【单选题】
Which statement about zone-based firewall configuration is true?___
A. You can assign an interface to more than one zone
B. Traffic is implicitly denied by de fault between interfaces in the same zone
C. The zone must be configured before it can be a ssigned
D. Traffic that is destined to or sourced from the Self zone is de nied by default
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Refer to the exhibit line in this configuration prevents the help Desk user from modifying the interface configuration.___
A. Privilege exec level 10 interface
B. Privilege exec level 9 configure terminal
C. Privilege exec level 7 show start-up
D. Username HelpDesk privilege 6 password help
【单选题】
You have been tasked with blocking user access to websites that violate company policy, but the sites use dynamic IP addresses. What is the best practice for URl filtering to solve the problem?___
A. Enable URL filtering and use URL categorization to block the we bsites that violate company
B. Enable URL filtering and create a blacklist to block the websites that violate company policy
C. Enable URL filtering and create a whitelist to block the websites that violate company policy
D.
E. nable URL filtering and use URL categorization to allow only the websites that company policy allows users to access.
【单选题】
Within an 802. 1x-enabled network with the auth Fail feature configured, when does a switch port get placed into a restricted VLAN?___
A. When a conected client fails to authenticate after a certain number of attempts.
B. if a connected client does not support 802. 1x
C. when AAA new-model is ena bled
D. after a connected client exceeds a specified idle time
E. when 802. 1x is not globally enabled on the Cisco Catalyst switch
【单选题】
Which type of attack does a proxy firewall protect against ?___
A. cross-site scripting attack
B. worm traffic
C. port scanning
D. DDoS attacks
【单选题】
When an administrator initiates a device wipe command from the ISE, what is the immediate effect?___
A. It requests the administrator to choose between erasing all device data or only managed corporate data.
B. It requests the administrator to enter the device pin or password before proceeding with the operation
C. It notifies the device user and proceeds with the erase operation
D. It immediately erases all data on the device
【单选题】
What is a valid implicit permit rule for traffic that is traversing the ASa firewall?___
A. ARPs in both directions are permitted in transparent mode only
B. Unicast IPv4 traffic from a higher security interface to a lower security interface is permittee in routed mode only.
C. Unicast IPv6 traffic from a higher security interface to a lower security interface is permitted in transparent mode only.
D. Only BPDUs from a higher security interface to a lower secur ity interface are permitted in transparent mode.
E. Only BPDUs from a higher security interface to a lower secur ity interface are permitted in routed mode
【单选题】
A specific URL has been identified as containing malware. What action can you take to block users from accidentally visiting the URl and becoming infected with malware ?___
A. Enable URL filtering on the perimeter router and add the URls you want to block to the router's local URL list
B. Enable URL filtering on the perimeter firewall and add the URls you want to allow to the router's local URL list.
C. Enable URL filtering on the perimeter router and add the URls you want to allow to the firewall's local URL list
D. Create a blacklist that contains the URl you want to block and activate the blacklist on the perimeter rout
E. Create a whitelist that contains the URLs you want to allow and activate the whitelist on the perimeter router.
【单选题】
How does PEAP protect the EAP exchange ?___
A. It encrypts the exchange using the server certificate
B. It encrypts the exchange using the client certificate
C. It validates the server-supplied certificate,and then encrypts the exchange using the client certificate
D. It validates the client-supplied certificate,and then encrypts the excha nge using the server certificate
【单选题】
Which feature of the Cisco Email Security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attacks?___
A. contextual analysis
B. holistic understanding of threats
C. graymail management and filtering
D. signature-based IPS
【单选题】
Refer to the exhibit【nat (inside,outside)dunamic interface】 Which translation technique does this configuration result in?___
A. DynamIc PAT
B. Dynamic NAT
C. Twice NAT
D. Static NAT
【单选题】
Refer to the exhibit which are repre sents the data center?___
【单选题】
While trouble shooting site-to-site VPN, you issued the show crypto isakmp sa command. What does the given output show?___
