【单选题】
Small business may use___ for word processing
A. : microcomputers
B. :industrial computers
C. : mainframe computers
D. :supercomputers
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Once you've made the Internet connection, you can send___ to any of computer user all around the w orld
A. :e-mail
B. :WWW
C. :ccc
D. :web station
【单选题】
Which statement about zone-based firewall configuration is true?___
A. You can assign an interface to more than one zone
B. Traffic is implicitly denied by de fault between interfaces in the same zone
C. The zone must be configured before it can be a ssigned
D. Traffic that is destined to or sourced from the Self zone is de nied by default
【单选题】
Refer to the exhibit line in this configuration prevents the help Desk user from modifying the interface configuration.___
A. Privilege exec level 10 interface
B. Privilege exec level 9 configure terminal
C. Privilege exec level 7 show start-up
D. Username HelpDesk privilege 6 password help
【单选题】
You have been tasked with blocking user access to websites that violate company policy, but the sites use dynamic IP addresses. What is the best practice for URl filtering to solve the problem?___
A. Enable URL filtering and use URL categorization to block the we bsites that violate company
B. Enable URL filtering and create a blacklist to block the websites that violate company policy
C. Enable URL filtering and create a whitelist to block the websites that violate company policy
D.
E. nable URL filtering and use URL categorization to allow only the websites that company policy allows users to access.
【单选题】
Within an 802. 1x-enabled network with the auth Fail feature configured, when does a switch port get placed into a restricted VLAN?___
A. When a conected client fails to authenticate after a certain number of attempts.
B. if a connected client does not support 802. 1x
C. when AAA new-model is ena bled
D. after a connected client exceeds a specified idle time
E. when 802. 1x is not globally enabled on the Cisco Catalyst switch
【单选题】
Which type of attack does a proxy firewall protect against ?___
A. cross-site scripting attack
B. worm traffic
C. port scanning
D. DDoS attacks
【单选题】
When an administrator initiates a device wipe command from the ISE, what is the immediate effect?___
A. It requests the administrator to choose between erasing all device data or only managed corporate data.
B. It requests the administrator to enter the device pin or password before proceeding with the operation
C. It notifies the device user and proceeds with the erase operation
D. It immediately erases all data on the device
【单选题】
What is a valid implicit permit rule for traffic that is traversing the ASa firewall?___
A. ARPs in both directions are permitted in transparent mode only
B. Unicast IPv4 traffic from a higher security interface to a lower security interface is permittee in routed mode only.
C. Unicast IPv6 traffic from a higher security interface to a lower security interface is permitted in transparent mode only.
D. Only BPDUs from a higher security interface to a lower secur ity interface are permitted in transparent mode.
E. Only BPDUs from a higher security interface to a lower secur ity interface are permitted in routed mode
【单选题】
A specific URL has been identified as containing malware. What action can you take to block users from accidentally visiting the URl and becoming infected with malware ?___
A. Enable URL filtering on the perimeter router and add the URls you want to block to the router's local URL list
B. Enable URL filtering on the perimeter firewall and add the URls you want to allow to the router's local URL list.
C. Enable URL filtering on the perimeter router and add the URls you want to allow to the firewall's local URL list
D. Create a blacklist that contains the URl you want to block and activate the blacklist on the perimeter rout
E. Create a whitelist that contains the URLs you want to allow and activate the whitelist on the perimeter router.
【单选题】
How does PEAP protect the EAP exchange ?___
A. It encrypts the exchange using the server certificate
B. It encrypts the exchange using the client certificate
C. It validates the server-supplied certificate,and then encrypts the exchange using the client certificate
D. It validates the client-supplied certificate,and then encrypts the excha nge using the server certificate
【单选题】
Which feature of the Cisco Email Security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attacks?___
A. contextual analysis
B. holistic understanding of threats
C. graymail management and filtering
D. signature-based IPS
【单选题】
Refer to the exhibit【nat (inside,outside)dunamic interface】 Which translation technique does this configuration result in?___
A. DynamIc PAT
B. Dynamic NAT
C. Twice NAT
D. Static NAT
【单选题】
Refer to the exhibit which are repre sents the data center?___
【单选题】
While trouble shooting site-to-site VPN, you issued the show crypto isakmp sa command. What does the given output show?___
