【单选题】
Which statement about zone-based firewall configuration is true?___
A. You can assign an interface to more than one zone
B. Traffic is implicitly denied by de fault between interfaces in the same zone
C. The zone must be configured before it can be a ssigned
D. Traffic that is destined to or sourced from the Self zone is de nied by default
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Refer to the exhibit line in this configuration prevents the help Desk user from modifying the interface configuration.___
A. Privilege exec level 10 interface
B. Privilege exec level 9 configure terminal
C. Privilege exec level 7 show start-up
D. Username HelpDesk privilege 6 password help
【单选题】
You have been tasked with blocking user access to websites that violate company policy, but the sites use dynamic IP addresses. What is the best practice for URl filtering to solve the problem?___
A. Enable URL filtering and use URL categorization to block the we bsites that violate company
B. Enable URL filtering and create a blacklist to block the websites that violate company policy
C. Enable URL filtering and create a whitelist to block the websites that violate company policy
D.
E. nable URL filtering and use URL categorization to allow only the websites that company policy allows users to access.
【单选题】
Within an 802. 1x-enabled network with the auth Fail feature configured, when does a switch port get placed into a restricted VLAN?___
A. When a conected client fails to authenticate after a certain number of attempts.
B. if a connected client does not support 802. 1x
C. when AAA new-model is ena bled
D. after a connected client exceeds a specified idle time
E. when 802. 1x is not globally enabled on the Cisco Catalyst switch
【单选题】
Which type of attack does a proxy firewall protect against ?___
A. cross-site scripting attack
B. worm traffic
C. port scanning
D. DDoS attacks
【单选题】
When an administrator initiates a device wipe command from the ISE, what is the immediate effect?___
A. It requests the administrator to choose between erasing all device data or only managed corporate data.
B. It requests the administrator to enter the device pin or password before proceeding with the operation
C. It notifies the device user and proceeds with the erase operation
D. It immediately erases all data on the device
【单选题】
What is a valid implicit permit rule for traffic that is traversing the ASa firewall?___
A. ARPs in both directions are permitted in transparent mode only
B. Unicast IPv4 traffic from a higher security interface to a lower security interface is permittee in routed mode only.
C. Unicast IPv6 traffic from a higher security interface to a lower security interface is permitted in transparent mode only.
D. Only BPDUs from a higher security interface to a lower secur ity interface are permitted in transparent mode.
E. Only BPDUs from a higher security interface to a lower secur ity interface are permitted in routed mode
【单选题】
A specific URL has been identified as containing malware. What action can you take to block users from accidentally visiting the URl and becoming infected with malware ?___
A. Enable URL filtering on the perimeter router and add the URls you want to block to the router's local URL list
B. Enable URL filtering on the perimeter firewall and add the URls you want to allow to the router's local URL list.
C. Enable URL filtering on the perimeter router and add the URls you want to allow to the firewall's local URL list
D. Create a blacklist that contains the URl you want to block and activate the blacklist on the perimeter rout
E. Create a whitelist that contains the URLs you want to allow and activate the whitelist on the perimeter router.
【单选题】
How does PEAP protect the EAP exchange ?___
A. It encrypts the exchange using the server certificate
B. It encrypts the exchange using the client certificate
C. It validates the server-supplied certificate,and then encrypts the exchange using the client certificate
D. It validates the client-supplied certificate,and then encrypts the excha nge using the server certificate
【单选题】
Which feature of the Cisco Email Security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attacks?___
A. contextual analysis
B. holistic understanding of threats
C. graymail management and filtering
D. signature-based IPS
【单选题】
Refer to the exhibit【nat (inside,outside)dunamic interface】 Which translation technique does this configuration result in?___
A. DynamIc PAT
B. Dynamic NAT
C. Twice NAT
D. Static NAT
【单选题】
Refer to the exhibit which are repre sents the data center?___
【单选题】
While trouble shooting site-to-site VPN, you issued the show crypto isakmp sa command. What does the given output show?___
