Which of the following statements regarding the default zone of USG series firewalls is true?
The default zone can be deleted.
The level of the default zone can be changed.
The default zone cannot be deleted, but its level can be changed.
There are four default zones.
Which of the following attacks is not the network layer attack?
IP spoofing attack
Smurf attack
ARP spoofing attack
ICMP attack
In most cases, an IP address that is dynamically assigned by a DHCP server has a lease. Which of the following statements regarding the IP address lease is false?
The lease renewal timer is 50% of the total lease. When the lease renewal timer expires, the DHCP server must renew the IP address lease.
The rebinding timer is 87.5% of the total lease.
If the rebinding timer expires but the DHCP client does not receive any responses from the DHCP server, the DHCP client keeps sending DHCP Request packets to the DHCP server which assigned an IP address to it before, until the total lease expires.
If the DHCP client receives a DHCP NAK packet within the lease, the client stops using the current IP address immediately and returns to the initialization state. The DHCP client then applies for a new IP address.
In a MPLS VPN network, two-layer MPLS labels are added into data packets before they are transmitted over the public network. Which of the following statements regarding data packet processing are true? (Multiple Choice)
The penultimate hop removes the outer label before forwarding the data packet to a peer PE.
The IP data packet received by the peer PE does not carry labels.
The penultimate hop removes the outer label if the outer label in the data packet is explicit null label 3.
The peer PE sends the data packet to the correct VPN based on the inner label.
For interzone packet filtering, which traffic is belong to transmitted to outbound direction?
Trusted zone -> Untrusted zone
Untrusted zone -> Trusted zone
Untrusted zone -> DMZ
Trusted zone -> Local zone
Which command is used to configure association between VRRP and a physical interface?
vrrp vrid 1 track interface GigabitEthernet-0/0/0
track vrrp vrid 1 interface GigabitEthernet0/0/0
vrrp vrid 1 interface GigabitEthernet0/0/0 track
vrrp vrid 1 interface GigabitEthernet0/0/0
VXLAN technology is only used to build an inter-DC Layer 2 network.
TRUE
FALSE
Besides resource discovery, allocation, and management, which function else does the VIM management module of NFV provide?
Resource scheduling
Resource monitoring
Resource reclaiming
Troubleshooting
SDN and NFV are essentially the same concept and both define network function visualization.
TRUE
FALSE
Which of the following statements regarding packet marking is false?
QoS information of packets can be marked.
The DSCP priority or IP precedence of IP packets can be marked.
The 802.1P priority of VLAN packets can be marked
The MAC address of packets can be marked.