A. IKE Phase 1 main mode was created on 10.1.1.5, but it failed to negotiate with 10.10 10.2
B. IKE Phase 1 main mode has successfully negotiated between 10.1.1.5 and 10.10..
C. IKE Phase 1 aggressive mode was created on 10.1.1.5, but it failed to negotiate with
【单选题】
Refer to the exhibit All ports on switch 1 have a primary vLan of 300 Which devices can host 1 reach?___
A. host 2
B. server
C. host 4
D. other devices within VLAN303
【单选题】
Which option is the cloud-based security service from Cisco the provides URL filtering, web browsing content security, and roaming user protection?___
A. Cloud Web service
B. Cloud Advanced Malware Protection
C. Cloud We b Security
D. Cloud Web Protection
【单选题】
How can you detect a false negative on an IPS?___
A. View the alert on the ips
B. Review the ips log
C. Review the is console
D. Use a third- party system to perform penetration testing.
E. Use a third- party to audit the next generation firewall rules
【单选题】
If a switch port goes directly into a blocked state only when a superior BPDU is received, what mechanism must be in use?___
A. STP BPDU guard
B. Loop guard
C. EtherChannel guard
D. STP Root guard
【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
推荐试题
【单选题】
患者左前胸部损伤后,有胸痛、轻度呼吸困难。X线检查:左第1、3肋骨骨折,无移位,肺压缩30%。治疗应选择___
A. 镇静、止痛、对症治疗
B. 胸膜腔穿刺抽气
C. 输血、输液
D. 胸膜腔闭式引流
E. 牵引固定
【单选题】
血液缓冲系统中最重要的缓冲对是___
A. 细胞内磷酸盐缓冲系
B. 血红蛋白缓冲系
C. 血浆中蛋白缓冲系
D. 氧合血红蛋白缓冲系
E. 碳酸氢盐缓冲系
【单选题】
前尿道损伤多发生在___
A. 阴茎部
B. 球部
C. 膜部
D. 前列腺部
E. 尿道狭窄处
【单选题】
患者,女性,34岁。胸外伤后呼吸困难,发绀,脉快,体检时见胸壁有一长约3cm的开发性伤口,呼吸时伤口处发出"嘶嘶"的声音,伤侧呼吸音消失,叩诊呈鼓音。首先考虑为___
A. 闭合性气胸
B. 开放性气胸
C. 张力性气胸
D. 损伤性血胸
E. 机化性血胸
【单选题】
下列关于骨产道的说法正确的是___
A. 骨盆由骶骨、耻骨、尾骨组成
B. 真骨盆两侧为髂骨翼,后面为第5腰椎
C. 骨盆下口平面是指由骶尾关节、两侧的坐骨棘、耻骨联合下缘围绕的骨盆腔最低平面
D. 骨盆上口平面为骶岬上缘,髂耻线与耻骨联合上缘
E. 中骨盆平面横径为坐骨结节间径
【单选题】
