单项选择题
Refer to the exhibit. The web servers WS_1 and WS_2 need to be accessed by external and internal users. For security reasons, the servers should not communicate with each other,
although they are located on the same subnet. The servers do need, however, to communicate with a database server located in the inside network.
What configuration will isolate the servers from each other? ()
A. The switch ports 3/1 and 3/2 will be defined as secondary VLAN community ports. The ports connecting to the two firewalls will be defined as primary VLAN promiscuous ports.
B. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as primary VLAN promiscuous ports.
C. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as primary VLAN community ports.
D. The switch ports 3/1 and 3/2 will be defined as secondary VLAN isolated ports. The ports connecting to the two firewalls will be defined as primary VLAN promiscuous ports.
相关考题
-
多项选择题
pany is implementing 802.1X in order to increase network security. In the use of 802.1X access control, which three protocols are allowed through the switch port before authentication takes place? ()
A. EAP-over-LAN
B. EAP MD5
C. STP
D. protocols not filtered by an ACL
E. CDP
F. TACACS+ -
单项选择题
Refer to the exhibit. What will happen to traffic within VLAN 14 with a source address of 172.16.10.5?()
A. The traffic will be forwarded to the router processor for further processing.
B. The traffic will be dropped.
C. The traffic will be forwarded to the TCAM for further processing.
D. The traffic will be forwarded without further processing. -
单项选择题
The Company security administrator wants to prevent DHCP spoofing. Which statement is true about DHCP spoofing operation?()
A. DHCP spoofing and SPAN cannot be used on the same port of a switch.
B. To prevent a DHCP spoofing, the DHCP server must create a static ARP entry that cannot be updated by a dynamic ARP packet.
C. To prevent a DHCP spoofing, the switch must have DHCP server services disabled and a static entry pointing towards the DHCP server.
D. DHCP spoofing can be prevented by placing all unused ports in an unused VLAN.
E. None of the other alternatives apply.