A. IKE Phase 1 main mode was created on 10.1.1.5, but it failed to negotiate with 10.10 10.2
B. IKE Phase 1 main mode has successfully negotiated between 10.1.1.5 and 10.10..
C. IKE Phase 1 aggressive mode was created on 10.1.1.5, but it failed to negotiate with
【单选题】
Refer to the exhibit All ports on switch 1 have a primary vLan of 300 Which devices can host 1 reach?___
A. host 2
B. server
C. host 4
D. other devices within VLAN303
【单选题】
Which option is the cloud-based security service from Cisco the provides URL filtering, web browsing content security, and roaming user protection?___
A. Cloud Web service
B. Cloud Advanced Malware Protection
C. Cloud We b Security
D. Cloud Web Protection
【单选题】
How can you detect a false negative on an IPS?___
A. View the alert on the ips
B. Review the ips log
C. Review the is console
D. Use a third- party system to perform penetration testing.
E. Use a third- party to audit the next generation firewall rules
【单选题】
If a switch port goes directly into a blocked state only when a superior BPDU is received, what mechanism must be in use?___
A. STP BPDU guard
B. Loop guard
C. EtherChannel guard
D. STP Root guard
【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
推荐试题
【单选题】
诊卵巢肿瘤患者,解决预感性悲哀较有效的护理措施是___
A. 协助病人接受各种检查和治疗
B. 鼓励家属参与照顾患者
C. 为病人讲解相关知识,使患者感受到切实的关心和帮助
D. 督促、协助患者克服实际困难,努力完成治疗计划
E. 严密观察、记录患者的生命体征变化
【单选题】
患者,男性,26岁,劳动中突然发生剧烈头痛,呕吐和意识不清,以蛛网膜下腔出血入院。护士体检中发现颈抵抗、颏胸距4横指,表示病人存在___
A. 浅反射迟钝
B. 病理反射
C. 颈项强直
D. 深反射亢进
E. 深反射迟钝
【单选题】
不常用于麻疹患者的检查是___
A. 鼻咽分泌物涂片
B. 痰涂片
C. 尿沉渣涂片
D. 血清特异性IgM抗体
E. 脑脊液检查
【单选题】
最能提示右心衰竭的表现是___
A. 水冲脉
B. 左心室增大
C. 肺型P波
D. 肝颈静脉回流征阳性
E. 舒张期奔马律
【单选题】
肝硬化并发上消化道出血宜___
