3V0-32.21 - Advanced Design VMware Cloud Management and Automation

You are configuring Layer 2 EtherChanneL and you want a PAgP port channel to come up only if the device on the other end is sending negotiations Which keyword must you use?
A. desirable
B. active
C. auto
D. on
Answer: A

Which statement is true about SYN cookies?
A. SYN cookies do not help to protect against SYM flood attacks.
B. The state is kept on the server machine TCP stack.
C. A system has to check every incoming ACK against state tables.
D. No state is kept on the server machine state but is embedded in the initial sequence number.
Answer: D
The Firewall TCP SYN Cookie feature helps prevent SYN-flooding attacks by intercepting and validating TCP connection
requests. The firewall intercepts TCP SYN packets that are sent from clients to servers. When the TCP SYN cookie is
triggered, it acts on all SYN packets that are destined to the configured VPN Routing and Forwarding (VRF) or zone.
The TCP SYN cookie establishes a connection with the client on behalf of the destination server and another
connection with the server on behalf of the client and knits together the two half-connections transparently. Thus,
connection attempts from unreachable hosts will never reach the server. The TCP SYN cookie intercepts and forwards
packets throughout the duration of the connection.

