、Each subinterface has its own hardware queue and can experience congestion just like its main interface
• B、Hardware queuing is only used if the software queues are experiencing congestion.
• C、Hardware queues and software queues are not used concurrently.
• D、The hardware queuing system always uses the FIFO queuing mechanism.

第5题：

Which of these statements accurately identifies how Unicast Reverse Path Forwarding can be employed to prevent the use of malformed or forged IP sources addresses？（）

• A、It is applied only on the input interface of a router.
• B、It is applied only on the output interface of a router.
• C、It can be configured either on the input or output interface of a router.
• D、It cannot be configured on a router interface.
• E、It is configured under any routing protocol process.

第6题：

Which of the following is true about Outbound Malware Scanning？（） 

• A、 It has its own policy table.
• B、 It is configured as part of Access Policies.
• C、 It is configured as part ofIronPort data Security.
• D、 It only has global configuration.

第7题：

The PIX Security Appliance feature set is a subset of the ASA Security Appliance feature set. Which two of these features are only supported by an ASA Security Appliance？ （Choose two.）（）

• A、 security contexts
• B、- transparent firewall
• C、 WebVPN
• D、 Active/Active failover
• E、 low latency queuing
• F、 AIP-SSM intrusion prevention

第8题：

第9题：

Which of the following is true when considering the Server load-balancing design within the E-Commerce Module of the Enterprise Campus network？（）

• A、 Routed mode requires the ACE run OSPF or EIGRP
• B、 Bridged mode switches a packet between the public and the private subnets when it sees itsMAC address as the destination
• C、 Two-armed mode will place the SLB inline to the servers， with different client-side and a server-side VLANs
• D、 One-armed mode， which uses the same VLAN for the client， the ACE， and the servers， requiresa traffic-diversion mechanism to ensure the traffic return from the server passes though the ACE

第10题：

Which two statements about the Wired Equivalent Privacy （WEP） encryption mechanism are true？ （）

• A、the two methods of authentication using the WEP encryption are open and shared key
• B、the 802.11 standard defines WEP security using 128-bit keys
• C、WEP can provide stronger authentication through the use of LEAP， PEAP， or EAP-FAST
• D、WEP is a scalable encryption solution that uses static keys for authentication
• E、WEP security provides only one-way authentication
• F、WEPv2 offers improved encryption by replacing the RC4 encryption mechanism with the AES （symmetric block cipher） mechanism