A. 绝对卧床休息
B. 术后病情稳定
C. 随时观察
D. 肺结核恢复期
E. 术前准备阶段
【单选题】
不属于卵巢黄素囊肿的特点的是___
A. 多为双侧
B. 偶可发生急性扭转
C. 囊肿壁厚
D. 由HCG刺激产生
E. 多见于葡萄胎或绒毛膜癌
【单选题】
患者,女性,57岁,可疑急性脓胸,明确诊断的支持点是___
A. 血常规检查白细胞计数升高
B. B超显示胸腔积液
C. 乏力、高热
D. X线片示大片浓密阴影
E. 胸腔抽出脓液
【单选题】
患者,女性,31岁,已婚,既往月经规律,因月经过期10天而就诊,确诊妊娠最有意义的检查是___
A. 阴道超声
B. 免疫法测定HCG(人绒毛膜促性腺激素)
C. 测宫底高度
D. 妇科体检
E. 宫颈黏液涂片镜检
【单选题】
炎症中都有外阴瘙痒症状,下列不正确的是___
A. 外阴炎
B. 前庭大腺炎
C. 滴虫阴道炎
D. 外阴阴道假丝酵母菌病
E. 老年性阴道炎
【单选题】
蜡样管型提示___
A. 慢性肾炎
B. 膀胱结石
C. 急性肾炎
D. 肾衰竭
E. 慢性肾盂肾炎
【单选题】
健康儿童的脑脊液检查正常的一项是___
A. 脑脊液压力为50mmHO
B. 蛋白质总量为0.3g/L
C. 糖为5.0mmol/L
D. 氯化物为135mmol/L
E. 脑脊液总量为200ml
【单选题】
4个月女婴,腹泻4天,每日10余次蛋汤样便。查体:前囟、眼窝凹陷明显,皮肤弹性差.四肢凉,血钠110mmol/L,应输入的溶液张力为___
A. 1/3张含钠溶液
B. 1/2张含钠溶液
C. 1/4张含钠溶液
D. 1/5张含钠溶液
E. 等张溶液
【单选题】
肺炎心衰患儿在静脉输液时应特别注意___
A. 输液速度不可过快
B. 输液时间不可过长
C. 液体张力不可过低
D. 液体应注意加温
E. 输液量要大
【单选题】
颅内无明显器质性改变的是___
A. 脑积水
B. 硬脑膜外血肿
C. 蛛网膜下出血
D. 脑脓肿
E. 脑震荡
【单选题】
支气管哮喘患者,当哮喘长期反复发作时最常出现的并发症是___
A. 上呼吸道感染
B. 阻塞性肺气肿
C. 自发性气胸
D. 慢性呼吸衰竭
E. 肺源性心脏病
【单选题】
患者,女性,37岁,局麻下行腹壁脂肪瘤手术,手术开始9分钟,患者出现紧张不安,呼吸、心率加快,血压增高,抽搐等,考虑可能是局麻药中毒,首要的处理措施是___
A. 注射普萘洛尔
B. 注射硫喷妥钠
C. 注射阿托品
D. 停用局麻药
E. 人工辅助通气
【单选题】
男性,因3小时前呕鲜红色血800ml而急诊入院,既往有肝硬化史。查体;血压135/60mmHg,心率122次/分钟。下列对患者采取的护理措施不正确的是___
A. 去枕平卧,头偏向一侧
B. 密切观察生命体征及神志变化
C. 给予流质饮食
D. 立即建立静脉通道
E. 备好三腔气囊管备用
【单选题】
胎盘早剥隐性出血可靠的辅助检查是___
A. B超
B. 腹部有点疼痛
C. 宫体某一点或全部有压痛
D. 破膜有血性羊水
E. 胎儿有异常心律
【单选题】
对长期卧床的慢性心力衰竭患者,鼓励进行床上下肢活动的最重要目的是___
A. 防止下肢静脉血栓形成
B. 减少回心血量
C. 保持关节活动度
D. 增加机体的耐受力
E. 防止失用性肌萎缩
【单选题】
阵发性室性心动过速常见于___
A. 心肌梗死患者
B. 高血压患者
C. 肺源性心脏病患者
D. 病毒性心肌炎患者
E. 二尖瓣关闭不全患者
【单选题】
患者患心脏病,现妊娠16周,突然出现急性心力衰竭,应给的氧流量是___
A. 高流量加压给氧
B. 低流量加压给氧
C. 低流量吸氧
D. 高流量吸氧
E. 持续低流量吸氧
【单选题】
稽留流产是指___
A. 胚胎停止发育,尚未自然排出
B. 胚胎停止发育2周以上,尚未自然排出
