【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
【单选题】
What is the actual los privilege level of User Exec mode?___
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
【多选题】
Which two statements about host-based iPS solutions are true?___
A. It uses only signature-based polices
B. It can be deployed at the perimeter.
C. It can be have more restrictive policies than network-based IPS
D. it works with deployed firewall
E. It can generate alerts based on be havior at the de sto
【多选题】
When two events would cause the state table of a stateful firewall to be updated? ___
A. when a packet is evaluated against the outbound access list and is denied
B. when a con nection is created
C. when rate-limiting is applied
D. when a connection s timer has expired within the state table.
E. when an outbound packet is forwarded to the outbound interface
【多选题】
Which two characteristics apply to an intrusion Prevention System(IPS)?___
A. Cannot drop the packet on its own
B. Cabled directly inline with the flow of the network traffic
C. Runs in promiscuous mode wat
D. Does not add delay to the original traffic
E. Can drop traffic based on a set of rules
【多选题】
crypto ipsec trans form-set myset esp-md5-hmac esp-aes-256,What are two effects of the given command?___
A. It configures authentication use AES 256.
B. It configures authentication to use MD5 HMAC
C. It configures authentication use AES 256.
D. It configures encryption to ase MD5 HMAC.
E. It configures encryption to use AES 256
推荐试题
【判断题】
专职消防队的队员不能享受社会保险和福利待遇。
【判断题】
用人单位的职业卫生管理人员对本单位的职业病防治工作全面负责。
【判断题】
产生职业病危害的用人单位工作场所还应当有配套的更衣间、洗浴间、孕妇休息间等卫生设施。
【判断题】
危险化学品经营企业不得向未经许可从事危险化学品生产、经营活动的企业采购危险化学品,不得经营没有化学品安全技术说明书或者化学品安全标签的危险化学品。
【判断题】
《中华人民共和国消防法》规定,单位的安全管理人员是本单位的消防安全责任人。
【判断题】
室颤电流是短时间作用于人体而引起心室纤维性颤动的最小致命电流。
【判断题】
通风情况是划分爆炸危险区域的重要因素,它分为一般机械通风和局部机械通风两种类型。
【判断题】
雷电可以分为直击雷、感应雷、雷电波侵入和球形雷。
【判断题】
锅炉水循环的停滞会造成受热面过热、鼓包、管子涨粗甚至爆管事故。
【判断题】
外力除去后构件恢复原有的形状,即变形随外力的除去而消失,这种变形称为塑性变形。
【判断题】
用人单位安排未经职业健康检查的劳动者从事接触职业病危害的作业的,并处5万元以上30万元以下的罚款;情节严重的,责令停止产生职业病危害的作业,或者提请有关人民政府按照国务院规定的权限责令关闭。
【判断题】
用人单位是职业健康监护工作的责任主体,其主要负责人对本单位职业健康监护工作全面负责。
【判断题】
职业性危害因素所致职业危害的性质和强度取决于危害因素的本身理化性能。
【判断题】
职业病危害较重的建设项目,其职业病危害预评价报告应当报安全生产监督管理部门审核;职业病防护设施竣工后,由安全生产监督管理部门组织验收。
【判断题】
输送有毒、易燃和易腐蚀物料的机泵,在解体检修之前,必须将泵体内残液放净。
【判断题】
严禁在油气区内用有色金属敲打撞击作业。
【判断题】
运输散装固体危险物品,应根据性质,采取防火、防爆、防水、防粉尘飞扬和遮阳措施。
【判断题】
最小点火能是指能引起爆炸性混合物燃烧爆炸时所需的最小能量。最小点火能数值愈大,说明该物质愈易被引燃。
【判断题】
堆放各种爆炸品时,要求做到牢固、稳妥、整齐,防止倒垛,便于运输。
【判断题】
储存危险化学品建筑物内不宜增设采暖设施。
【判断题】
《常用危险化学品的分类及标志》中此图形为腐蚀品的安全标志。
【判断题】
自燃物品是指常温下与空气接触能缓慢氧化,积热不散而引起自燃的物品。
【判断题】
遇湿易燃物品库房必须干燥,严防漏水或雨雪浸入,但可以在防水较好的露天存放。
【判断题】
危险化学品包装修理过后如果符合危险货物运输包装性能试验的要求,可以重复使用。
【判断题】
根据《危险化学品重大危险源辨识》,乙烯临界量为30t。
【判断题】
可燃固体的粉尘能与空气形成爆炸性混合物。
【判断题】
在空气充足的条件下,可燃物与火源接触即可着火。
【判断题】
道路交通事故、火灾事故自发生之日起7日内,事故造成的伤亡人数发生变化的,应当及时补报。
【判断题】
持续改进是指生产经营单位应不断寻求方法持续改进自身职业安全健康管理体系及其职业安全健康绩效,从而不断消除、降低或控制各类职业安全健康危害和风险。
【判断题】
化学品安全标签上的警示词位于化学品名称的上方,必须醒目、清晰。
【判断题】
甲、乙类仓库内严禁采用明火和电热散热器采暖。
【判断题】
未取得危险化学品经营许可证的企业可少量采购危险化学品。
【判断题】
抓好安全教育培训工作是每一个企业的法定责任。
【判断题】
应按《化学危险品标签编写导则》编写危险化学品标签。
【判断题】
危险化学品包装的型式、规格、方法和单件质量(重量),应当与所包装的危险化学品的性质和用途相适应。
【判断题】
按照导致事故的原因把安全技术措施分为,预防事故发生的安全技术措施,控制事故发生的措施和消除减少事故损失的安全技术措施。
