The DHCP snooping function needs to maintain the binding table. What are the contents of the binding table?
Note: The DHCP snooping function needs to maintain the binding table. The contents of the binding table include: MAC, Vlan, and interface.
Which of the following is incorrect about IKE V1 and IKE V2?
Note: To establish a pair of IPSec, IKE V1 needs to go through two phases: 'main mode + fast mode' or 'barbaric mode + fast mode'. The former needs to exchange at least 9 messages, and the latter requires at least 6 messages. In IKE V2, an IKE SA and a pair of IPSecs can be completed by using a total of four messages in two exchanges. If the required IPSec SA is greater than 1 pair, the first pair of SAs only needs to add 1 additional exchange, that is, 2 messages can be completed. This is much easier than IKE V1. IKE V2 defines three types of exchanges: initial exchange, creation of SA exchange, and notification exchange.
In the firewall DDoS attack defense technology, the data packet of the session table is not defended. If the data packet of the session has been established, it is directly released.
In the application scenario of the virtual firewall technology, the more common service is to provide rental services to the outside. If the virtual firewall VFW1 is leased to enterprise A and the virtual firewall VFW2 is leased to enterprise B, what is the following statement incorrect?