A. IKE Phase 1 main mode was created on 10.1.1.5, but it failed to negotiate with 10.10 10.2
B. IKE Phase 1 main mode has successfully negotiated between 10.1.1.5 and 10.10..
C. IKE Phase 1 aggressive mode was created on 10.1.1.5, but it failed to negotiate with
【单选题】
Refer to the exhibit All ports on switch 1 have a primary vLan of 300 Which devices can host 1 reach?___
A. host 2
B. server
C. host 4
D. other devices within VLAN303
【单选题】
Which option is the cloud-based security service from Cisco the provides URL filtering, web browsing content security, and roaming user protection?___
A. Cloud Web service
B. Cloud Advanced Malware Protection
C. Cloud We b Security
D. Cloud Web Protection
【单选题】
How can you detect a false negative on an IPS?___
A. View the alert on the ips
B. Review the ips log
C. Review the is console
D. Use a third- party system to perform penetration testing.
E. Use a third- party to audit the next generation firewall rules
【单选题】
If a switch port goes directly into a blocked state only when a superior BPDU is received, what mechanism must be in use?___
A. STP BPDU guard
B. Loop guard
C. EtherChannel guard
D. STP Root guard
【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
推荐试题
【多选题】
( )属于麻醉药品
A. 海洛因
B. 美沙酮
C. 可卡因
D. 古柯叶
【多选题】
进境宗教印刷品载有( )等内容的,应予以没收。
A. 制造民族分裂
B. 污蔑国家现行政策
C. 攻击宪法的有关规定
D. 鼓吹“两个中国”反动内容的
【多选题】
对( )进境宗教印刷品,海关应予没收。
A. 散发性的
B. 以伪装方式逃避海关检查的
C. 曾被海关退运,又重新带入的
D. 自用,数量合理且向海关主动申报的
【多选题】
下面关于人民币进出境管理的表述,正确的是:
A. 不得擅自运输人民币出入境
B. 不得在邮件中夹带人民币出入境
C. 携带人民币出入境应当向海关如实申报
D. 违规携带人民币出入境构成犯罪的,依法追究刑事责任
【多选题】
下列关于旅客带进黄金及其制品的海关监管表述,正确的是:
A. 应以自用,合理数量为限
B. 超出自用,合理数量的,视同进口货物
C. 经核准在自用,合理数量内的予以免税放行
D. 按照货物处理的,徐验核中国人民银行总行的批件
【多选题】
( )可凭外汇管理局〈〈携带外汇出境许可证〉〉携带超过等值10000美元的外币现钞出境。
A. 政府领导人出访
B. 人数较多的出境团组
C. 出境时间较长的科学考察团组
D. 出境人员赴金融条件差的国家
【多选题】
旅客携带( )等外币支付凭证出入境,海关不予管理。
A. 汇票
B. 旅行支票
