Hi All, thanks for all your response.. I now understand we cant use role-base CLI for the 2nd question. but can someone give me the reason why cant we use FPM on 1st question?.
thanks Pemasiri On Mon, Feb 14, 2011 at 8:08 PM, Tyson Scott <[email protected]> wrote: > 1. FPM would be difficult to use. The answer is the better option. > > 2. The key is " authenticate and authorize remote users with > > per-user level acess control *before*" > > > > > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Pemasiri > Devanarayana > *Sent:* Monday, February 14, 2011 8:14 AM > > *To:* [email protected] > *Subject:* [OSL | CCIE_Security] Yusuf's Flash Card - OEQ > > > > Hi, > > > > I just need some one's feedback on below two questions; > > > > 1) which cisco IOS feacture can prevent bad http packet from tunneling > malicious traffic > > - answer was ZFW > > why cant we considered FPM..? > > > > ) which IOS security technology can be used to authenticate and authorize > remote users with > > per-user level acess control before permiting access to local/network > services or hosts/servers > > -authentication proxy > > -why cant considerd role-base CLI > > > > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
