【单选题】
Refer to the exhibit line in this configuration prevents the help Desk user from modifying the interface configuration.___
A. Privilege exec level 10 interface
B. Privilege exec level 9 configure terminal
C. Privilege exec level 7 show start-up
D. Username HelpDesk privilege 6 password help
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
You have been tasked with blocking user access to websites that violate company policy, but the sites use dynamic IP addresses. What is the best practice for URl filtering to solve the problem?___
A. Enable URL filtering and use URL categorization to block the we bsites that violate company
B. Enable URL filtering and create a blacklist to block the websites that violate company policy
C. Enable URL filtering and create a whitelist to block the websites that violate company policy
D.
E. nable URL filtering and use URL categorization to allow only the websites that company policy allows users to access.
【单选题】
Within an 802. 1x-enabled network with the auth Fail feature configured, when does a switch port get placed into a restricted VLAN?___
A. When a conected client fails to authenticate after a certain number of attempts.
B. if a connected client does not support 802. 1x
C. when AAA new-model is ena bled
D. after a connected client exceeds a specified idle time
E. when 802. 1x is not globally enabled on the Cisco Catalyst switch
【单选题】
Which type of attack does a proxy firewall protect against ?___
A. cross-site scripting attack
B. worm traffic
C. port scanning
D. DDoS attacks
【单选题】
When an administrator initiates a device wipe command from the ISE, what is the immediate effect?___
A. It requests the administrator to choose between erasing all device data or only managed corporate data.
B. It requests the administrator to enter the device pin or password before proceeding with the operation
C. It notifies the device user and proceeds with the erase operation
D. It immediately erases all data on the device
【单选题】
What is a valid implicit permit rule for traffic that is traversing the ASa firewall?___
A. ARPs in both directions are permitted in transparent mode only
B. Unicast IPv4 traffic from a higher security interface to a lower security interface is permittee in routed mode only.
C. Unicast IPv6 traffic from a higher security interface to a lower security interface is permitted in transparent mode only.
D. Only BPDUs from a higher security interface to a lower secur ity interface are permitted in transparent mode.
E. Only BPDUs from a higher security interface to a lower secur ity interface are permitted in routed mode
【单选题】
A specific URL has been identified as containing malware. What action can you take to block users from accidentally visiting the URl and becoming infected with malware ?___
A. Enable URL filtering on the perimeter router and add the URls you want to block to the router's local URL list
B. Enable URL filtering on the perimeter firewall and add the URls you want to allow to the router's local URL list.
C. Enable URL filtering on the perimeter router and add the URls you want to allow to the firewall's local URL list
D. Create a blacklist that contains the URl you want to block and activate the blacklist on the perimeter rout
E. Create a whitelist that contains the URLs you want to allow and activate the whitelist on the perimeter router.
【单选题】
How does PEAP protect the EAP exchange ?___
A. It encrypts the exchange using the server certificate
B. It encrypts the exchange using the client certificate
C. It validates the server-supplied certificate,and then encrypts the exchange using the client certificate
D. It validates the client-supplied certificate,and then encrypts the excha nge using the server certificate
【单选题】
Which feature of the Cisco Email Security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attacks?___
A. contextual analysis
B. holistic understanding of threats
C. graymail management and filtering
D. signature-based IPS
【单选题】
Refer to the exhibit【nat (inside,outside)dunamic interface】 Which translation technique does this configuration result in?___
A. DynamIc PAT
B. Dynamic NAT
C. Twice NAT
D. Static NAT
【单选题】
Refer to the exhibit which are repre sents the data center?___
【单选题】
While trouble shooting site-to-site VPN, you issued the show crypto isakmp sa command. What does the given output show?___
A. IKE Phase 1 main mode was created on 10.1.1.5, but it failed to negotiate with 10.10 10.2
B. IKE Phase 1 main mode has successfully negotiated between 10.1.1.5 and 10.10..
C. IKE Phase 1 aggressive mode was created on 10.1.1.5, but it failed to negotiate with
【单选题】
Refer to the exhibit All ports on switch 1 have a primary vLan of 300 Which devices can host 1 reach?___
A. host 2
B. server
C. host 4
D. other devices within VLAN303
【单选题】
Which option is the cloud-based security service from Cisco the provides URL filtering, web browsing content security, and roaming user protection?___