C. 银行存款凭证
D. 邮政储蓄凭证
【多选题】
旅客携带( )人民币进出境,无需向海关申报。
A. 6000元
B. 10000元
C. 20000元
D. 30000元
【多选题】
旅客携带( )进出境时,海关不按照外币管理规定验放。
A. 美元纪念票据
B. 美元
C. 缅元
D. 朝鲜元
【多选题】
任何单位,个人不得运输,携带,邮寄( )进出境。
A. 虎骨
B. 犀牛角
C. 羚羊角
D. 猛犸象牙
【多选题】
载有( )内容的印刷品,禁止进境。
A. 扰乱社会秩序,破坏社会稳定
B. 宣扬淫秽,赌博,暴力或者教唆犯罪
C. 侮辱或者诽谤他人,侵害他人合法权益
D. 危害社会公德或者民族优秀文化传统
【多选题】
旅客携带( )进境,海关予以免税验放。
A. 单行本文学书籍5册
B. 单碟发行的音乐光盘10盘
C. 成套童话书籍5套
D. 成套音乐专辑5套
【多选题】
旅客携带( )进境,海关按照进口货物办理相关手续。
A. 单行本科学图书100册
B. 单碟发行的瑜伽光碟120盘
C. 成套历史小说20套
D. 成套音乐专辑20套
【多选题】
旅客携带禁止进出境的印刷品,音像制品进出境,如实向海关申报的( )
A. 予以收缴
B. 责令退回
C. 在海关监管下予以销毁
D. 在海关监管下进行技术处理
【多选题】
对外国国宾团随行记者所用采访器材,进境地海关凭中国外交部新闻司出具的( )办理手续
A. 担保函
B. 器材清单
C. 接待证明
D. 国宾随行记者器材证明信
【多选题】
临时来内地采访大型会议香港记者携带采访器材进境时,进境地海关凭( )办理暂行进境手续。
A. 器材清单
B. 进境有效证件
C. 港澳记者采访证
D. 相当于税款的保证金
【多选题】
来大陆采访的台湾记者携带采访器材进境时,海关凭( )出具的〈〈器材通关批准书〉〉予以验放。
A. 中华全国新闻工作者协会
B. 新疆生产建设兵团办
C. 深圳市台办
D. 广东省台办
【多选题】
旅客携带的下列物品,属于限制进出境的是( )
A. 人体血液
B. 人体组织
C. 人体器官
D. 人体血液制品
【多选题】
禁止任何个人携带、邮寄卫星电视接收设备,包括( )等。
A. 高频头
B. 接收机
C. 编码器
D. 解码器
【多选题】
进境物品的纳税义务人包括
A. 携带物品进境的入境人员
B. 进境邮递物品的收件人
C. 分离运输行李的收件人
D. 快件运营人
【多选题】
( )免征进口税
A. 无商业价值的货样
B. 无商业价值的广告品
C. 在海关放行前损失的物品
D. 进口税税额在人民币50元以下的物品
【多选题】
海关行邮现场X光机机检岗主要负责
A. 对X光机进行维修
B. 操作X光机对邮递物品进行检查作业
C. 操作X光机对旅客行李物品进行检查作业
D. 在托运行李现场操作X光机进行检查作业
【多选题】
X光机机检时,禁止( )的待检物品进入X光机检查通道。
【多选题】
进境旅客携带( )须向海关书面申报
A. 血液制品
B. 生物制品
C. 人体组织
D. 动植物及其产品
【判断题】
国内航班因紧急情况备降国外后,由于其为国内航线,回国不需要再进行海关监管
【判断题】
个人携带黄金及黄金制品进出境的管理规定,由中国人民银行会同海关总署制定。
【判断题】
持有5年多次出入境《台湾居民来往大陆通行证》的台湾居民属于非居民长期旅客。
【判断题】
因为没有知识产权权利人,海关对对世界博览会标志不实行知识产权保护。
【判断题】
查验岗负责使用X光机、CT机等设备对进出境行李物品实施非侵入式检查;判图岗负责根据指令对查验标的进行控制,开展人工查验和现场检疫。
【判断题】
享有外交、领事特权和豁免权的人员入境时,其行李不能检疫查验。
【判断题】
旅客携带伴侣犬、猫进境时,对犬、猫数量没有限制。
【判断题】
列入禁止进境范围的所有物品均属禁止出境物品。
【判断题】
因科学研究等特殊需要引进动植物病原体的,必须事先提出申请,经农业部批准
【判断题】
宠物犬和猫必须经过海关或其授权宠物医院检疫,并持有海关出具的检疫证书才能携带出境。
【判断题】
用做预防或治疗的自用血液制品或生物制品可以邮寄入境。
【判断题】
《中华人民共和国禁止携带、邮寄进境的动植物及其产品名录》规定所有的活动物都是不能携带进境的。