女,16岁,于高处取物时不慎摔下,呈骑跨式,伤及外阴部位,疼痛难忍,出现外阴血肿,其最易发生的部位在___
A. 阴阜
B. 小阴唇
C. 大阴唇
D. 阴蒂
E. 阴道前庭
【单选题】
用B超能看见胎心搏动的最早时期是___
A. 妊娠28周
B. 妊娠16周
C. 妊娠18周
D. 妊娠24周
E. 妊娠8周
【单选题】
30岁妇女,主诉白带增多,检查宫颈阴道部宫口周围外观呈细颗粒状红色区,占整个宫颈面积的近2/3,宫颈刮片未见癌细胞。恰当处置应是___
A. 药物阴道冲洗
B. 阴道放置药物
C. 红外线凝结疗法
D. 宫颈锥形切除术
E. 子宫切除术
【单选题】
产程中缩宫素引产的适应证不包括___
A. 过期妊娠,无阴道分娩禁忌证者
B. 有潜伏期延长趋势,潜伏期>6小时
C. 活跃期继发性宫缩乏力
D. 母亲合并症或并发症,需要终止妊娠,并具有阴道分娩条件者
E. 胎膜早破>12小时
【单选题】
关于子宫的描述,下列错误的是___
A. 成人子宫重约50g
B. 成年妇女子宫体与子宫颈之比为2:1
C. 子宫体壁由内膜层、肌层、浆膜层组成
D. 子宫峡部指的是宫腔与宫颈管之间最狭窄的部位
E. 宫颈内口为宫颈癌的好发部位
【单选题】
关于新生儿抚触,正确的叙述是___
A. 可在出生后12小时开始
B. 可在新生儿沐浴过程中进行
C. 每次抚触的时间一般20~30分钟
D. 抚触室温度应在28%以上
E. 抚触部位是新生儿胸部和腹部,不包括头面部
【单选题】
诊断早孕最可靠的依据是___
A. 基础体温曲线高温相已18天
B. 尿妊娠试验呈阳性
C. 黄体酮试验无阴道出血
D. 双合诊发现子宫增大而软
E. B超检查发现是圆形光环,内为液性暗区
【单选题】
患者表现一般体力活动稍受限,活动后心悸、轻度气短,休息时无症状者属心功能几级___
A. Ⅰ级
B. Ⅱ级
C. Ⅲ级
D. Ⅳ级
E. V级
【单选题】
下列关于臀位阴道分娩时的注意事项,哪项是错误的___
A. 临产后卧床休息
B. 少做肛门检查
C. 破膜后 ,立即听胎心音
D. 阴道口见胎足,为子宫颈口开全
E. 勿灌肠
【单选题】
在孕妇腹壁上听诊,除听到胎心外,还可听到___
A. 腹主动脉音
B. 脐带杂音
C. 子宫杂音
D. 胎动杂音
E. 羊水流动音
【单选题】
赵女士在妇科检查中发现宫颈重度糜烂,宫颈刮片细胞学检查为巴氏Ⅲ级。提示___
A. 正常
B. 炎症
C. 可疑癌变
D. 高度可疑癌变
E. 肿瘤
【单选题】
关于蜕膜的概念,正确的是___
A. 为孕卵着床后的子宫内膜
B. 覆盖在囊胚上面的蜕膜称为真蜕膜
C. 与极滋养层接触的蜕膜称为包蜕膜
D. 除真蜕膜、包蜕膜外覆盖在子宫腔内的蜕膜为底蜕膜
E. D.除真蜕膜、包蜕膜外覆盖在子宫腔内的蜕膜为底蜕膜
【单选题】
产后出血是指___
A. 胎儿娩出后2小时内阴道出血量超过500ml
B. 胎儿娩出后24小时内阴道出血量超过500ml
C. 胎盘娩出后2小时内阴道出血量超过500ml
D. 胎盘娩出后24小时内阴道出血量超过500ml
E. 产后阴道出血量超过500ml
【单选题】
ABO血型不合主要发生在___
A. 孕母B型,丈夫A型、B型、AB型
B. 孕母A型,丈夫A型、B型、AB型
C. 孕母O型,丈夫A型
D. 孕母0型,丈夫AB型
E. 孕母O型,丈夫A型、B型、AB型
【单选题】
子宫收缩起始于两侧宫角部,迅速向子宫底中线集中,再向子宫下段扩散,并均匀协调地遍及整个子宫。这个特性称为子宫收缩的___
A. 极性
B. 节律性
C. 对称性
D. 缩复性
E. 间歇性
【单选题】
产后坐浴何时开始___
A. 产后7天
B. 产后6天
C. 产后5天
D. 产后4天
E. 产后3天
【单选题】
产妇孙某,自然分娩,产后2小时观察内容不包括___
A. 血压及脉搏
B. 子宫收缩情况
C. 阴道流血量
D. 乳汁分泌情况
E. 膀胱充盈情况
【单选题】
患者,女,26岁,G2PO,孕24周,发热伴恶心、呕吐、下腹痛10小时而入院。入院后诊断为妊娠合并急性阑尾炎。对于该患者首选的治疗方案是___
A. 立即手术治疗切除阑尾,术后抗感染、保胎治疗