A. Cloud Web service
B. Cloud Advanced Malware Protection
C. Cloud We b Security
D. Cloud Web Protection
【单选题】
How can you detect a false negative on an IPS?___
A. View the alert on the ips
B. Review the ips log
C. Review the is console
D. Use a third- party system to perform penetration testing.
E. Use a third- party to audit the next generation firewall rules
【单选题】
If a switch port goes directly into a blocked state only when a superior BPDU is received, what mechanism must be in use?___
A. STP BPDU guard
B. Loop guard
C. EtherChannel guard
D. STP Root guard
【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
推荐试题
【多选题】
《治安管理处罚法》一方面规范、引导社会成员的行为,使人人懂法、守法,既实现自身的合法权益和自由,又不对他人的合法权益和自由造成侵害;另一方面规范、指导公安机关和人民警察的执法行为,有效惩治违法行为的同时充分保障人权。该法的立法宗旨___
A. 维护社会秩序
B. 保护公民、法人和其他组织合法权益
C. 规范和保障公安机关及其人民警察依法履行治安管理职责
D. 保障公共安全
【多选题】
法治思维方式的基本特征___
A. 法律至上
B. 权力制约
C. 人权保障
D. 正当程序
【多选题】
权利与权力的关系___
A. 权力来源于权利
B. 权力服务于权利
C. 权力应当以权利为界限
D. 权力必须受到权利的制约
【多选题】
3,依法治国,就是以宪法和法律作为党领导人民治理国家的基本方略,主要包括四项基本要求___
A. 科学立法
B. 严格执法
C. 公正司法
D. 全民守法
【多选题】
自觉树立社会主义法治理念,应认识和把握好以下几方面的关系___
A. 社会主义法治理念和中国传统法律思想的关系
B. 社会主义法治理念与资本主义法治思想的关系
C. 党的领导与依法治国的关系
D. 服务大局与依法治国的关系
【多选题】
社会主义民主与社会主义法治之间的关系表现在___
A. 社会主义民主是社会主义法治的基础
B. 社会主义民主是社会主义法治的的体现和保障
C. 社会主义法治是社会主义民主的基础
D. 社会主义法治是社会主义民主的体现和保障
【多选题】
社会主义民主法治是人类历史上最高类型的民主法治。下列对民主法治分析正确的有___
A. 为了实现社会主义现代化必须发扬社会主义民主和加强社会主义法治
B. 没有民主法治就没有社会主义
C. 社会主义民主法治属于社会主义政治文明范畴
D. 没有民主法治就没有社会主义的现代化
【多选题】
依法治国的根本要求是___
A. 有法可依
B. 有法必依
C. 执法必严
D. 违法必究
【多选题】
从法律的历史和实践来看,法律权利与法律义务之间存在着多方面的复杂关系。一般来说,可以把法律权利与法律义务的关系概括为___
A. 结构上的相关关系
B. 总量上的等值关系
C. 功能上的互补关系
D. 法条上的等量关系
【多选题】
追求公平正义一直被认为是法律的主要价值目标。从法律运行环节来看,法律公正包括___
A. 实体公正
B. 程序公正
C. 立法公正
D. 执法公正
【多选题】
执法公正的要求主要包括___
A. 坚持公平正义原则
B. 坚持合法合理原则
C. 坚持及时高效原则
D. 坚持程序公正原则
【多选题】
权力制约原则可以概括为___
A. 职权由法定
B. 有权必有责
C. 用权受监督
D. 违法受追究
【多选题】
培养法治思维方式的途径有___
A. 学习法律知识
B. 掌握法律方法
C. 参与法律实践
D. 学习儒家文化
【多选题】
保障法律的至上地位要做到___
A. 推进依法执政
B. 提高立法质量
C. 严格规范执法
D. 提升司法公信力
【多选题】
自觉树立社会主义法治理念,应认识和把握好以下几个方面的关系___
A. 社会主义法治理念与中国传统法律思想的关系
B. ,社会主义法治理念与资本主义法治思想的关系
C. 党的领导与依法治国的关系
D. 服务大局与依法治国的关系
【多选题】
法律区别于道德规范.宗教规范.风俗习惯.社会礼仪.职业规范等其他社会规范的首要之处在于,它是由国家创制并保证实施的行为规范。国家创制法律规范的方式主要有___
【多选题】
宪法规定:“中华人民共和国公民在法律面前一律平等。”法律面前一律平等包括___
A. 公民在守法上一律平等
B. 公民在执法上一律平等
C. 公民在运用法律上一律平等
D. 公民在适用法律上一律平等
【多选题】
追求公平正义一直被认为是法律的主要价值目标。从法律运行环节来看,法律公正包括___
A. 实体公正
B. 程序公正
C. 立法公正
D. 执法公正
【多选题】
执法公正的要求主要包括___
A. 坚持公平正义原则
B. 坚持合法合理原则
C. 坚持及时高效原则
D. 坚持程序公正原则
【多选题】
一般来说,证据就是以法律规定的形式表现出来的.能够证明案件真实情况的事实。法律上的证据不同于一般的事实。证据具有___
A. 公开性
B. 合法性
C. 客观性
D. 关联性
【判断题】
思想道德修养与法律基础课就是传授道德知识和法律知识的课程
【判断题】
在人的素质中,思想道德素质起着主导作用
【判断题】
学习和实践社会主义荣辱观,是大学生提高思想道德素质和法律素质的基本要求
【判断题】
在今天,立志做大事就是献身于中国特色社会主义伟大事业
【判断题】
军事实力固然重要,但当今国际竞争是以经济和科技为基础的综合国力竞争
【判断题】
荣和辱从来就是法律规范的基本要求,也是道德规范的基本要求
【判断题】
提高思想道德素质和法律素质,最根本的是要学习和践行社会主义荣辱观
【判断题】
知行统一是和道德人格紧密结合在一起的,一个人能否做到言行一致,是他立身处世的基础
【判断题】
德才兼备是衡量大学生全面发展的一个重要标准
【判断题】
学习思想道德修养课不仅要注重理论学习,更要加强实践锻炼
【判断题】
在人的素质中,思想道德素质起着主导作用
【判断题】
道德是一种外在规范,品德是一种内在规范
【判断题】
德是人才素质的基础,体是人才素质的重要内容,智是人才素质的灵魂,美是人才素质的条件
【判断题】
养成优良的学风,包括:“勤奋”、“严谨”、“求实”、“创新”四个方面
【判断题】
理想是一定社会关系的产物,它必然带着特定历史时代的烙印,在阶级社会中,还必然带着特定阶级的烙印