C. 胚胎停止发育4周以上,尚未自然排出
D. 胚胎停止发育8周以上,尚未自然排出
E. 胚胎停止发育10周以上,尚未自然排出
【单选题】
急性血源性骨髓炎最常见的致病菌是___
A. 白色葡萄球菌
B. 乙型链球菌
C. 金黄色葡萄球菌
D. 大肠杆菌
E. 肺炎双球菌
【单选题】
女婴,8个月,近2个月来因肤色苍白,食欲减退入院。出生后一直人工喂养,未加辅食。体检:营养差,皮肤、黏膜苍白,心前区有Ⅱ级收缩期杂音,肝肋下3.4cm,脾肋下1.3cm。化验:血红蛋白及红细胞均低于正常,白细胞、血小板及网织红细胞均正常。最适宜的治疗方案是___
A. 给予含铁丰富饮食
B. 口服铁剂及维生素
C. 少量输注浓集红细胞
D. 卧床休息,口服铁剂
E. 铁剂肌内注射
【单选题】
急性心肌梗死患者的护理措施中,下列正确的是___
A. 鼓励病人大量进食
B. 尽量避免搬运
C. 增加探望,提高病人恢复疾病的信心
D. 静脉输液速度宜快
E. 如有便秘立即灌肠
【单选题】
有关妊高征的分类,下述不正确的是___
A. 分为轻、中、重度
B. 轻度血压<130/90mmhg,可伴轻度蛋白尿和(或)水肿
C. 中度血压<160/110mmhg,尿蛋白(+)
D. 重度血压>160/110mmhg,尿蛋白(++)~(+++)
E. 血压升高以舒张压为主
【单选题】
婴儿期预防接种疫苗正确的是___
A. 24小时内接种卡介苗
B. 1个月首次接种乙肝疫苗
C. 3个月首次口服脊髓灰质炎减毒活疫苗糖丸
D. 2个月接种麻疹减毒活疫苗
E. 3个月首次接种百白破混合制剂
【单选题】
乳房后脓肿切开术的切口位置应在___
A. 沿乳晕做环形切口
B. 沿乳房下皱褶处弧形切口
C. 乳房两侧对应切口
D. 在乳房中部楔形切口
E. 腋窝切口
【单选题】
下面右上胸叩诊可呈实音的为___
A. 肺气肿
B. 肺部炎症
C. 胸腔积液
D. 支气管扩张
E. 正常
【单选题】
呼吸衰竭患者症状和体征中最早、最突出的是___
A. 躁狂
B. 呼吸困难
C. 血压下降
D. 心律失常
E. 肝肾功能损害
【单选题】
下列食物中含铁最少的食物是___
A. 奶类
B. 鸡血
C. 木耳
D. 蛋黄
E. 猪肝
【单选题】
协调性子宫收缩乏力正确的是___
A. 子宫收缩有正常节律性、极性及对称性,仅收缩力弱
B. 产妇自觉持续性腹痛,无间歇
C. 对胎儿影响严重
D. 不宜静脉滴注缩宫素
E. 结束分娩后不需观察会阴垫的出血量
【单选题】
阴道侧壁刮片法,在阴道刮取分泌物的部位是___
A. 前壁1/3处
B. 侧壁1/3处
C. 侧壁1/2处
D. 后壁1/2处
E. 前壁1/2处
【单选题】
绒毛膜癌的病理改变正确的是___
A. 增生的滋养细胞未侵及子宫肌层
B. 不伴有远处转移
C. 不伴有滋养细胞出血、坏死
D. 滋养细胞增生规则
E. 绒毛结构消失
【单选题】
洋地黄的中毒症状不包括___
A. 食欲下降
B. 视物模糊
C. 激惹、惊厥
D. 心律失常
E. 头晕、嗜睡
【单选题】
下面属于肝癌患者首发症状是___
A. 腹水
B. 恶心呕吐
C. 肝区疼痛
D. 黄疸
E. 腹壁静脉曲张
【单选题】
见于风湿热的复发病例的常见症状是___
A. 心肌炎
B. 关节炎
C. 舞蹈症
D. 皮下结节
E. 环行红斑
【单选题】
患者男性,40岁。上唇疖3日,病人应特别警惕发生___
A. 高热
B. 疖引起多发脓肿
C. 败血症
D. 化脓性海绵状静脉窦炎
E. 痈
【单选题】
慢性阻塞性肺气肿患者长期氧疗,每日持续吸氧时间应超过___
A. 7小时
B. 9小时
C. 10小时
D. 12小时
E. 15小时
【单选题】
预防肾盂肾炎最关键的措施是___
A. 保持外阴清洁
B. 隔天1次抗生素
C. 多补充维生素
D. 每天尿道口消毒
E. 定期检查