B. 首选广谱抗生素保守治疗,同时加用抑制宫缩的药物,尽可能不手术治疗、
C. 首选广谱抗生素保守治疗,数天后切除阑尾,术后保胎治疗
D. 立即行引产,然后行阑尾切除术
E. 立即行阑尾切除术,然后行引产
【单选题】
关于臀位四步触诊检查的说法,正确的是___
A. 子宫呈横椭圆形
B. 胎体纵轴与母体纵轴不一致
C. 子宫底部可触到圆而软的胎臀
D. 第三步触诊时可触及浮球感
E. 触诊不能确定时,可进行肛查协助诊断
【单选题】
子宫内膜癌首选的治疗方法是___
A. 化疗
B. 手术治疗
C. 放射治疗
D. 内分泌治疗
E. 免疫治疗
【单选题】
关于先兆流产的处理,下列叙述错误的是___
A. 先兆流产孕妇禁止肥皂水灌肠
B. 必要时给予先兆流产孕妇对胎儿无害的镇静剂
C. 孕妇黄体功能不足引起先兆流产要保胎治疗
D. 尽量保胎,使胎儿继续成长
E. 先兆流产孕妇禁止性生活
【单选题】
阴道灌洗液的最佳温度是___
A. 31~33℃
B. 34~36℃
C. 40~41℃
D. 44~46℃
E. 47~49℃
【单选题】
下列哪项与骨盆分界有关___
A. 坐骨结节
B. 坐骨棘
C. 骶岬
D. 耻骨降支
E. 骶尾关节
【单选题】
妊娠早期的黑加征是指___
A. 子宫增大变软
B. 子宫峡部极软,子宫颈和子宫体似不相连
C. 子宫前后径变宽,略饱满呈球形
D. 双合诊时感到子宫半侧较另半侧隆起
E. 双合诊时子宫呈前屈位或后屈位
【单选题】
下列哪项提示妊娠合并乙肝病毒感染___
A. 血清谷丙转氨酶升高
B. 皮肤黄疸及瘙痒
C. 血清HBsAg阳性
D. 血中尿酸、尿素氮升高
E. 出现腹胀、恶心及剧烈呕吐
【单选题】
第三产程对胎盘、胎膜的检查,下列错误的是___
A. 平铺胎盘,看胎盘母体面小叶有无缺损
B. 提起胎盘,看胎膜是否完整
C. 胎儿面边缘有无断裂的血管
D. 疑有少许小块胎膜残留,应手入宫腔取出
E. 疑有副胎盘或部分胎盘残留可手入宫腔取出
【单选题】
有关子宫内膜异位症的描述,下列错误的是___
A. 指子宫内膜异位到子宫以外的部位
B. 指有活动功能的子宫内膜组织出现于子宫腔内壁以外的部位
C. 近年,子宫内膜异位症的发病率明显上升
D. 此病多见于生育年龄妇女
E. 是近年常见的妇科疾病之一
【单选题】
后穹窿穿刺下列哪项是对的___
A. 仰卧位,用4号针头
B. 坐卧位,用5号针头
C. 膀胱截石位,使用9号针头
D. 侧卧位,用12号针头
E. 随意卧位,几号针头都可以
【单选题】
慢性盆腔炎的病变主要存在于___
A. 输卵管及卵巢
B. 子宫肌层及输卵管
C. 盆腔结缔组织、盆腔腹膜
D. 宫旁结缔组织、卵巢及输卵管
E. 子宫颈管及子宫内膜
【单选题】
妊娠高血压综合征基本病理改变是___
A. 肾小球滤过率降低
B. 全身小动脉痉挛
C. 胎盘绒毛退行性变
D. 水钠潴留
E. 弥散性血管内凝血
【单选题】
新生儿Apgar评分的五项依据是___
A. 心率、呼吸、体重、哭声、皮肤颜色
B. 心率、呼吸、脐血管充盈度、羊水性状、皮肤颜
C. 心率、呼吸、肌张力、皮肤颜色、喉反射
D. 心率、呼吸、喉反射、哭声、脐血管充盈度
E. 心率、呼吸、喉反射、皮肤颜色、哭声
【单选题】
产后检查的时间一般为产后多少周携带孩子去分娩的医院检查___
A. 2周
B. 4周
C. 6周
D. 8周
E. 10周
【单选题】
绒毛膜促性腺激素(HCG)妊娠期间分泌量达高峰的时间是___
A. 妊娠5~7周
B. 妊娠8~10周
C. 妊娠11~13周
D. 妊娠14~16周
E. 妊娠17~19周
【单选题】
关于女性生殖器宫的自然防御功能,下列说法中正确的是___
A. 宫颈阴道部的柱状上皮抗感染能力强
B. 妊娠期女性生殖器宫自然防御能力增强
C. 阴道自净作用可抑制嗜酸性病原体的生长
D. 宫颈可分泌碱性黏液
E. 正常女性阴道pH值一般为2.8~3.4
【单选题】
妊娠期母体变化,以下哪项不正确___
A. 妊娠32~34周血容量增加达高峰
B. 妊娠晚期易发生外阴及下肢静脉曲张
C. 子宫峡部在妊娠后期形成子宫下段
D. 妊娠末期孕妇血液处于低凝状态
E. 妊娠后卵巢不排卵